I found this tutorial on PHPFreaks for making a file upload class but I keep receiving the error:
The file extension is invalid, please try again!
Yes I have tried uploading both valid and non-valid extensions.
Here is the the upload form:
Code:
<form enctype="multipart/form-date" action="upload.php" method="post">
Upload this file:<input name="upload" type="file">
<input type="submit" value="Send File">
</form>
Here is my implementation of the class:
PHP Code:
<?php
include ('c_FileUpload.php');
$upload_class = new FileUpload;
$upload_class->temp_file_name = trim($_FILES['upload']['tmp_name']);
$upload_class->file_name = trim(strtolower($_FILES['upload']['name']));
$upload_class->upload_dir = "/htdocs/www/test/uploads/";
$upload_class->upload_log_dir ="/htdocs/www/test/uploads/upload_log/";
$upload_class->max_file_size = 5242880;
$upload_class->banned_array = array("" );
$upload_class->ext_array = array(".zip",".rar",".ace",".tar",".jpg" );
$valid_ext = $upload_class->validate_extension();
$valid_size = $upload_class->validate_size();
$valid_user = $upload_class->validate_user();
$max_size = $upload_class->get_max_size();
$file_size = $upload_class->get_file_size();
$file_exists = $upload_class->existing_file();
if(!$valid_ext){
$result = "The file extension is invalid, please try again!";
}
elseif(!$valid_size){
$result = "The file size is invalid, please try again! The maximum file size is:$max_size and your file was:$file_size";
}
elseif(!$valid_user){
$result = "You have been banned from uploading to this server.";
}
elseif($file_exists){
$result = "This file already exists on the server, please try again.";
}else{
$upload_file = $upload_class->upload_file_with_validation();
if(!$upload_file){
$result = "Your file could not be uploaded!";
}else{
$result = "Your file has been successfully uploaded to the server.";
}
}
echo $result;
?>
And for reference here is the class:
PHP Code:
<?php
class FileUpload{
var $temp_file_name;
var $file_name;
var $upload_dir;
var $upload_log_dir;
var $max_file_size;
var $banned_array;
var $ext_array;
/*******************************
* VALIDATE EXTENSION
********************************/
function validate_extension(){
$file_name = trim($this->file_name);
$extension = strtolower(strrchr($file_name,"." ));
$ext_array = $this->ext_array;
$ext_count = count($ext_array);
if(!$file_name){
return false;
}else{
if(!$ext_array){
return true;
}else{
foreach($ext_array as $value){
$first_char = substr($value,0,1);
if($first_char<>"." ){
$extensions[] = ".".strtolower($value);
}else{
$extensions[] = strtolower($value);
}
}
foreach($extensions as $value){
if($value == $extension){
$valid_extension = "TRUE";
}
}
if($valid_extension){
return true;
}else{
return false;
}
}
}
}
/*******************************
* VALIDATE FILE SIZE
********************************/
function validate_size(){
$temp_file_name = trim($this->temp_file_name);
$max_file_size = trim($this->max_file_size);
if(!$temp_file_name){
$size = filesize($temp_file_name);
if($size>$max_file_size){
return false;
}else{
return true;
}
}else{
return false;
}
}
/*******************************
* CHECK IF FILE ALREADY EXISTS
********************************/
function existing_file(){
$file_name = trim($this->file_name);
$upload_dir = $this->get_upload_directory();
if($upload_dir == "ERROR" ){
return true;
}else{
$file = $upload_dir.$file_name;
if(file_exists($file)){
return true;
}else{
return false;
}
}
}
/*******************************
* EXTRACT THE FILES SIZE
********************************/
function get_file_size(){
$temp_file_name = trim($this->temp_file_name);
$kb = 1024;
$mb = 1024 * $kb;
$gb = 1024 * $mb;
$tb = 1024 * $gb;
if($temp_file_name){
$size = filesize($temp_file_name);
if($size<$kb){
$file_size = "$size Bytes";
}
elseif($size<$mb){
$final = round($size/$kb,2);
$file_size = "$final KB";
}
elseif($size<$gb){
$final = round($size/$mb,2);
$file_size = "$final MB";
}
elseIf($size<$tb){
$final = round($size/$gb,2);
$file_size = "$final GB";
}
else{
$final = round($size/$tb,2);
$final_size = "$final TB";
}
}else{
$file_size = "ERROR:NO FILE PASSED TO GET_FILE_SIZE()";
}
return $file_size;
}
/*******************************
* GET THE MAX FILE SIZE
********************************/
function get_max_size(){
$max_file_size = trim($this->max_file_size);
$kb = 1024;
$mb = 1024 * $kb;
$gb = 1024 * $mb;
$tb = 1024 * $gb;
if($max_file_size){
if($max_file_size<$kb){
$max_file_size = "max_file_size Bytes";
}
elseif($max_file_size<$mb){
$final = round($max_file_size/$kb,2);
$max_file_size = "$final KB";
}
elseif($max_file_size<$gb){
$final = round($max_file_size/$mb,2);
$max_file_size = "$final MB";
}
elseif($max_file_size<$tb){
$final = round($max_file_size/$gb,2);
$max_file_size = "$final GB";
}
else{
$final = round($max_file_size/$tb,2);
$max_file_size = "$final TB";
}
}else{
$max_file_size = "ERROR: NO SIZE PARAMETER PASSED TO GET_MAX_SIZE()";
}
return $max_file_size;
}
/*******************************
* VALIDATE THE USER
********************************/
function validate_user(){
$banned_array = $this->banned_array;
$ip = trim($_SERVER['REMOTE_ADDR']);
$cpu = gethostbyaddr($ip);
$count = count($banned_array);
if($count<1){
return true;
}else{
foreach($banned_array as $key=>$value){
if($value==$ip."-".$cpu){
return false;
}else{
return true;
}
}
}
}
/*******************************
* GET THE UPLOAD DIRECTORY
********************************/
function get_upload_directory(){
$upload_dir = trim($this->upload_dir);
if($upload_dir){
$ud_len = strlen($upload_dir);
$last_slash = substr($upload_dir,$ud_len-1,1);
if($last_slash<>"/" ){
$upload_dir = $upload_dir."/";
}else{
$upload_dir = $upload_dir;
}
$handle = @opendir($upload_dir);
if($handle){
$upload_dir = $upload_dir;
closedir($handle);
}else{
$upload_dir = "ERROR";
}
}else{
$upload_dir = "ERROR";
}
return $upload_dir;
}
/*******************************
* VERIFY UPLOAD LOG DIRECTORY
********************************/
function get_upload_log_directory(){
$upload_log_dir = trim($this->upload_log_dir);
if($upload_log_dir){
$ud_len = strlen($upload_log_dir);
$last_slash = substr($upload_log_dir,$ud_len-1,1);
if($last_slash<>"/" ){
$upload_log_dir = $upload_log_dir."/";
}else{
$upload_log_dir = $upload_log_dir;
}
$handle = @opendir($upload_log_dir);
if($handle){
$upload_log_dir = $upload_log_dir;
closedir($handle);
}else{
$upload_log_dir = "ERROR";
}
}else{
$upload_log_dir = "ERROR";
}
return $upload_log_dir;
}
/*******************************
* UPLOAD WITHOUT VALIDATION
********************************/
function upload_file_no_validation(){
$temp_file_name = trim($this->temp_file_name);
$file_name = trim(strtolower($this->file_name));
$upload_dir = $this->get_upload_directory();
$upload_log_dir = $this->get_upload_log_directory();
$file_size = $this->get_file_size();
$ip = trim($_SERVER['REMOTE_ADDR']);
$cpu = gethostbyaddr($ip);
$m = date("m" );
$d = date("d" );
$y = date("Y" );
$date = date("m/d/Y" );
$time = date("h:i:s A" );
if(($upload_dir == "ERROR" ) OR ($upload_log_dir == "ERROR" )){
return false;
}else{
if(is_uploaded_file($temp_file_name)){
if(move_uploaded_file($temp_file_name,$upload_dir.$file_name)){
$log = $upload_log_dir.$y."_".$m."_".$d.".txt";
$fp = fopen($log,"a+" );
fwrite($fp,"$ip-$cpu | $file_name | $file_size | $date | $time" );
fclose($fp);
return true;
}else{
return false;
}
}else{
return false;
}
}
}
/*******************************
* UPLOAD WITH VALIDATION
********************************/
function upload_file_with_validation(){
$temp_file_name = trim($this->temp_file_name);
$file_name = trim(strtolower($this->file_name));
$upload_dir = $this->get_upload_directory();
$upload_log_dir = $this->get_upload_log_directory();
$file_size = $this->get_file_size();
$ip = trim($_SERVER['REMOTE_ADDR']);
$cpu = gethostbyaddr($ip);
$m = date("m" );
$d = date("d" );
$y = date("Y" );
$date = date("m/d/Y" );
$time = date("h:i:s A" );
$existing_file = $this->existing_file();
$valid_user = $this->validate_user();
$valid_size = $this->validate_size();
$valid_ext = $this->validate_extension();
if(($upload_dir == "ERROR" ) OR ($upload_log_dir == "ERROR" )){
echo "Your directories are messed up";
return false;
}
elseif((((!$valid_user) OR (!$valid_size) OR (!$valid_ext) OR ($existing_file)))){
return false;
}
else{
if(is_uploaded_file($temp_file_name)){
if(move_uploaded_file($temp_file_name,$upload_dir.$file_name)){
$log = $upload_log_dir.$y."_".$m."_".$d.".txt";
$fp = fopen($log,"a+" );
fwrite($fp,"$ip-$cpu | $file_name | $file_size | $date | $time" );
fclose($fp);
return true;
}else{
return false;
}
}else{
return false;
}
}
}
}
?>
Also When I turn on the errors I recieve
Notice: Undefined index: userfile in /htdocs/www/test/upload.php on line 5
Notice: Undefined index: userfile in /htdocs/www/test/upload.php on line 6
EDIT::I've kind of narrowed this down by placing some "echo" lines for error handling and have determined the errors begin in the validate_extension() function at the (!$file_name) so something must be wrong with the way I'm uploaded the file.
Bookmarks