3

I have written a code which should check whether the file size exceeds 8.5 MB or not & if it does, it should produce and error and also prohibit the post from entering into the DB. The code is prohibiting the post to enter the DB but it is not showing any error stating that the file size exceeds. ( P.S: The check for Unknown File Format is working.) Here is the code i have written:

   //$session id
define ("MAX_SIZE","9000"); 
function getExtension($str)
{
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
}


$valid_formats = array("jpg", "png", "gif", "bmp","jpeg");
if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST") 
{

    $uploaddir = "uploads/"; //a directory inside
    foreach ($_FILES['photos']['name'] as $name => $value)
    {

        $filename = stripslashes($_FILES['photos']['name'][$name]);
        $size=filesize($_FILES['photos']['tmp_name'][$name]);
        //get the extension of the file in a lower case format
        $ext = getExtension($filename);
        $ext = strtolower($ext);

        if(in_array($ext,$valid_formats))
         {
           if ($size < (MAX_SIZE*1024))
           {
             $image_name=time().$filename;
             echo "<img src='".$uploaddir.$image_name."' class='imgList'>";
             $newname=$uploaddir.$image_name;

             if (move_uploaded_file($_FILES['photos']['tmp_name'][$name], $newname)) 
             {
               $time=time();
               mysql_query("INSERT INTO user_uploads(image_name,user_id_fk,created) VALUES('$image_name','$session_id','$time')");




           }
           else
           {
             echo '<p style="color: Red;">You have exceeded the size limit! so moving unsuccessful! </p>';
            }

           }
           else
           {
             echo '<p style="color: Red;">You have exceeded the size limit!</p>';

           }

          }
          else
         { 
            echo '<p style="color: Red;">Unknown extension!</p>';

         }

     }
}
Improve this question
6
  • That function fetches the extension of the file uploaded. Commented May 15, 2015 at 10:19
  • Is the code executing without any errors? What is the value $ext? Commented May 15, 2015 at 10:27
  • $ext fetches the extension of the file uploaded and then converts into lower string. Commented May 15, 2015 at 10:30
  • I see it (and no, $ext is not fetching anything, getExtension method returns result that is assigned to $ext). What is the value of $ext? Commented May 15, 2015 at 10:48
  • The extension check is working properly. The file size check isn't. Commented May 15, 2015 at 10:52

1 Answer 1

Reset to default
2

I changed your code a bit.

You don't need the function getExtension so complicated.

I changed foreach, to loop through the files not through the attributes of the file.

Finally you need to check if the directory exists before moving the file. If not, you should create it.

if(!is_dir($uploaddir)) {
    mkdir($uploaddir);
}

See if this works and check for differences:

<?php
  //$session id
define ("MAX_SIZE","9000"); 
function getExtension($str)
{
         $ext = explode("/",$str);
         return $ext[1];
}


$valid_formats = array("jpg", "png", "gif", "bmp","jpeg");
if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST") 
{

    $uploaddir = "uploads/"; //a directory inside
    foreach ($_FILES as $FILE)
    {

        $filename = stripslashes($FILE['name']);
        $size=$FILE['size'];
        //get the extension of the file in a lower case format
        $ext = getExtension($FILE['type']);
        $ext = strtolower($ext);

        if(in_array($ext,$valid_formats)){
           if ($size < (MAX_SIZE*1024)){
             $image_name=time().$filename;
             echo "<img src='".$uploaddir.$image_name."' class='imgList'>";
             $newname=$uploaddir.$image_name;

             //Before you upload the file to the directory, check if it exists like this
             if(!is_dir($uploaddir)) {
               mkdir($uploaddir);
             }

             if (move_uploaded_file($FILE['name'], $newname)){
               $time=time();
               mysql_query("INSERT INTO user_uploads(image_name,user_id_fk,created) VALUES('$image_name','$session_id','$time')");
             }else{
             echo '<p style="color: Red;">You have exceeded the size limit! so moving unsuccessful! </p>';
             }
           }else{
             echo '<p style="color: Red;">You have exceeded the size limit!</p>';
           }
          }else{ 
            echo '<p style="color: Red;">Unknown extension!</p>';

         }

     }
}

It finally worked in my computer so assume it will be working for you to. I hope I helped

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Yes, i am checking 9.216 MB only. Its still not working. Try and change the values, all the checks are working except the file size one.
Are you getting any warnings on the foreach statement? Your also doing something wrong on the foreach statement. Give me min

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.