Psychoman
08-12-2004, 12:13 AM
Hi, I don't know if this is the best way to do what I am trying to do, but here's what I got.
I am trying to allow registered users upload files to my uploads directory, now this works fine as I have CHMODed the folder to allow this to happen. The uploads are registered so that I can keep track of who uploaded what file and to avoid accidentally overwritting a file, or if there is already a file there that has that name and does not belong to the user. My problem is that everything works, except for when I want to allow the overwrite to occur.
Here is the script that uploads the file to the temporary directory defined by php.ini on the server.
<form enctype="multipart/form-data" action="<? $PHP_SELF ?>" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="1000000" />
Choose a file to upload: <input name="userfile" type="file" />
<br>
<div align="center"><input type="submit" name="upload" value="Upload File" />
<input type="submit" name="cancel" value="Cancel" /></div>
</form>
This is the code that checks to see if the database has any record of a previous file.
if ($upload || $overwrite){
$uploadDir = 'uploads/';
$uploadFile = $uploadDir . $_FILES['userfile']['name'];
$sql_file_check = mysql_query("SELECT * FROM customer_files WHERE filename='$uploadFile'");
$file_check = mysql_num_rows($sql_file_check);
if (!$overwrite){
if($file_check > 0){
$error = TRUE;
if ($myrow = mysql_fetch_array($sql_file_check)) {
$idcheck = ($myrow["cuid"]);
if ($idcheck == $cuid){
$error2 = TRUE;
unset($error);
$filename = $_FILES['userfile']['name'];
echo '<div align="center" class="alert"> You have already uploaded a file named '.$filename.' Do you wish to overwrite it?</div>';?>
<blockquote>
<form action="<? $PHP_SELF ?>" method="post">
<div align="center">
<input type="submit" name="overwrite" value="Overwrite File" />
<input type="submit" name="cancel2" value="Choose A Diffrent File" /></div>
</form>
</blockquote>
<?
} else {
$filename = $_FILES['userfile']['name'];
echo '<div align="center" class="alert"> There is already an uploaded file named '.$filename.', however you may not overwrite it. Please rename your file and try again.</div>';
}
}
}
}
And here is the one that would move the file from the temp dir to the uploads folder if allowed to do so.
if (!$error && !$error2 || $overwrite){
print "<pre>";
/////////////////////////////////////////
unlink($filename); // Edited Here
/////////////////////////////////////////
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadFile))
{
$host = gethostbyaddr($REMOTE_ADDR);
$date = date("F dS, Y h:i:s A");
$sql = "INSERT INTO customer_files (cuid,filename,date,ip,host) VALUES ('$cuid','$uploadFile','$date','$REMOTE_ADDR','$host')";
$result = mysql_query($sql);
echo '<div align="center" class="alert">File was valid, and was uploaded successfully.</div>';
}
else
{
echo '<div align="center" class="text" class="alert">There Was An Error Processing Your Request. Please Try Again</div>';
}
print "</pre>";
}
}
thank you for your help, hope you can follow it allow well enough, but I understand it is a bit hard to follow.
Ray
I am trying to allow registered users upload files to my uploads directory, now this works fine as I have CHMODed the folder to allow this to happen. The uploads are registered so that I can keep track of who uploaded what file and to avoid accidentally overwritting a file, or if there is already a file there that has that name and does not belong to the user. My problem is that everything works, except for when I want to allow the overwrite to occur.
Here is the script that uploads the file to the temporary directory defined by php.ini on the server.
<form enctype="multipart/form-data" action="<? $PHP_SELF ?>" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="1000000" />
Choose a file to upload: <input name="userfile" type="file" />
<br>
<div align="center"><input type="submit" name="upload" value="Upload File" />
<input type="submit" name="cancel" value="Cancel" /></div>
</form>
This is the code that checks to see if the database has any record of a previous file.
if ($upload || $overwrite){
$uploadDir = 'uploads/';
$uploadFile = $uploadDir . $_FILES['userfile']['name'];
$sql_file_check = mysql_query("SELECT * FROM customer_files WHERE filename='$uploadFile'");
$file_check = mysql_num_rows($sql_file_check);
if (!$overwrite){
if($file_check > 0){
$error = TRUE;
if ($myrow = mysql_fetch_array($sql_file_check)) {
$idcheck = ($myrow["cuid"]);
if ($idcheck == $cuid){
$error2 = TRUE;
unset($error);
$filename = $_FILES['userfile']['name'];
echo '<div align="center" class="alert"> You have already uploaded a file named '.$filename.' Do you wish to overwrite it?</div>';?>
<blockquote>
<form action="<? $PHP_SELF ?>" method="post">
<div align="center">
<input type="submit" name="overwrite" value="Overwrite File" />
<input type="submit" name="cancel2" value="Choose A Diffrent File" /></div>
</form>
</blockquote>
<?
} else {
$filename = $_FILES['userfile']['name'];
echo '<div align="center" class="alert"> There is already an uploaded file named '.$filename.', however you may not overwrite it. Please rename your file and try again.</div>';
}
}
}
}
And here is the one that would move the file from the temp dir to the uploads folder if allowed to do so.
if (!$error && !$error2 || $overwrite){
print "<pre>";
/////////////////////////////////////////
unlink($filename); // Edited Here
/////////////////////////////////////////
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadFile))
{
$host = gethostbyaddr($REMOTE_ADDR);
$date = date("F dS, Y h:i:s A");
$sql = "INSERT INTO customer_files (cuid,filename,date,ip,host) VALUES ('$cuid','$uploadFile','$date','$REMOTE_ADDR','$host')";
$result = mysql_query($sql);
echo '<div align="center" class="alert">File was valid, and was uploaded successfully.</div>';
}
else
{
echo '<div align="center" class="text" class="alert">There Was An Error Processing Your Request. Please Try Again</div>';
}
print "</pre>";
}
}
thank you for your help, hope you can follow it allow well enough, but I understand it is a bit hard to follow.
Ray