Strange PHP error.

[Barrucadu]

<?php
 // Where the file is going to be placed temporarly
$target_path = "/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);

$_FILES['uploadedfile']['tmp_name']; // temp file

$target_path = "/uploads/";
$oldfile =  basename($_FILES['uploadedfile']['name']);

// getting the extention
$pos = strpos($oldfile,".",0);
$ext = trim(substr($oldfile,$pos+1,strlen($oldfile))," ");

if(!$ext = "gif") {
	if(!$ext = "jpg") {
		if(!$ext = "png") {
			if(!$ext = "bmp") {
				echo "Dissallowed File Extension!";
				echo "<p>Allowed extensions are .gif, .jpg, .png and .bmp</p>";
				echo "<p><a href=\"Home.php\">Try Again</a></p>";
				die();
			}
		}
	}
}

//Check the size
if(!filesize($_FILES['uploadedfile']['name']) <= 1048576){
    echo "File too large!";
    echo "<p>Maximum size is 1MB</p>";
    die();
}
//new file name exmaple for a profile image of a user
$newfile = Date("d:S:w:z:W:B:s:i") . "." . $ext;

// move the file to the final destination
$target_path = $target_path . basename($newfile);

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
     echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
	 echo "<p>The URL is <b>http://www.ISC.tk/uploads/". $newfile . "</b></p>";
	 echo "<p>To view your file visit <b>http://www.ISC.tk/uploads/browseupload.php?file=". $newfile . "</b></p>";
	 echo "<p>We reserve the right to delete any file on our server.</p>"; 
	 echo "<p><a href=\"Home.php\">Upload Another</a></p>";
} else{
     echo "There was an error uploading the file, please try again!";
	 echo "<p><a href=\"Home.php\">Try Again</a></p>";
}
?>

EDIT: I just checked again and the whole page dosnt work so I edited it in.

 

[Amnezia]

does "uploads\\" not work?

 

[Barrucadu]

also, if i post a link related to www.ISC.tk dont click it, i havent got the domain set up yet.

someone help me with the search page please here it is:

<?php

$form = "<form method=\"POST\" action=\"search.php\">";
$form .= "Search for: <input type=\"text\" name=\"criteria\">
             <input type=\"Submit\" name=\"Submit\" value=\"Submit\">";
$form .= "</form>";

// check is user submitted, if not, show the form
if ($_POST['Search'] != "Search")
{
    echo $form;
}
else
{

$directory = "/uploads/";

if (is_dir($directory))
{
   $open_dir = opendir($directory);
    while (($file = readdir($open_dir)) !== false)
    {
        // Place filenames into an array
        $files[] = $file;
    }
    closedir($open_dir);

    // files are in an array, check if search criteria meets any names in array
    if (in_array($_POST['criteria'], $files))
    {
        foreach ($files AS $file_result)
        {
            if (stristr($file_result, $_POST['criteria']))
            {
                echo "File Found : <a href = \"/uploads/browseupload.php?file=".$file_result.">View Result</a>";
            }
        }
    }
    else
    {
        echo "Search Criteria not found<br /> Please try again<br /><br />";
        echo $form;
    }
}

}

?>

its supposed to serach the uploads folder for a file, but it dosnt work

 

[user-7256]

Correct me if I'm wrong, but that !== you want maybe should be a != operator?

Otherwise I'm not too familiar with directory functions...

 

[Amnezia]

you dont need the !==false at all

if (is_dir($directory))
{
   $open_dir = opendir($directory);
    while ($file = readdir($open_dir))
    {
        // Place filenames into an array
        $files[] = $file;
    }
    closedir($open_dir);

is correct

where did you get this script from it is possibly the messiest coding i've ever seen, lol. no offenece intended

 

[Outer]

http://us3.php.net/opendir



BTW Amnezia, your file extension check wont work for ALL files. Some files contain periods before the file extension, therefore, it will check everything AFTER that...

Try this code. It reverses the string and takes everything before the first period, then reverses it back to give you the correct file extension

<?php
function find_extension($file) {
   $revfile = strrev($file);
   $ext = strtolower( strrev(substr($revfile,0,strpos($revfile,"."))) );

   return $ext;
}

$allowed_extensions = array("gif", "jpg", "jpeg", "png", "bmp");
$extension = find_extension($_FILES['uploadedfile']['name']);

if (in_array($extension, $allowed_extensions))
{
    // The extension is valid
}
else
{
    // Extension is not valid
    echo "Dissallowed File Extension!"; 
    echo "<p>Allowed extensions are .gif, .jpg, .png and .bmp</p>"; 
    echo "<p><a href=\"Home.php\">Try Again</a></p>"; 
    die();
}
?>

 

[Amnezia]

http://us3.php.net/opendir

BTW Amnezia, your file extension check wont work for ALL files. Some files contain periods before the file extension, therefore, it will check everything AFTER that...

yah im aware of that i just cleaned up the code previously used

the best way to do it is to check the mime types of the files

 

[Outer]

I actually use both...

Check file extension and MIME type.

This script works (probably not best methods on some parts, but still works nonetheless :P)

<?php

$form = "<form method=\"POST\" action=\"image_find.php\">";
$form .= "Search for: <input type=\"text\" name=\"criteria\">
             <input type=\"Submit\" name=\"Search\" value=\"Search\">";
$form .= "</form>";

// check is user submitted, if not, show the form
if ($_POST['Search'] != "Search")
{
    echo $form;
}
else
{

$directory = "images/";

if (is_dir($directory))
{
   $open_dir = opendir($directory);
    while ($file = readdir($open_dir))
    {
        // Place filenames into an array
        $files[] = $file;
    }
    closedir($open_dir);

 

    // files are in an array, check if search criteria meets any names in array
    $i = 0;
        foreach ($files AS $file_result)
        {
            if (eregi($_POST['criteria'], $file_result))
            {
               $echo .= "<a href=\"uploads/browseupload.php?file=".$file_result."\">".$file_result."</a><br />";
               $i++;
            }
        }

        if ($i == "0")
        {
            echo "Search Criteria not met.<br /><br />";
            echo $form;
        }
        else
        {
            echo $echo."<br />";
            echo $form;
        }
}
else
{
    echo "Not a Directory!";
}

}

?>

 

[Barrucadu]

thanks for all the help everyone, ive just got one more problem:

if(!"browseupload.php" == $entry && !"filemanager.php" == $entry) {
	echo "<p><b><u>File</u></b>";
	echo "<br><b>|----Name: </b>".$entry;
	echo "<br><b>|----Link: </b><a href = \"/Uploads/browseupload.php?file=".$entry."&admin=yes\">View Image</a>";
	echo "<br><b>|----Size: </b>".filesize($path."/".$entry)." bytes";
	echo "<br><b>|----<u>Actions</u></b>";
	echo "<br><b>|.....|----Delete: </b><a href = \"/Uploads/filemanager.php?file=".$entry."&action=880952delfile\">Go</a>";
	echo "<br><b>|.....|----Rename: </b><a href = \"/Uploads/filemanager.php?file=".$entry."&action=482975renfile\">Go</a>";
}

now, before i added in that if statement this code listed every file in the directory /Uploads/ i added in the if statement to remove two files from the list: browseupload.php and filemanager.php, now it doesnt work at all.

 

[RJ]

Try

if ($entry != "browseupload.php" && $entry != "filemanager.php") {

or to make one that will ignore any php files.

list($filenm, $fileext) = split("\.",$entry, 2);
if (strtolower($fileext) != "php") {

Now stop spamming nationstates :p

 

[iNod]

The code I gave you nees to be edited to fit your script. Since the form field name is file insted of the regular userfile you will have the change $_FILES['userfile'].... to $_FILES['file']...

Other than that I can't see a problem why the code I didn't give you won't work.. It worked for me.