Forums

This topic is locked

php upload - HELP

Posted 09 Apr 2002 03:25:57
1
has voted
09 Apr 2002 03:25:57 Manuel B. posted:
Hello,

I need your help, i have a ploblem with php upload, it doesn´´t work at my server. In my pc it works (win98/mysql/php/apache), but at my server with apache/mysql/php 4.0.6 it doesn´t work, i don´t get a error, but it doesn´t upload the image. I try to upload the the image to a dir (777). You can see my code here:


// Copyright (c) Interakt Online 2001
// www.interakt.ro/

require("./../adodb/adodb.inc.php";
require("./../Connections/toca.php";
?><?php
// *** Edit Operations: declare Tables
$MM_editAction = $PHP_SELF;
if ($QUERY_STRING) {
$MM_editAction = $MM_editAction . "?" . $QUERY_STRING;
}

$MM_abortEdit = 0;
$MM_editQuery = "";
?><?php
# PHP Upload File v1.07
# Copyright 2001. Tim Green. All rights reserved.
# With many thanks to Massimo Foti and Waldo Smeets

if (isset($file)) {

# System Check Variables
$tgCHeader=getenv("CONTENT_LENGTH";
$tgRefPage=getenv("HTTP_REFERER";
$tg_FileSize=1*1024;

# Flags
$tg_OptionCheckSize=false;
$tg_UseRedirects=false;
$tg_UseErrorMsgs=true;
$tg_UpCopySuccess=false;
$tg_StatusMsg=false;

if ($tg_UseErrorMsgs) {
# Error Messages
$tg_ErrPrefix="?msg=";
$tg_OrigFileOver=$tg_ErrPrefix."Duplicate File Detected and Overwritten.";
$tg_UploadOpAbort=$tg_ErrPrefix."Duplicate Filename Encountered. Upload Aborted.";
$tg_CopyOpFailed=$tg_ErrPrefix."Unable to Copy File. Check Permissions of Target Directory.";
$tg_InvalidMIMEType=$tg_ErrPrefix."The Uploaded File was of an unknown, or unacceptable file type. Upload aborted.";
$tg_FileTooBig=$tg_ErrPrefix."The file exceeded the maximum allowable file size. Upload Aborted.";
$tg_MaliciousUpload=$tg_ErrPrefix."File Discrepancy Encountered. Upload Aborted.";
$tg_SuccessUpload=$tg_ErrPrefix."File Upload Successful.";
}

if (is_uploaded_file($file)) {
if (($tgCHeader <= $tg_FileSize)&&(filesize($file_name) <= $tg_FileSize)||(!$tg_OptionCheckSize)) {
$tg_Root=dirname($HTTP_SERVER_VARS["PATH_TRANSLATED"])."/";
$tg_Dir="/minis/";
if ($tg_Dir=="/" {
$tg_Dir="";
}
$tg_File="$file_name";
$tg_OrigFile=$file;
$tg_Path="$tg_Root"."$tg_Dir"."$tg_File";
$tg_OptionCheckMIME=true;
$tg_cMimeVals="";

tg_OpenWin();

# Specifies the action to be taken if the file exists. overwrite, rename, abort
$tg_ExistsAction="overwrite";

# Check MIME type of file
if ($tg_OptionCheckMIME) {
$tgMIME="image/bmp|image/cgm|image/cmu-raster|image/g3fax|image/gif|image/ief|image/jpeg|image/naplps|image/pjpeg|image/png|image/targa|image/tiff|image/vnd.dwg|image/vnd.dxf|image/vnd.fpx|image/vnd.net.fpx|image/vnd.svf|image/x-cmu-raster|image/x-emf|image/x-jg|image/x-pict|image/x-png|image/x-portable-anymap|image/x-portable-bitmap|image/x-portable-graymap|image/x-portable-pixmap|image/x-rgb|image/x-tiff|image/x-win-bmp|image/x-xbitmap|image/x-xbm|image/x-xpixmap|image/x-wmf|image/x-windowdump";
if ($tgMIME!="custom" {
$acceptMIME=explode("|",$tgMIME);
} else {
$acceptMIME=explode(",",$tg_cMimeVals);
}
$testMIME=false;
for ($k=0; $k < count($acceptMIME); $k++) {
if ($acceptMIME[$k]==$file_type) {
$testMIME=true;
}
}
} else {
$testMIME=true;
}
if ($testMIME) {
# Now we need to check if the file exists in it's path
$testExists=file_exists($tg_Path);
if ($testExists) {
switch ($tg_ExistsAction) {
case "overwrite":
# Delete the original and copy over
unlink($tg_Path);
$tg_copyStatus=true;
$tg_StatusMsg=$tg_OrigFileOver;
break;
case "rename":
# Rename the Uploaded File and copy over
$unid=uniqid(rand(1,5));
$tg_NewName=$unid.$tg_File;
$tg_Path="$tg_Root"."$tg_Dir"."$tg_NewName";
$tg_copyStatus=true;
if ($tg_UseErrorMsgs) {
# $tg_File - contains original File Name
# $tg_NewName - contains New File Name
$tg_FileRenamed=$tg_ErrPrefix."The file $tg_File already exists. Uploaded file was renamed to $tg_NewName.";
} else {
$tg_FileRenamed="";
}
$tg_StatusMsg=$tg_FileRenamed;
break;
case "abort":
# stop processing upload
$tg_copyStatus=false;
$tg_StatusMsg=$tg_UploadOpAbort;
break;
}
} else {
$tg_copyStatus=true;
}
if ($tg_copyStatus) {
# Now we need to track the copy operation
$copyStatus=@copy("$tg_OrigFile","$tg_Path";
if(!$copyStatus) {
# Failed Copy Operation
if (!$tg_StatusMsg) {
$tg_StatusMsg=$tg_CopyOpFailed;
}

tg_CloseWin();
tg_RedirFail($tg_StatusMsg);

$tg_UpCopySuccess=false;
} else {
$tg_UpCopySuccess=true;
}
} else {
tg_CloseWin();
tg_RedirFail($tg_StatusMsg);
$tg_UpCopySuccess=false;
}
} else {
tg_CloseWin();
tg_RedirFail($tg_InvalidMIMEType);
$tg_UpCopySuccess=false;
}
} else {
# File is too big, go back to the referring page.
$tg_StatusMsg=$tg_FileTooBig;
$tg_ReferringPage=$tgRefPage.$tg_StatusMsg;
if ($tg_UseRedirects) {
header("Location: $tgReferringPage";
}
}
} else {
# If this part of the code has been reached then a possibly malicious upload has occurred
tg_RedirFail($tg_MaliciousUpload);
$tg_UpCopySuccess=false;
}
}

function tg_CloseWin() {
echo "<script language=\"Javascript\">\n";
echo "uploadWindow.close();\n";
echo "</script>\n";
}

function tg_RedirFail($msg) {
if ($GLOBALS["tg_UseRedirects"]) {
echo "<script language=\"Javascript\"> window.location=\"$msg\"; </script>\n";
}
}

function tg_OpenWin() {
# Open the progress Window
echo "<script language=\"Javascript\">\n";
echo "var width=screen.width;\n";
echo "var height=screen.height;\n";
echo "var winwidth=280;\n";
echo "var winheight=100;\n";
echo "var top=(height-winheight)/2;\n";
echo "var left=(width-winwidth)/2;\n";
echo "uploadWindow=window.open(\"tgupprog.htm\",\"newWindow\",\"width=\"+winwidth+\",height=\"+winheight+\",left=\"+left+\",top=\"+top);\n";
echo "for (var loop=0;loop<20000;loop++) {\n";
echo "// pause loop\n";
echo "}\n";
echo "</script>\n";
}

if($tg_UpCopySuccess) {
# Successful Copy Operation
if ($tg_NewName=="" {
$file=$tg_File;
} else {
$file=$tg_NewName;
}
?><?php
// *** Insert Record: set Variables

if (isset($MM_insert)){

// $MM_editConnection = MM_tocalas2_STRING;
$MM_editTable = "fotos";
$MM_editRedirectUrl = "";
$MM_fieldsStr = "file|value";
$MM_columnsStr = "foto|',none,''";

// create the $MM_fields and $MM_columns arrays
$MM_fields = explode("|", $MM_fieldsStr);
$MM_columns = explode("|", $MM_columnsStr);

// set the form values
for ($i=0; $i+1 < sizeof($MM_fields); ($i=$i+2)) {
$MM_fields[$i+1] = $$MM_fields[$i];
}

// append the query string to the redirect URL
if ($MM_editRedirectUrl && $QUERY_STRING && (strlen($QUERY_STRING) > 0)) {
$MM_editRedirectUrl .= ((strpos($MM_editRedirectUrl, '?') == false)?"?":"&" . $QUERY_STRING;
}
}
?><?php
// *** Insert Record: construct a sql insert statement and execute it
if (isset($MM_insert)) {
// create the sql insert statement
$MM_tableValues = "";
$MM_dbValues = "";
for ( $i=0; $i+1 < sizeof($MM_fields); ($i=$i+2)) {
$formVal = $MM_fields[$i+1];
$MM_typesArray = explode(",", $MM_columns[$i+1]);
$delim = $MM_typesArray[0];
if($delim=="none" $delim="";
$altVal = $MM_typesArray[1];
if($altVal=="none" $altVal="";
$emptyVal = $MM_typesArray[2];
if($emptyVal=="none" $emptyVal="";
if ($formVal == "" || !isset($formVal)) {
$formVal = $emptyVal;
}
else {
if ($altVal != "" {
$formVal = $altVal;
}
else if ($delim == "'" { // escape quotes
$formVal = $delim . $formVal . $delim;
//$formVal = "'" . str_replace("'","\'",$formVal) . "'";
}
else {
$formVal = $delim . $formVal . $delim;
}
}
if ($i == 0) {
$MM_tableValues = $MM_tableValues . $MM_columns[$i];
$MM_dbValues = $MM_dbValues . $formVal;
}
else {
$MM_tableValues = $MM_tableValues . "," . $MM_columns[$i];
$MM_dbValues = $MM_dbValues . "," . $formVal;
}
}
$MM_editQuery = "insert into " . $MM_editTable . " (" . $MM_tableValues . " values (" . $MM_dbValues . "";
if ($MM_abortEdit!=1) {
// execute the insert
$queryrs = $tocalas2->Execute($MM_editQuery) or DIE($tocalas2->ErrorMsg());
if ($MM_editRedirectUrl) {
header ("Location: $MM_editRedirectUrl";
}
}
}
?><?php
if (!$tg_StatusMsg) {
$tg_StatusMsg=$tg_SuccessUpload;
}

tg_CloseWin();
if ($tg_UseRedirects) {
echo "<script language=\"Javascript\"> window.location=\"$tg_StatusMsg\"; </script>\n";
} else {
$msg=$tg_StatusMsg;
}
}
?>
<html>
<head>
<title>Foto</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#000000" text="#FFFFFF">
<form ACTION="<?php echo $MM_editAction?>" METHOD="POST" name="form1" enctype="multipart/form-data">
<p>
<input type="file" name="file" size="12">
</p>
<p>
<input type="submit" name="Submit" value="Enviar">
</p>
<input type="hidden" name="MM_insert" value="true">
</form>


Reply to this topic