 |  |  |  |  |  |  |  |
File upload help
Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
Thread Solved
 |
•
•
Join Date: Feb 2008
Posts: 52
Reputation: 
Solved Threads: 0
Junior Poster in Training
Is there anything wrong with this script?
PHP Syntax (Toggle Plain Text)
Hi Scottmandoo,
best if you place this at the top and run it:
Then you could post the error messages and I'll explain what they mean.
Also, could you please edit your post and add "=php" into the tag code (code=php)? It will tell this forum to use PHP language syntax highlighting and the source code will be much easier to read.
As a bonus, here's a simpler getExtension() function:
best if you place this at the top and run it:
php Syntax (Toggle Plain Text)
Also, could you please edit your post and add "=php" into the tag code (code=php)? It will tell this forum to use PHP language syntax highlighting and the source code will be much easier to read.
As a bonus, here's a simpler getExtension() function:
php Syntax (Toggle Plain Text)
Petr 'PePa' Pavel
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
•
•
Join Date: Feb 2008
Posts: 52
Reputation:
Solved Threads: 0
Junior Poster in Training
Heres what I got...
Notice: Undefined index: rom_name in /www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/insert-gba.php on line 490
Notice: Undefined index: rom in /www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/insert-gba.php on line 491
Notice: Undefined variable: error in /www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/insert-gba.php on line 503
Please choose a ROM to upload
Warning: mysql_close(): no MySQL-Link resource supplied in /www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/insert-gba.php on line 540
Wheres the edit button? Anyway heres my code again using the php code thing
EDIT: found the edit button, but for some reason it doesnt show up on my first post
Notice: Undefined index: rom_name in /www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/insert-gba.php on line 490
Notice: Undefined index: rom in /www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/insert-gba.php on line 491
Notice: Undefined variable: error in /www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/insert-gba.php on line 503
Please choose a ROM to upload
Warning: mysql_close(): no MySQL-Link resource supplied in /www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/insert-gba.php on line 540
Wheres the edit button? Anyway heres my code again using the php code thing
php Syntax (Toggle Plain Text)
EDIT: found the edit button, but for some reason it doesnt show up on my first post
Last edited by Scottmandoo; Mar 17th, 2008 at 8:51 am.
Thanks for the syntax highlighting it's much better.
The errors you are getting aren't deadly. So why do you think there's something wrong with the script?
Looking at the script I have a few suggestions:
* don't use copy() for moving uploaded files as most hostings will not like it.
First test if the upload was successful:
and then move it with
* $romName most likely doesn't contain a valid path
It should be
/www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/files/....
not just
/gba_roms/files/...
Best if you use $_SERVER["DOCUMENT_ROOT"].'/gba_roms/files/'...
* you should move mysql_close() two lines higher just after mysql_query()
Now it attempts to close a non-existing connection if $error > 0.
* you shouldn't insert values taken from $_POST/$_GET directly into database without running it through mysql_real_escape_string(). A hacker could use this security hole to wipe out your database or replace its content with malicious data.
The errors you are getting aren't deadly. So why do you think there's something wrong with the script?
Looking at the script I have a few suggestions:
* don't use copy() for moving uploaded files as most hostings will not like it.
First test if the upload was successful:
php Syntax (Toggle Plain Text)
php Syntax (Toggle Plain Text)
* $romName most likely doesn't contain a valid path
It should be
/www/10gbfreehost.com/b/l/a/blastburners/htdocs/gba_roms/files/....
not just
/gba_roms/files/...
Best if you use $_SERVER["DOCUMENT_ROOT"].'/gba_roms/files/'...
* you should move mysql_close() two lines higher just after mysql_query()
Now it attempts to close a non-existing connection if $error > 0.
* you shouldn't insert values taken from $_POST/$_GET directly into database without running it through mysql_real_escape_string(). A hacker could use this security hole to wipe out your database or replace its content with malicious data.
Petr 'PePa' Pavel
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
•
•
Join Date: Feb 2008
Posts: 52
Reputation:
Solved Threads: 0
Junior Poster in Training
Thanks it works now, just one more problem though, when I upload files over 2mb it doesnt work. I get the first error "Please choose a rom to upload!"
Also you may knowtice in this script it doesnt contain most of your advice, this is because when I tried it my page just loaded blank, unless I did it wrong let me know.
Also note I am able to upload up to 8mb on my host and have successfully done so with an FTP client.
php Syntax (Toggle Plain Text)
Also you may knowtice in this script it doesnt contain most of your advice, this is because when I tried it my page just loaded blank, unless I did it wrong let me know.
Also note I am able to upload up to 8mb on my host and have successfully done so with an FTP client.
Last edited by peter_budo; Mar 24th, 2008 at 7:18 am. Reason: User reguest
Hi there,
because you posted your database login info here you will have to change it. Otherwise the first hacker who happens to read this (e.g. using an automated search script) will either erase your database or fill it with malicious data.
Now back to bug hunting: I suggest you keep
at the top until you solve all problems.
This should show you what is the reason for getting a blank screen.
The 2MB is default file upload PHP limit, that's why it didn't affect you when you used FTP.
It's very likely that you aren't allowed to change this settings unless you have a very benevolent hosting provider. If you are though, then you have these options:
Now why so many settings. There's a limit for file size (upload_max_filesize) but there's also a limit for how much you can send through POST (post_max_size). The only meaningful method of sending files is using POST but files aren't all you can send with POST. That's why there are two limits.
Then max_input_time limits how long the script waits for input (until your files are transmitted). Calculate it using your Internet connection speed and max file size.
Input time (I think) counts into execution time so you have to set max_execution_time as well.
Again, I'm not sure but I think that uploaded files count into your memory limit (memory_limit). Maybe not if you don't read them into memory (e.g. file_get_contents()) but it's up to you to find out.
because you posted your database login info here you will have to change it. Otherwise the first hacker who happens to read this (e.g. using an automated search script) will either erase your database or fill it with malicious data.
Now back to bug hunting: I suggest you keep
php Syntax (Toggle Plain Text)
This should show you what is the reason for getting a blank screen.
The 2MB is default file upload PHP limit, that's why it didn't affect you when you used FTP.
It's very likely that you aren't allowed to change this settings unless you have a very benevolent hosting provider. If you are though, then you have these options:
- If you run the server yourself then locate php.ini and edit upload_max_filesize, post_max_filesize, max_execution_time, max_input_time and memory_limit. I'll explain them later.
- Or if your server runs web server Apache and .htaccess parsing is on then put file .htaccess into the same directory as your script. Its name really starts with a dot. Some FTP clients don't show unix hidden files by default - and hidden files = dot files. So don't be surprised if you upload the file and don't see it then in the listing. Check your FTP client settings. This should be in it (use your own values):
Note: I think you have to use Unix line endings if your server is on *nix although I'm not sure.PHP Syntax (Toggle Plain Text)- php_value upload_max_filesize 100M
- php_value post_max_size 100M
- php_value max_execution_time 1800
- php_value max_input_time 1800
- php_value memory_limit 100M
- or you have to use ini_set() functions to set the values in PHP
e.g.ini_set("upload_max_filesize" , "10M");
Now why so many settings. There's a limit for file size (upload_max_filesize) but there's also a limit for how much you can send through POST (post_max_size). The only meaningful method of sending files is using POST but files aren't all you can send with POST. That's why there are two limits.
Then max_input_time limits how long the script waits for input (until your files are transmitted). Calculate it using your Internet connection speed and max file size.
Input time (I think) counts into execution time so you have to set max_execution_time as well.
Again, I'm not sure but I think that uploaded files count into your memory limit (memory_limit). Maybe not if you don't read them into memory (e.g. file_get_contents()) but it's up to you to find out.
Last edited by petr.pavel; Mar 19th, 2008 at 8:06 am. Reason: icode syntax
Petr 'PePa' Pavel
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
•
•
Join Date: Feb 2008
Posts: 52
Reputation:
Solved Threads: 0
Junior Poster in Training
Sorry I havnt replied for a while, I've been on holidays for the weekend and just gut back.
My web server doesnt allow .htaccess files because...
So I have asked my web server admin if theres any chance of changing those settings in the php.ini with no reply as of yet. Though the web host on very new and is still constantly changing settings to help out its members so theres a high chance the settings will get changed.
What I want to know is, if the host asks what I want all these settings (upload_max_filesize, post_max_filesize, max_execution_time, max_input_time and memory_limit) changed to what should I say? Remember the max file size my host accepts for free accounts is currently 8mb.
My web server doesnt allow .htaccess files because...
•
•
•
•
htaccess eats a lot of server resources and this is why it is not allowed on our free plan.
What I want to know is, if the host asks what I want all these settings (upload_max_filesize, post_max_filesize, max_execution_time, max_input_time and memory_limit) changed to what should I say? Remember the max file size my host accepts for free accounts is currently 8mb.
Last edited by Scottmandoo; Mar 24th, 2008 at 6:08 am.
Hi Scottmandoo,
I'm a bit confused. Are you saying that the total file size of all files in your hosting must not be higher than 8 MB? Boy that's not much :-) Try http://pipni.cz/ - you get 1.5 GB there for free (it's a Czech server but you can switch the language to English).
If your limit for all files really is 8MB then you have to modify your script to check what the file size of already uploaded files is.
Let's assume that you want to limit max size of the file being uploaded to 7MB:
upload_max_filesize 7M
post_max_size 7M
(If you are going to read the file into memory then set memory_limit too.)
Now let me show you how you are going to calculate the other two:
We have to decide what is the slowest Internet connection that you will support. Let's make it 256 kpbs (uplink), for instance.
Here's the formula:
y = (256/8) speed in kilobytes per second
x = (7*1024 / y) how many seconds it would take to upload a 7MB file
Result is: 224 seconds
This would be true if your customer is able to use full this theoretical speed throughout the whole upload time which is impossible. So I suggest that you multiply it by 1.5 to provide some cushion.
Your value would be then 336 seconds:
max_input_time 336
You don't have to touch max_execution_time because your script doesn't really do anything, it just moves the file, it doesn't process it. (I'd like to correct my earlier statement here - input time doesn't count into execution time)
I'm a bit confused. Are you saying that the total file size of all files in your hosting must not be higher than 8 MB? Boy that's not much :-) Try http://pipni.cz/ - you get 1.5 GB there for free (it's a Czech server but you can switch the language to English).
If your limit for all files really is 8MB then you have to modify your script to check what the file size of already uploaded files is.
Let's assume that you want to limit max size of the file being uploaded to 7MB:
upload_max_filesize 7M
post_max_size 7M
(If you are going to read the file into memory then set memory_limit too.)
Now let me show you how you are going to calculate the other two:
We have to decide what is the slowest Internet connection that you will support. Let's make it 256 kpbs (uplink), for instance.
Here's the formula:
y = (256/8) speed in kilobytes per second
x = (7*1024 / y) how many seconds it would take to upload a 7MB file
Result is: 224 seconds
This would be true if your customer is able to use full this theoretical speed throughout the whole upload time which is impossible. So I suggest that you multiply it by 1.5 to provide some cushion.
Your value would be then 336 seconds:
max_input_time 336
You don't have to touch max_execution_time because your script doesn't really do anything, it just moves the file, it doesn't process it. (I'd like to correct my earlier statement here - input time doesn't count into execution time)
Petr 'PePa' Pavel
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
•
•
Join Date: Feb 2008
Posts: 52
Reputation:
Solved Threads: 0
Junior Poster in Training
•
•
•
•
Originally Posted by petr.pavel 
Are you saying that the total file size of all files in your hosting must not be higher than 8 MB? Boy that's not much :-) Try http://pipni.cz/
Also so what your saying is I only need the following editted?
upload_max_filesize 8M
post_max_size 8M
max_input_time 384
My Sites: SlickTunes and Loved By Design
If you are going to do only what you do now: move the file from temporary location to permanent location then yes, set only these three ini attributes.
If you are going to process the ROM files though, (extract something from it or rearrange it) then you will also have to set memory_limit and max_execution_time.
If you are going to process the ROM files though, (extract something from it or rearrange it) then you will also have to set memory_limit and max_execution_time.
Petr 'PePa' Pavel
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
The more information you give the more relevant answer you get.
Please consider using "Add to ... Reputation" and mark your thread as Solved if you found what you were looking for. By giving feedback you help others.
|
Similar Threads
- File Upload Help (PHP)
- File upload problem (PHP)
- Need file upload code for word Doc (HTML and CSS)
Other Threads in the PHP Forum
- Previous Thread: print function.
- Next Thread: send data from while loop to mysql database
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest PHP Posts
- Today's Posts
- Unanswered Threads
301 advanced apache api array autosuggest basics beginner broken cakephp class cms code combobox compression cron curl data database date datepart display dropdownlist dynamic email eregi error execution file files folder form forms function functions google head href htaccess html httppost if...loop image include includingmysecondfileinthechain ip javascript job joomla jquery js key library limit link login md5 menu mlm multiple mysql mysql_real_escape_string oop password paypal pdf pdfdownload php phpvotingscript problem procedure query random screen script search searchbox server session sessions smarty source space sql stored system table traffic tutorial unicode upload url variable video volume votedown web website youtube zend