// Note: if filesize excededs the limit in html file, the browser will terminate the upload
// and return a length of 0 bytes.
if ($filesize==0){
echo "The file you specified is either an invalid name, contains Zero bytes, or exceded $maxbytesk bytes";
}else if ($filesize > $maxbytes) {
echo "The file exceded the $maxbytesk limit";
exit;
}else if (!in_array($filetype,$imgarray)){
echo 'Invalid filetype. Please use only a .JPG, .GIF, or .PNG file.';
}
print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $newfilename)) {
print "File is valid, and was successfully uploaded.\n\n";
echo "The new filename is: $newfilename\n\n";
} else {
print "File was not uploaded!\n";
}
print "Here's some more debugging info:\n";
print_r($_FILES);
thanks for the script. i cant get it to work though
im getting a error like this.
Warning: Unable to create '/home/htdocs/hosted/draganddrop/06-02-03_utest.jpeg': Permission denied in /home/htdocs/hosted/draganddrop/drag-drop.net/portfolio/upload/upload.php on line 15
Warning: Unable to move '/tmp/phpAwMfVX' to '/home/htdocs/hosted/draganddrop/06-02-03_utest.jpeg' in /home/htdocs/hosted/draganddrop/drag-drop.net/portfolio/upload/upload.php on line 15
File was not uploaded!
Here's some more debugging info:
Array
(
[userfile] => Array
(
[name] => utest.jpeg
[type] => image/jpeg
[tmp_name] => /tmp/phpAwMfVX
[size] => 8685
)
the chmod 777 trick worked great.
thanks for the code.
whats the best way to make these things secure. I was planning to include the upload interface perhaps in a frame as the rest of the backend uses a flash interface. obviously i dont want just anyone uploading to my space. Im not sure what password system i should use to protect both the upload system and the text system. If possible dont want to use two passwords.
Well this must be your lucky day! I just happen to need the same password system for my site, so I didn't mind spending time today writing code.
Using flash for your password system is a bad idea. Flash files are automatically downloaded into everyone's machine. With a simple action script viewer, people can view all the actionscript (including password) embeded in your .SWF file. Even if you put the password into a different file, the acutal password would still be download into everyone's machine. What you really need is a server side script.
Download my code and tell me how it works out for you...
If you've already downloaded my original file above (picupload.zip), you should download the new version (ImageUploader10.zip).
This secure version plugs up the security hole. It uses a separate password file that is only readable by the server it resides on. This way visitors cannot hack your password by attempting to view your configuration file.
It also has animation while uploading.
Glad to be of some help. I wish I had it this easy sometimes...
some how your config.ini & password.ini became a unix based text file instead of a windows based (even if your web server runs unix a windows based file will remain that way if copied instead of created as new). I'll tell you what I mean
compare my file with yours and you'll see
You should see the contents of my file are on separate lines, and the contents of your file are on a single line.
You won't notice a difference in the password file because there is only one line, but there are still invisible control characters.
Did you download and upload my .ini files exactly how they are? That's what needs to be done. If you copy and pasted the contents then that is the problem
I'll email you the two .ini files as an attachment. Hopefully you can download them the way they are and simply upload to your site.
If you still are having problems, give me FTP access to any folder on your account. Email the account name/password to me and I'll upload all the necessary files
could it be the cgi script that you sent me. i cut and pasted them from athe email you sent. this could have adjusted the formatting. for instance when i open config.cgi in a text editor the link to your web site is active (blue)