twistednetadmin wrote:
I have made this script to upload pictures into a picturegallery on a
website.
The script works just as I expected, but with one huge flaw. It doesn't work
from every users computer.
I can upload pictures with no problem, but another user get's an
errormessage. the other user emailed the picture to me and I could upload it
with no errors.
Here's the script.
<form name="guildimage_upload" method="post" action="<?php
$_SERVER['PHP_SELF'] ?>" enctype="multipart/form-data">
<table class="normal" border="0" align="center">
<tr>
<td height="200" align="center" valign="bottom"
class="holyheader18">Screenshot upload</td></tr>
<tr>
<td align="center" colspan="2">
<table border="1">
<tr>
<td>
Only pictures with the .jpg extension and size 300kb or less will be
uploaded!<br>
Imagenames should not contain quotes or any special signs!!<br>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
File:
<input type="hidden" name="MAX_FILE_SIZE" value="300000">
<input type="file" name="guildimage">
</td>
</tr>
<tr>
<td>
Comment:
<input name="guildimage_comment" type="text" size="40" maxlength="40">
</td>
<td>
<input type="submit" name="submit" value="Summon">
</td>
</tr>
</tr>
<tr>
<td height="160" colspan="2" class="maintext" valign="top">
<?php
chmod("/guildimages/", 0777);
######################################################
###Uploads the image and checks if the image exists already###
######################################################
if (isset($_POST['submit'])) //If you push the submit-button
{
$sysfolder="/guildimages/";
$filename="".$_FILES['guildimage']['name']."";
if (file_exists($sysfolder . $filename)) //If the filename exists.
{
echo "Filename exists or no file selected. Please rename the file or select
a file";
}
elseif ($_FILES['guildimage']['type'] == "image/jpeg") //And if the image
is .jpg less or equal 300kb...
{
You may want to also do something like
if(filesize($filename) > 300) {
echo "File too large";
}
copy ($_FILES['guildimage']['tmp_name'],
"/guildimages/".$_FILES['guildimage']['name']) //Copy the image to
/guildimages
or die("Could not copy file"); //Or don't if it's wrong size or format
Here you should be using move_uploaded_file() instead of copy()
http://php.net/move_uploaded_file
$insertSQL = sprintf("INSERT INTO guildimages (guildimage_date,
guildimage_name, guildimage_comment, posted_by) VALUES (NOW(), '%s', '%s',
'%s')",
($_FILES['guildimage']['name']),
($_POST['guildimage_comment']),
($_SESSION['logname']));
$guildimage_upload = mysql_query($insertSQL) or die(mysql_error());
//insert all info to the DB
You probably want to do some checks above (before inserting), maybe use
http://php.net/manual/en/function.is-uploaded-file.php
echo "Result:<br>\n";
echo "Filename: ".$_FILES['guildimage']['name']."<br>\n";
echo "Filesize: ".$_FILES['guildimage']['size']." byte<br>\n";
echo "Filtype: ".$_FILES['guildimage']['type']."<br>\n";
echo "Congrats! It worked!\n";
}
else
{
echo "Result:<br>\n";
echo "Now that didn't seem to work... <br>\n
Did you try a wrong format or size? <br>\n
File that failed--> (".$_FILES['guildimage']['name'].")<br>";
}
}
?>
</td>
</tr>
</table>
</form>
Can anyone see what's wrong? Since it works from some computers and not from
all?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
