Php file upload problem

PHP
1

Hi,
I have a simple php file upload script that works successfully most of the time…
However, about 5% of users receive the error message that the file cannot be uploaded. I use firefox myself, but strangely it seems to be some version or configuration of firefox that prevents the script from working. Perhaps I am using outdated code? I’m pasting the relevant code below. Thanks for any suggestions!



if ($_FILES["file"]["type"] == "application/pdf")
// removed file size restriction && ($_FILES["file"]["size"] < 2000000)
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
    }
  else
    {
    echo "<p>Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb</p>";
    //echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
	
	//set posted variables
    $lastname=$_POST["lastname"];
	$firstname=$_POST["firstname"];
	$AppID=$_POST["AppID"];
	$AppID=$_POST["AppID"];
	$siteid=$_POST["siteid"];

	$topdir="/myfiles/"; //(fictitious, for posting)
	$savedir=$topdir . $lastname . "." . $firstname . "." . $AppID;
	
	mkdir($savedir, 0777, true);
	$old = umask(0);
	chmod($savedir, 0777);
	umask($old);

    if (file_exists($savedir . "/" . $_FILES["file"]["name"]))
      {
      echo "<p>The uploaded file already exists. If you would like to submit the document again, please rename the file.</p>";
      }
	  
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"], $savedir . "/" . $_FILES["file"]["name"]);
      //echo "Stored in: " . $savedir . "/" . $_FILES["file"]["name"];

      // print result
      echo "<p>Updload successful.</p>";

          }
       }	
  }
else
  {
  echo "<p>File could not be uploaded.</p>";
  }
2

Maybe they upload large files that exceed the POST limit. You should check the $_FILES[“file”][“error”]


function check_upload_error($code)
{
    $err = '';
    switch ($code)
    {
        case 0: $err = 'OK';
            break;
        case 1: $err = 'File was too large';
            break;
        case 2: $err = 'File was too large';
            break;
        case 3: $err = 'The uploaded file was only partially uploaded';
            break;
        case 4: $err = 'No file was uploaded';
            break;
        case 6: $err = 'Missing a temporary folder';
            break;
        case 7: $err = 'Failed to write file to disk';
            break;
        case 8: $err = 'File upload stopped by extension';
            break;
        default: $err = 'Unknown error';
    }
    return $err;
}
3

Hi Steve,
Thanks for that code. The thing is that when I receive the same file by email and upload it myself, it works for me every time.
At first I thought it might have to do with the file size restriction, but even after taking that out, it still fails to work for some.
So the thing is, it works for me… on win7 firefox 3.6.12 and with ie and with chrome. have also tested on mac and linux. So I can’t even be unsuccessful and see the error code… But I will put that in so that when it fails people can report back.

Any other ideas for now though? Thanks :wink:

4

Without being able to see the error, there are 2 cases I can come up with.

  1. The size
  2. Script timeout
    But without knowing the error there is nothing to start with.
5

Hi Steve,
Thanks for your replies.
I thought that the lines at the start of my code do say to echo the error code.
But no one reported seeing that. Instead it they just got the message at the very bottom…
Why would it do that??
Cheers :slight_smile:
suzanne


if ($_FILES["file"]["type"] == "application/pdf")
// removed file size restriction && ($_FILES["file"]["size"] < 2000000)
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
    }
  else ....

....else
  {
  echo "<p>File could not be uploaded.</p>";
6

[COLOR=#000066]


[COLOR=black][COLOR=#000066]move_uploaded_file[/COLOR][COLOR=#66cc66]([/COLOR][COLOR=#0000cc]$_FILES[/COLOR][COLOR=#66cc66][[/COLOR][COLOR=#cc0000]"file"[/COLOR][COLOR=#66cc66]][/COLOR][COLOR=#66cc66][[/COLOR][COLOR=#cc0000]"tmp_name"[/COLOR][COLOR=#66cc66]][/COLOR], [COLOR=#0000cc]$savedir[/COLOR] . [COLOR=#cc0000]"/"[/COLOR] . [COLOR=#0000cc]$_FILES[/COLOR][COLOR=#66cc66][[/COLOR][COLOR=#cc0000]"file"[/COLOR][COLOR=#66cc66]][/COLOR][COLOR=#66cc66][[/COLOR][COLOR=#cc0000]"name"[/COLOR][COLOR=#66cc66]][/COLOR][COLOR=#66cc66])[/COLOR];
[/COLOR]
[COLOR=#ff9900][I][COLOR=black]//echo "Stored in: " . $savedir . "/" . $_FILES["file"]["name"];[/COLOR][/I]
[/COLOR]
 
 
[COLOR=#ff9900][I][COLOR=black]// print result[/COLOR][/I]
[/COLOR]
[COLOR=black]     [COLOR=#000066]echo[/COLOR] [COLOR=#cc0000]"<p>Updload successful.</p>"[/COLOR];
[/COLOR]

move_uploaded_file() returns true or false and in the above code snippet

[COLOR=#000066][COLOR=#000066]


[COLOR=#000066][COLOR=black][COLOR=#000066]echo[/COLOR] [COLOR=#cc0000]"<p>Updload successful.</p>"[/COLOR];
[/COLOR][/COLOR]

will be executed regardless of what move_uploaded_file() returns.
[/COLOR][/COLOR]

[/COLOR]

7

Kalon:

Good catch, that should certainly be tested for. Try

if (move_uploaded_file()) {

// Ok

} else {

// Failure message

}

However, this was not the issue being raised.

The reason for the output of the message at the end is that either the file uploaded is not a pdf, or the browser is not supplying the correct mime type. I would be wary about counting on any details which the browser supplies being correct; headers, referer etc.

EDIT: Hm, I am unsure about what I wrote above. Is the mime type supplied by the browser or is it set server side upon upload? In either case it appears to be a mime type issue.

EDIT2:

Forget that, why is the mime type tested before testing the error? It might be it is not defined if there is an error, but this way you will not know.