PDA

View Full Version : [PHP] Creating a File Upload Script



admans
07-18-2005, 18:26 PM
Recently someone asked for an Upload script, so here you go, out my pure PHP.

First we need to create the database table with the following SQL:



CREATE TABLE `uploads` (
`id` int(10) unsigned NOT NULL auto_increment,
`whenuploaded` datetime NOT NULL default '0000-00-00 00:00:00',
`ipaddress` varchar(15) NOT NULL default 'unknown',
`imageloc` varchar(255) NOT NULL default 'unknown',
`imagesize` int(10) unsigned default NULL,
`imagetype` varchar(30) default NULL,
PRIMARY KEY (`id`)
) TYPE=MyISAM;

Then here's the PHP code you need at the top of the page where you're going to have your upload form. You need to change the database access details at the top and the 'defines' to specify your domain and path names. Create the DEST_DIR directory on the server with 777 permissions.



<?php

define('MAX_ALLOWED_FILE_SIZE', 1024000);
define("DEST_DIR", '/upload/1/');
define('DEST_PATH', '/home/yourcpanelid/public_html' . DEST_DIR);
define('DEST_URL', 'http://yourdomain.com' . DEST_DIR);

$allowed_types = array("image/gif", "image/pjpeg", "image/x-png", "image/bmp");

$dbhost = "localhost";
$dbname = "yourdb_name";
$dbuser = "yourdb_user";
$dbpass = "yourdb_password";

$errormessage = "Please enter file to be uploaded.";

if ((isset($_REQUEST['form_submit'])) && ('form_uploader' == $_REQUEST['form_submit']))
{
$picfile_name = $_FILES['picfile']['name'];
$picfile_type = $_FILES['picfile']['type'];
$picfile_size = $_FILES['picfile']['size'];
$picfile_temp = $_FILES['picfile']['tmp_name'];

if (MAX_ALLOWED_FILE_SIZE >= $picfile_size)
{
if (in_array($picfile_type, $allowed_types))
{
if (is_uploaded_file($_FILES['picfile']['tmp_name']))
{

if (file_exists(DEST_PATH . $picfile_name))
{
$unique_id = time();
$picfile_name = $unique_id . '_' . $picfile_name;
}

if (move_uploaded_file($picfile_temp, DEST_PATH . $picfile_name))
{
$errormessage = "File uploaded as:
<b>" . DEST_URL . $picfile_name . "</b>";

if(mysql_connect($dbhost, $dbuser, $dbpass))
{
if(mysql_select_db($dbname))
{
$sql1 = "INSERT INTO uploads (whenuploaded, ipaddress, imageloc, imagesize, imagetype) VALUES (";
$sql1 .= "'" . date("Y-m-d H:i:s") . "',";
$sql1 .= "'" . $_SERVER['REMOTE_ADDR'] . "',";
$sql1 .= "'" . DEST_DIR . $picfile_name . "',";
$sql1 .= "" . $picfile_size . ",";
$sql1 .= "'" . $picfile_type . "')";

if (!mysql_query($sql1))
{
$errormessage .= "
<font color=red><b>Query failed [$sql1].</b></font>";
}
}
else
{
$errormessage .= "
<font color=red><b>Could not select database.</b></font>";
}
}
else
{
$errormessage .= "
<font color=red><b>Could not connect to database.</b></font>";
}
}
else
{
$errormessage = "<b><font color='red'>File upload failed for obscure reasons (error code: " . $_FILES['picfile']['error'] . ").</font></b>";
}
}
else
{
$errormessage = "<b><font color='red'>No file uploaded.</font></b>";
}
}
else
{
$errormessage = "<b><font color='red'>Invalid file type.</font></b>";
}
}
else
{
$errormessage = "<b><font color='red'>File too big (maximum size is " . MAX_ALLOWED_FILE_SIZE . ").</font></b>";
}
$_REQUEST['form_submit'] = "";
}

?>

And here's your form, which goes on the same page as the PHP script above.


<form action="<?php $PHP_SELF ?>" method="post" enctype="multipart/form-data" name="form_uploader" id="form_uploader">
<table border="0" align="center" cellpadding="1" cellspacing="1">
<tr>
<td colspan="3">
<div align="center"><?php echo $errormessage; ?></div>
</td>
</tr>
<tr>
<td>File:</td>
<td colspan="2">
<input name="MAX_FILE_SIZE" type="hidden" value="<?php echo MAX_ALLOWED_FILE_SIZE ?>">
<input name="picfile" type="file" id="picfile" title="Enter the path to the file you wish to upload, or use the Browse button to get a file selection dialog." size="60" maxlength="250">
<input name="form_submit" type="hidden" id="form_submit" value="form_uploader">
</td>
</tr>
<tr>
<td colspan="3">
<div align="center">
<input name="Submit" type="submit" title="Press this button to start the upload." value="Upload">
</div>
</td>
</tr>
</form>

xyris
07-19-2005, 07:01 AM
Thanks, i am gonna use it