1. We have moved from vBulletin to XenForo and you are viewing the site in the middle of the move. Though the functional aspect of everything is working fine, we are still working on other changes including the new design on Xenforo.
    Dismiss Notice

error handling and image type can't get it to work

Discussion in 'PHP' started by fullyloaded, May 24, 2012.

  1. fullyloaded

    fullyloaded New Member

    I been working on this image script for too long now, and I still can't seem to get two things to work - the image type and error handling (if the fields are empty). I have the code for this, but every place I try to add it, it doesn't work for the error handling if i fill one of the file boxes with a image and keep the other two empty and click the upload button the image will still upload even if the other two file boxes are empty as for the file type its letting me upload any file type if anyone can hlp it would be great thanks...

    PHP:
    $error_message="";
    $MaxSize "600000";
    if (isset(
    $_POST['btn_update'])){
    function 
    createRandomPassword() {
    $chars "abcde!@#%^fghijkmnoABCDEFGHIJKpqrstuvwxyz023456789ABCDEFGHIJKLMNOPQRSTUVWZ!@#%^&";
    srand((double)microtime()*10000000);
    $i 0;
    $pass '' ;
    while (
    $i <= 19) {
    $num rand() % 60;
    $tmp substr($chars$num1);
    $pass $pass $tmp;
    $i++;
    }
    return 
    $pass;
    }
    if (
    $_FILES['aMyUploads0']['size'] > $MaxSize || $_FILES['aMyUploads1']['size'] > $MaxSize || $_FILES['aMyUploads2']['size'] > $MaxSize)
    {
    $error_message "ERROR: File too big!";

    }
    $aMyUploads = array();
    $password createRandomPassword();
    foreach(
    $_FILES as $aFile)
    {
    $newLocation 'uploads/'.$password .$aFile["name"];
    if(
    === $aFile['error'] && (false !== move_uploaded_file($aFile['tmp_name'], $newLocation)))
    {
    $aMyUploads[] = $newLocation;
    }
    else
    {
    $aMyUploads[] = '';
    }
    }
    $error_message="Journal successfully saved.";
    $connection mysql_connect("localhost""????""???");
    mysql_select_db("????"$connection);
    $insert "INSERT INTO photos (image1, image2, image3) VALUES
    (
    ' "
    .$aMyUploads[0]." ',
    ' "
    .$aMyUploads[1]." ',
    ' "
    .$aMyUploads[2]." '
    )"
    ;
    $add_member mysql_query($insert) or die(mysql_error());
    }
    code i been trying to add:
    PHP:
    // ERROR HANDLING CODE:
    if (empty($_FILES) || empty($_FILES['aMyUploads0']) || empty($_FILES['aMyUploads1']) || empty($_FILES['aMyUploads2']))
    {
        
    // Handle error
    }

    // IMAGE TYPE CODE:

    $allowed_filetypes = array("jpg""gif""jpeg""png");

    $ext pathinfo($aFile['name'], PATHINFO_EXTENSION);
    if (!
    in_array($ext$allowed_filetypes))
    {
        
    // Handle error
    }

     
  2. pein87

    pein87 New Member

    You need to check if its empty before doing anything else. That way it breaks out of the code. Everything else needs to be nested in an else statement so it only runs if those conditions are met.


    PHP:
    // variable and function declarations above

    if(empty($_FILES))
    {
    // handle error of no file being sent
    }
    else
    {
    // has data do work and other stuff to get image where it needs to be

    }
    Also your using the password as a directory without creating it.

    PHP:
    $passDir mkdir("uploads/" $password);
    $pFlag 0;

    if(
    $passDir)
    {
     
    $pFlag 1;
    }
    else
    {
    $pFlag 0;
    }

    if(
    $pFlag 0)
    {
    // move file here
    }
    else
    {
    // return folder not there
    }
    Just a suggestion, and you need to sub-string the files name to get the extension type.
     
  3. Alex.Gabriel

    Alex.Gabriel New Member

    Here it is , it should work but since is almost 00.00 i`l go to sleep and i let you test it :)
    Is any error is generated and you can't fix it post it here and somebody or me will fix it.
    PHP:
    <?php
    $error_message
    ="";
    $MaxSize "600000";
    if (isset(
    $_POST['btn_update'])){
    function 
    createRandomPassword() {
    $chars "abcde!@#%^fghijkmnoABCDEFGHIJKpqrstuvwxyz023456789ABCDEFGHIJKLMNOPQRSTUVWZ!@#%^&";
    srand((double)microtime()*10000000);
    $i 0;
    $pass '' ;
    while (
    $i <= 19) {
    $num rand() % 60;
    $tmp substr($chars$num1);
    $pass $pass $tmp;
    $i++;
    }
    return 
    $pass;
    }
    //checking empty files
    if (empty($_FILES) || empty($_FILES['aMyUploads0']) || empty($_FILES['aMyUploads1']) || empty($_FILES['aMyUploads2']))
    {
        echo 
    'Please select a file to upload';
        exit();
        
    //exit if empty file is detected
    }
    else 
    {
    if (
    $_FILES['aMyUploads0']['size'] > $MaxSize || $_FILES['aMyUploads1']['size'] > $MaxSize || $_FILES['aMyUploads2']['size'] > $MaxSize)
    {
    $error_message "ERROR: File too big!";
    //enable exit if you want to terminate when a file is bigger than Maxsize
    //exit(); //added exit since even if filesize is larger than accepted the rest of the code is executed.

    }} 
    else { 
    //if everything is ok


    $aMyUploads = array();
    $password createRandomPassword();
    foreach(
    $_FILES as $aFile)
    {
    //check extension
    $allowed_filetypes = array("jpg""gif""jpeg""png");

    $ext pathinfo($aFile['name'], PATHINFO_EXTENSION);
    if (!
    in_array($ext$allowed_filetypes))
    {
        echo 
    'illegal file type';
        exit();
    }
    else
    {
    $upload_directorymkdir("uploads/$password/");
    $newLocation $upload_directory.$aFile["name"];
    if(
    === $aFile['error'] && (false !== move_uploaded_file($aFile['tmp_name'], $newLocation)))
    {
    $aMyUploads[] = $newLocation;
    }
    else
    {
    $aMyUploads[] = '';
    }
    }
    $error_message="Journal successfully saved.";
    $connection mysql_connect("localhost""????""???");
    mysql_select_db("????"$connection);
    $insert "INSERT INTO photos (image1, image2, image3) VALUES
    (
    ' "
    .$aMyUploads[0]." ',
    ' "
    .$aMyUploads[1]." ',
    ' "
    .$aMyUploads[2]." '
    )"
    ;
    mysql_query($insert) or die(mysql_error());
    }  } }
    ?>
     

Share This Page