Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 10 of 10

Thread: MP3 upload form

  1. #1
    Regular Coder
    Join Date
    Mar 2009
    Posts
    116
    Thanks
    29
    Thanked 1 Time in 1 Post

    MP3 upload form

    Well this is an mp3 upload script that I'm currently using.
    It consists in two files. upload.html (which hosts the upload form) and upload.php (which process it).
    Here is the upload.html
    PHP Code:
    <form name="uploadForm" method="post" action="upload.php" enctype="multipart/form-data">
            
    Select an mp3 file only: <br>
            <
    input name="user_file" type="file" /><br>
            
    Title: <br>
            <
    input type="text" name="title" size="40" /><br>
            
    Description: <br>
            <
    textarea name="description" rows="10" cols="32"  ></textarea><br>
            
            
    Tags (descriptive keywords find your tune easyly.): <br>
            <
    input type="text" name="tags" size="40"/><br>
                    <
    input type="submit" name="upload" value="Upload">
            <
    input type="hidden" name="submit_upload" value="yes" />
    </
    form
    Here is the upload.php
    PHP Code:
    <?php

        
    //Redirect browser if the upload form WAS NOT submited. 
            
    if (!isset($_POST['submit_upload'])) { 
                
    header("location: upload.html");          
            } 
             
        
    //Continue if the upload form WAS SUBMITED 
            
    else { 
                
    //Set the upload directory path 
                
    $target_path $_SERVER['DOCUMENT_ROOT'] . "uploads/"
                 
                
    //Array to store validation errors 
                
    $error_msg = array(); 
              
                
    // Validation error flag, if this becomes true we won't upload 
                
    $error_flag false;  
                 
                
    // Connect to database: host, username, password. 
                
    mysql_connect("localhost","root","root");  

                
    // Specify database to use 
                
    mysql_select_db("database") or die("Unable to select database"); 

                
    // We get the data from the upload form 
                
    $filename $_FILES['user_file']['name']; 
                
    $temp_filename $_FILES['user_file']['tmp_name']; 
                
    $filesize $_FILES['user_file']['size']; 
                
    $mimetype $_FILES['user_file']['type']; 

                
    //Convert all applicable characters to HTML entities 
                
    $filename htmlentities($filename); 
                
    $mimetype htmlentities($mimetype); 

                
    //Check for empty file 
                
    if($filename == ""){ 
                    
    $error_msg[] = 'No file selected!'
                    
    $error_flag true
                } 
                 
                
    //Check the mimetype of the file 
                
    if($mimetype != "audio/x-mp3" && $mimetype != "audio/mp3"){ 
                    
    $error_msg[] = 'The file you are trying to upload does not contain expected data. 
                    Are you sure that the file is an MP3 one?'

                    
    $error_flag true
                } 
                
                
    //Get the file extension, an honest file should have one 
                
    $ext substr(strrchr($filename'.'), 1); 
                if(
    $ext != 'mp3') { 
                    
    $error_msg[] = 'The file type or extention you are trying to upload is not allowed!   
                        You can only upload MP3 files to the server!'

                    
    $error_flag true
                 
                } 
                
                
    //Check that the file really is an MP3 file by reading the first few characters of the file 
                
    $open = @fopen($_FILES['user_file']['tmp_name'],'r'); 
                
    $read = @fread($open,3); 
                @
    fclose($open); 
                if(
    $read != "ID3"){ 
                    
    $error_msg[] = "The file you are trying to upload does not seem to be an MP3 file."
                    
    $error_flag true
                } 
                 
                
    //Now we check the filesize.   
                //The file size shouldn't include any other type of character than numbers 
                
    if (!is_numeric($filesize)) { 
                    
    $error_msg[] = 'Bad filesize!'
                    
    $error_flag true
                }  
                 
                
    //If it is too big or too small then we reject it 
                //MP3 files should be at least 1MB and no more than 10 MB  
                // Check if the file is too large 
                
    if($filesize 10485760){ 
                    
    $error_msg[] = 'The file you are trying to upload is too large!   
                    Please upload a smaller MP3 file'

                    
    $error_flag true
                } 
                 
                
    // Check if the file is too small 
                
    if($filesize 1048600){ 
                    
    $error_msg[] = 'The file you are trying to upload is too small! 
                    It is too small to be a valid MP3 file.'

                    
    $error_flag true
                } 

                
    //Function to sanitize values received from the form. Prevents SQL injection 
                
    function clean($str) { 
                    
    $str = @trim($str); 
                    if(
    get_magic_quotes_gpc()) { 
                        
    $str stripslashes($str); 
                    } 
                    return 
    mysql_real_escape_string($str); 
                } 
         
                
    //Sanitize the POST values 
                
    $title clean($_POST['title']); 
                
    $description clean($_POST['description']); 
                
    $tags clean($_POST['tags']); 

                if(
    $title == '') { 
                    
    $error_msg[] = 'Title is missing'
                    
    $error_flag true
                } 
                if(
    $tags == '') { 
                    
    $error_msg[] = 'Tags are missing'
                    
    $error_flag true
                } 
                 
                
    //If there are input validations, show errors 
                
    if($error_flag == true) { 
                    foreach (
    $error_msg as $c=>$p
                    echo 
    "Error " $c ": " $p "<br>"
                     
                } 
                
    //Else, all checks are done, move the file. 
                
    else { 
                    if (
    is_uploaded_file($temp_filename)){  
                     
                        
    //If the file was moved, change the filename 
                        
    if(move_uploaded_file($temp_filename$target_path $filename)) { 
                             
                            
    //Again check that the file exists in the target path 
                            
    if(@file_exists($target_path $filename)) { 
                                
    //Generate an uniqid 
                                
    $uniqfilename uniqid(rand()); 
                                 
                                
    //Assign upload date to a variable 
                                
    $date date("Y-m-d"); 
                                 
                                
    //Rename the file to an uniqid version 
                                
    rename($target_path $filename$target_path $uniqfilename); 
                                 
                                
    //Create INSERT query 
                                
    $qry "INSERT INTO uploads ( filename, title, description, tags, date)  
                                VALUES('$uniqfilename','$title','$description','$tags','$date')"

                                
    $result = @mysql_query($qry); 
                                 
                                if (
    $result) { 
                                    echo  
    $username ": the file " $filename " has been uploaded successfuly. <br>"
                                    echo 
    "Now it is called :" $uniqfilename "<br>" $date ."<br>"
                                    
                                    
    mysql_close();
                                    die();
                                                                     
                                     
                                } 
                            } 
                                 
                            else{ 
                                echo 
    "There was an error uploading the file, please try again!"
                            } 
                        }   
                    }  
                     
                    else { 
                        echo 
    "There was an error uploading the file, please try again!"
                    } 

                } 
            } 
    ?>
    Make sure you modify the php.ini (max_file_size, max_post_size, etc) to match the upload file size so you dont get any errors.

    PD: Also you can use in php5 the md5_file() function to check if the file has already been uploaded to your server.

    Special thanks to Jazz914, mjbeaumont and _Aerospace_Eng_.

  • #2
    Regular Coder
    Join Date
    Oct 2009
    Location
    Florida
    Posts
    155
    Thanks
    16
    Thanked 2 Times in 2 Posts
    Great post and thank you, but what about the database variables?

  • #3
    Regular Coder
    Join Date
    Mar 2009
    Posts
    116
    Thanks
    29
    Thanked 1 Time in 1 Post
    OK, i missed that

    Add this
    PHP Code:
    //Function to sanitize values received from the form. Prevents SQL injection
                
    function clean($str) {
                    
    $str = @trim($str);
                    if(
    get_magic_quotes_gpc()) {
                        
    $str stripslashes($str);
                    }
                    return 
    mysql_real_escape_string($str);
                }
        
                
    //Sanitize the POST values
                
    $title clean($_POST['title']);
                
    $description clean($_POST['description']);
                
    $tags clean($_POST['tags']);

                if(
    $title == '') {
                    
    $error_msg[] = 'Title is missing';
                    
    $error_flag true;
                }
                if(
    $tags == '') {
                    
    $error_msg[] = 'Tags are missing';
                    
    $error_flag true;
                } 
    Before this
    PHP Code:
    // We get the data from the upload form  
                
    $filename $_FILES['user_file']['name'];  
                
    $temp_filename $_FILES['user_file']['tmp_name'];  
                
    $filesize $_FILES['user_file']['size'];  
                
    $mimetype $_FILES['user_file']['type']; 
    in the above code.

    PD: the upload table in the mysql database should have the following fields: mp3_id (as primary key and autoincrement enabled), username, filename, title, description, tags, date to store the information so a file can be found later.

  • #4
    Regular Coder
    Join Date
    Jan 2009
    Posts
    204
    Thanks
    29
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by hernantz View Post
    OK, i missed that

    Add this
    PHP Code:
    //Function to sanitize values received from the form. Prevents SQL injection
                
    function clean($str) {
                    
    $str = @trim($str);
                    if(
    get_magic_quotes_gpc()) {
                        
    $str stripslashes($str);
                    }
                    return 
    mysql_real_escape_string($str);
                }
        
                
    //Sanitize the POST values
                
    $title clean($_POST['title']);
                
    $description clean($_POST['description']);
                
    $tags clean($_POST['tags']);

                if(
    $title == '') {
                    
    $error_msg[] = 'Title is missing';
                    
    $error_flag true;
                }
                if(
    $tags == '') {
                    
    $error_msg[] = 'Tags are missing';
                    
    $error_flag true;
                } 
    Before this
    PHP Code:
    // We get the data from the upload form  
                
    $filename $_FILES['user_file']['name'];  
                
    $temp_filename $_FILES['user_file']['tmp_name'];  
                
    $filesize $_FILES['user_file']['size'];  
                
    $mimetype $_FILES['user_file']['type']; 
    in the above code.

    PD: the upload table in the mysql database should have the following fields: mp3_id (as primary key and autoincrement enabled), username, filename, title, description, tags, date to store the information so a file can be found later.

    I cannot find that in the above ??

  • #5
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Quote Originally Posted by Feckie View Post
    I cannot find that in the above ??
    Its in upload.php near here // We get the data from the upload form
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #6
    Regular Coder
    Join Date
    Jan 2009
    Posts
    204
    Thanks
    29
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by _Aerospace_Eng_ View Post
    Its in upload.php near here // We get the data from the upload form
    Cheers must have been tired.....

  • #7
    Regular Coder
    Join Date
    Jan 2009
    Posts
    204
    Thanks
    29
    Thanked 0 Times in 0 Posts
    ok I have an error

    Code:
    Fatal error: Cannot redeclare clean() (previously declared in /home/acom/public_html/songs/upload.php:26)

    Which is line
    Code:
               function clean($str) {
    any idea

  • #8
    Super Moderator Inigoesdr's Avatar
    Join Date
    Mar 2007
    Location
    Florida, USA
    Posts
    3,642
    Thanks
    2
    Thanked 405 Times in 397 Posts
    Quote Originally Posted by Feckie View Post
    Cannot redeclare clean()
    You can't make another function called "clean" in the current scope.
    Quote Originally Posted by Feckie View Post
    (previously declared in /home/acom/public_html/songs/upload.php:26)
    You declared it already in upload.php on line 26.

    PHP errors are very literal, and will generally tell you all of the information you need. If your second clean function does something other than the first one, change the name. Otherwise, just remove the second one and use the first.

  • #9
    Regular Coder
    Join Date
    Jan 2009
    Posts
    204
    Thanks
    29
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Inigoesdr View Post
    You can't make another function called "clean" in the current scope.

    You declared it already in upload.php on line 26.

    PHP errors are very literal, and will generally tell you all of the information you need. If your second clean function does something other than the first one, change the name. Otherwise, just remove the second one and use the first.
    It is in upload.php that I am getting the error

  • #10
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Okay so post your upload.php, you likely have to function cleans in there, although I think its might be better if you just start your own thread so you don't flood this one with help requests since its the post a php script forum.
    ||||If you are getting paid to do a job, don't ask for help on it!||||


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •