Upload Script

acid · 09.08.2002, 18:56

Looking for advanced upload script with the following mandatory features:

<ul type="square"><li>Ability to restrict upload file size and type
</li><li>Easy to install
</li></ul>

Mono · 09.08.2002, 20:03

Inch lezvov???

acid · 09.08.2002, 20:56

Перл, PHP

Eddi · 10.08.2002, 07:20

Quote:

Here is a fully functional File Upload Handler function. You simply pass it
the name that you typed on the form, the upload dir (and others if your
advanced,) and viola!

call like so:
$OkExt = Array('php', 'htm', 'html')
DoFileUpload('Userfile', 1024, './upload', '', $OkExt , '', '')

$ForceFilename is if you want to use this name instead of whats in the
$_FILES var.

$Overwriteok - set to anything but '' for yes

$ErrorFunction - set to the name of a function you defined, or '' to use
default.

Need help? ask again.
Not that you may have to fix word wrap...

----------------------------
function DoFileUpload($InputFile, $MaxSize, $Path, $ErrorFunction,
$ExtsOk, $ForceFilename, $OverwriteOk) {
//Copyright CBWhiz
$ErrNo = -1;
$TempFile = $_FILES[$InputFile]['tmp_name'];
$FileSize = $_FILES[$InputFile]['size'];
$FileName = $_FILES[$InputFile]['name'];
$FileType = $_FILES[$InputFile]['type'];
if (strlen($ForceFilename)) { $FileName = $ForceFilename; }

if (!function_exists($ErrorFunction)) {
if (!function_exists('DoFileUploadDefErrorHandle')) {
function DoFileUploadDefErrorHandle($ErrorNumber, $ErrorText) {
echo "<center>Error
$ErrorNumber: $ErrorText</center>";
}
}
$ErrorFunction = 'DoFileUploadDefErrorHandle';
}

echo <<<HTML
<hr>
<center>Uploading $InputFile:<hr width=35%>
<table>
<tr><td>Filename:</td><td>$FileName</td></tr>
<tr><td>File
Size:</td><td>$FileSize</td></tr>
<tr><td>Temporary
File:</td><td>$TempFile</td></tr>
<tr><td>File MIME
Type:</td><td>$FileType</td></tr>
</table>
<hr width=35%>
</center>
HTML;
if($TempFile == 'none' || $TempFile == '') {
$ErrorTxt = "This File was unspecified.";
$ErrNo = 1;
$ErrorFunction($ErrNo, $ErrorTxt);
return $ErrNo;
}

if(!is_uploaded_file($TempFile)) {
$ErrorTxt = "File Upload Attack, Filename:
\"$FileName\"";
$ErrNo = 2;
$ErrorFunction($ErrNo, $ErrorTxt);
return $ErrNo;
} //if(!is_uploaded_file($TempFile))

if($FileSize == 0) {
$ErrorTxt = 'The file you attempted to upload is zero length!';
$ErrNo = 3;
$ErrorFunction($ErrNo, $ErrorTxt);
return $ErrNo;
} //$FileSize == 0

$TheExt = GetExt($FileName);

foreach ($ExtsOk as $CurNum => $CurText) {
if ($TheExt == $CurText) { $FileExtOk = 1; }
}

if($FileExtOk != 1) {
$ErrorTxt = 'You attempted to upload a file with a disallowed
extention!';
$ErrNo = 4;
$ErrorFunction($ErrNo, $ErrorTxt);
return $ErrNo;
}

if($FileSize > $MaxSize) {
$ErrorTxt = 'The file you attempted to upload exceeded the maximum file
size of' . ($MaxSize / 1024) . 'kb.';
$ErrNo = 5;
$ErrorFunction($ErrNo, $ErrorTxt);
return $ErrNo;
} //if($FileSize > $MaxSize)

if(file_exists($Path.$FileName) && !strlen($OverwriteOk)) {
$ErrorTxt = 'The file you attempted to upload already exists. Please
specify a new filename.';
$ErrNo = 6;
$ErrorFunction($ErrNo, $ErrorTxt);
return $ErrNo;
}

//-----------------------------------
//-------Actual Uploading Here

move_uploaded_file ($TempFile, $Path.$FileName);

chmod ($Path.$FileName, 0644); //Remove if your webserver hates you

echo '<center>File Upload Sucess!</center>';
return $ErrNo;
} //function DoFileUpload($InputFile, $MaxSize, $Path, $ErrorFunction,
$ExtsOk, $ForceFilename, $OverwriteOk)

function GetExt($Filename) {
$RetVal = explode ( '.', $Filename);
return $RetVal[count($RetVal)-1];
}

Original here - http://www.php.net/manual/en/features.file-upload.php
If you want to add file type recognition there is $FileType defined, which you could use.

P.S. If PHP < 4.1 use $HTTP_POST_FILES instead of $_FILES.