Hi,
I am trying to add an image upload script however I am confused has to how it works. Is the image added to a file which I designate and then add a link to the database?
Can anyone advise how an image upload script works?
| SitePoint Sponsor |
Hi,
I am trying to add an image upload script however I am confused has to how it works. Is the image added to a file which I designate and then add a link to the database?
Can anyone advise how an image upload script works?
You can either upload a file to your server's file system (that is, the uploaded file is stored on your server, as is).
Or, you can upload a file to a database directly.
Personally, I prefer the first method, as I can then browse the uploaded files with ease.
How well do you know your JavaScript from your jQuery?
Check out SitePoint's latest JavaScript challenge
My blog
If I upload the image to a folder how is a link entered in the database to the image?
That could be done a couple ways. Some people just stick the filename into the table, instead of the binary data. Others just store image stats, and then rename the uploaded file with the new records ID value. Just find something you like and go with it.
FWIW, I'm just having to implement this functionality for a project I'm working on right now, so if you have any concrete questions, I'll be happy to help.
Also, a quick Google search turns up tons of results as to how to do this: http://www.google.com/search?q=php+fileupload+script
How well do you know your JavaScript from your jQuery?
Check out SitePoint's latest JavaScript challenge
My blog
It's pretty simple.
Create a form with HTML, remember to set the method to post and include the enctype.
Upon clicking submit, the file will be stored under tmp folder and can be access through $_FILE variable.
Just move the file from tmp folder to designated folder and insert the path to your database.
That's all
Although this is true, don't forget there are various security concerns to bear in mind when allowing the general public to upload stuff to your server.Originally Posted by Marcelc
Here is an article which details them: http://www.acunetix.com/websitesecur...rms-threat.htm
How well do you know your JavaScript from your jQuery?
Check out SitePoint's latest JavaScript challenge
My blog
@Pullo: If I only allow registered user to upload files, does that add up to the security?
It limits your exposure.
Sadly, there's nothing stopping your registered users attempting to do malicious things to your web server, though.
How well do you know your JavaScript from your jQuery?
Check out SitePoint's latest JavaScript challenge
My blog
My apologies, for some reason I read your questions as being general in nature.
I'd have a look at this page: http://us1.php.net/manual/en/feature...ost-method.php
Related functions to look up: is_uploaded_file, move_uploaded_file, getimagesize, filesize, mime_content_type.
Hi,
I attempted to use this example http://php.about.com/od/advancedphp/...e_upload_3.htm however I am unable to move the temp file to the permanent file which I have changed to test.
It seems to add "upload.php" to the link I want to place the image in. Is this correct? I have tried around 10 different targets and the test folder is definitely active. Can anyone advise what the error is please?
Code:$target = "http://www.website.com/test/"; $target = $target . basename( $_FILES['uploaded']['name']) ; $ok=1; if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
Unable to move '/tmp/phpZecAhN' to 'http://www.website.com/test/imagetest.gif' in /home/test/website.com/test/upload.php on line 27
Unable to move '/tmp/phpZecAhN' to 'http://www.website.com/test//imagetest.gif' in /home/test/website.com/test/upload.php on line 78
The first thing I'd do is check to make sure your test folder is writable.
Yup, that's very probably the cause of the error.
You need to make sure that the folder permissions are correct.
Try changing them to 775.
This might help a bit further: http://stackoverflow.com/questions/1...ith-php-apache
How well do you know your JavaScript from your jQuery?
Check out SitePoint's latest JavaScript challenge
My blog
Brilliant, that sorted the first error.
I have tried to fix the second error by putting the full link into the code but this hasn't helped solve the problem.
I do have folder called 'tmp'. Should the file go into their first as nothing appears in their or does it create a folder which I cant see. Any suggestions please?
Code:echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; if (file_exists("http://www.website.com/test/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "http://www.website.com/test/" . $_FILES["file"]["name"]); echo "Stored in: " . "http://www.website.com/test/" . $_FILES["file"]["name"]; } } }
Hi there,
AFAIK file_exists only checks whether a file or directory exists on the same server as the script.
Could you try changing that to a local path.
Other that that could you post your full code (which is presumably a PHP script and a simple HTML form) and I'll take a look.
How well do you know your JavaScript from your jQuery?
Check out SitePoint's latest JavaScript challenge
My blog
Cheers dude, this is the full code.
Like you say there is a simple HTML form on another page.
Code:<?php if ($_FILES["file"]["error"] > 0) { echo "Error: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Stored in: " . $_FILES["file"]["tmp_name"]; } ?> <?php $allowedExts = array("jpg", "jpeg", "gif", "png"); $extension = end(explode(".", $_FILES["file"]["name"])); if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000) && in_array($extension, $allowedExts)) { if ($_FILES["file"]["error"] > 0) { echo "Error: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Stored in: " . $_FILES["file"]["tmp_name"]; } } else { echo "Invalid file"; } ?> <?php $allowedExts = array("jpg", "jpeg", "gif", "png"); $extension = end(explode(".", $_FILES["file"]["name"])); if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000) && in_array($extension, $allowedExts)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; if (file_exists("http://www.website.com/test/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "http://www.website.com/test/" . $_FILES["file"]["name"]); echo "Stored in: " . "http://www.website.com/test/" . $_FILES["file"]["name"]; } } } else { echo "Invalid file"; } ?>
Keep in mind that this code is being run FROM your server. With that said, you will always see a performance gain on both the front and back end if you avoid using the fully qualified name. PHP has access to the file system, so why create a new HTTP request when it is not needed?
PHP Code:if (file_exists("/user/home/www/test/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
<?php//Kyle Wolfeecho devBlog("My Dev Notes");
Hi,
I have put the full domain name in to get the right links as I thought that was the issue. I shall remove them when the code fully works.
Any suggestions on what the last issue is please?
Hi,
Any suggestions on how I can resolve this last issue please? Almost there with it.
Hi There,
I had a look at your code and got it working.
As far as I could see, the main error was that you were specifying the website url as an argument to move_uploaded_file and file_exists, you need to use the server path (e.g. /mnt/web/.../htdocs/yoursite/test/).
Here is the revised code:
Code PHP:<?php $allowedExts = array("jpg", "jpeg", "gif", "png"); $extension = end(explode(".", $_FILES["file"]["name"])); if ($_FILES["file"]["size"] < 60000 && in_array($extension, $allowedExts)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; if (file_exists("/mnt/web/.../htdocs/yoursite/test/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "/mnt/web/.../htdocs/yoursite/test/" . $_FILES["file"]["name"]); echo "Stored in: " . "http://www.yoursite.com/test/" . $_FILES["file"]["name"]; } } } else { echo "Invalid file"; } ?>
How well do you know your JavaScript from your jQuery?
Check out SitePoint's latest JavaScript challenge
My blog
Cheers dudes, this now works fine.
Now I just need to create a link in a database under a members profile. Any suggestions?
Can you elaborate further on what you want to do?
<?php//Kyle Wolfeecho devBlog("My Dev Notes");
Yup, not sure what you mean with "under a members profile".
Creating a link in a database is straight forward though - just a matter of inserting the file path as a string into your db table.
One point you might want to consider however, is giving the uploaded files unique names (with a time stamp or ip address or such), so that files with the same name do not overwrite each other.
How well do you know your JavaScript from your jQuery?
Check out SitePoint's latest JavaScript challenge
My blog
Hi,
The idea for the site is that people will be able to create member profiles and then upload a logo.
Is it possible to create a folder for each member in which they can upload their company logo?
How would a site like LinkedIn manage image upload?
http://php.net/manual/en/book.filesystem.php
I personally do not store any images, or links to images in a db, I write in where a logo or file should be into the logic. Using the commands I gave you, once an image has been checked and uploaded, you can move the image, create directories etc based on your needs. One might problematically create a hierarchy system for the images to be stored like so:
/usrs/$user/content/logo1.jpg
Based on the profile being looked at, it checks that location for an existing logo. The same would be done when uploading the image, dynamically creating folders needed. Make sense?
<?php//Kyle Wolfeecho devBlog("My Dev Notes");
Posting Permissions
Reply With Quote
Bookmarks