// Folder to upload files to. Must end with slash / define('DESTINATION_FOLDER','uploads/2008/');
// Maximum allowed file size, Kb // Set to zero to allow any size define('MAX_FILE_SIZE', 0);
// Upload success URL. User will be redirected to this page after upload. define('SUCCESS_URL','update-success.php');
// Allowed file extensions. Will only allow these extensions if not empty. // Example: $exts = array('avi','mov','doc'); $exts = array('doc','docx');
// rename file after upload? false - leave original, true - rename to some unique filename define('RENAME_FILE', false);
// put a string to append to the uploaded file name (after extension); // this will reduce the risk of being hacked by uploading potentially unsafe files; // sample strings: aaa, my, etc. define('APPEND_STRING', '');
// Need uploads log? Logs would be saved in the MySql database. define('DO_LOG', false);
// MySql data (in case you want to save uploads log) define('DB_HOST','localhost'); // host, usually localhost define('DB_DATABASE','test'); // database name define('DB_USERNAME','root'); // username define('DB_PASSWORD',''); // password
/* NOTE: when using log, you have to create mysql table first for this script. Copy paste following into your mysql admin tool (like PhpMyAdmin) to create table If you are on cPanel, then prefix _uploads_log on line 205 with your username, so it would be like myusername_uploads_log
#################################################################### ### END OF SETTINGS. DO NOT CHANGE BELOW ####################################################################
// Allow script to work long enough to upload big files (in seconds, 2 days by default) @set_time_limit(172800);
// following may need to be uncommented in case of problems // ini_set("session.gc_maxlifetime","10800");
function showUploadForm($message='') { $max_file_size_tag = ''; if (MAX_FILE_SIZE > 0) { // convert to bytes $max_file_size_tag = "<input name='MAX_FILE_SIZE' value='".(MAX_FILE_SIZE*1024)."' type='hidden' >\n"; }
// Load form template include ('file-update.html'); }
// errors list $errors = array();
$message = '';
// we should not exceed php.ini max file size $ini_maxsize = ini_get('upload_max_filesize'); if (!is_numeric($ini_maxsize)) { if (strpos($ini_maxsize, 'M') !== false) $ini_maxsize = intval($ini_maxsize)*1024*1024; elseif (strpos($ini_maxsize, 'K') !== false) $ini_maxsize = intval($ini_maxsize)*1024; elseif (strpos($ini_maxsize, 'G') !== false) $ini_maxsize = intval($ini_maxsize)*1024*1024*1024; } if ($ini_maxsize < MAX_FILE_SIZE*1024) { $errors[] = "Alert! Maximum upload file size in php.ini (upload_max_filesize) is less than script's MAX_FILE_SIZE"; }
// show upload form if (!isset($_POST['submit'])) { showUploadForm(join('',$errors)); }
// process file upload else {
while(true) {
// make sure destination folder exists if (!@file_exists(DESTINATION_FOLDER)) { $errors[] = "Destination folder does not exist or no permissions to see it."; break; }
// check for upload errors $error_code = $_FILES['filename']['error']; if ($error_code != UPLOAD_ERR_OK) { switch($error_code) { case UPLOAD_ERR_INI_SIZE: // uploaded file exceeds the upload_max_filesize directive in php.ini $errors[] = "File is too big (1)."; break; case UPLOAD_ERR_FORM_SIZE: // uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form $errors[] = "File is too big (2)."; break; case UPLOAD_ERR_PARTIAL: // uploaded file was only partially uploaded. $errors[] = "Could not upload file (1)."; break; case UPLOAD_ERR_NO_FILE: // No file was uploaded $errors[] = "Could not upload file (2)."; break; case UPLOAD_ERR_NO_TMP_DIR: // Missing a temporary folder $errors[] = "Could not upload file (3)."; break; case UPLOAD_ERR_CANT_WRITE: // Failed to write file to disk $errors[] = "Could not upload file (4)."; break; case 8: // File upload stopped by extension $errors[] = "Could not upload file (5)."; break; } // switch
// leave the while loop break; }
// get file name (not including path) $filename = @basename($_FILES['filename']['name']);
// filename of temp uploaded file $tmp_filename = $_FILES['filename']['tmp_name'];
$file_ext = @strtolower(@strrchr($filename,".")); if (@strpos($file_ext,'.') === false) { // no dot? strange $errors[] = "Suspicious file name or could not determine file extension."; break; } $file_ext = @substr($file_ext, 1); // remove dot
// check file type if needed if (count($exts)) { /// some day maybe check also $_FILES['user_file']['type'] if (!@in_array($file_ext, $exts)) { $errors[] = "Files of this type are not allowed for upload."; break; } }
// destination filename, rename if set to $dest_filename = $filename; if (RENAME_FILE) { $dest_filename = md5(uniqid(rand(), true)) . '.' . $file_ext; } // append predefined string for safety $dest_filename = $dest_filename . APPEND_STRING;
// get size $filesize = intval($_FILES["filename"]["size"]); // filesize($tmp_filename);
// make sure file size is ok if (MAX_FILE_SIZE > 0 && MAX_FILE_SIZE*1024 < $filesize) { $errors[] = "File is too big (3)."; break; }
if (!@move_uploaded_file($tmp_filename , DESTINATION_FOLDER . $dest_filename)) { $errors[] = "Could not upload file (6)."; break; }
if (DO_LOG) { // Establish DB connection $link = @mysql_connect(DB_HOST, DB_USERNAME, DB_PASSWORD); if (!$link) { $errors[] = "Could not connect to mysql."; break; } $res = @mysql_select_db(DB_DATABASE, $link); if (!$res) { $errors[] = "Could not select database."; break; } $m_ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); $m_size = $filesize; $m_fname = mysql_real_escape_string($dest_filename);
$log_id=$_POST[log_id];
$sql = "UPDATE _uploads_log SET courseName='".$_POST[courseName]."',log_filename='$m_fname',log_size='$m_size',log_ip='$m_ip' WHERE log_id=$log_id""; $res = @mysql_query($sql); if (!$res) { $errors[] = "Could not run query."; break; } @mysql_free_result($res); @mysql_close($link); } // if (DO_LOG)
<tr> <td>Report: </td> <td> <?php echo "Uploaded File: <img src='images/msword_icon.png' height='16' width='16' title='$log_filename'> <a href='uploads/2009/$log_filename' target='_blank'>$log_filename</a>";?> <br /> <small> In case you want update the above file click browse to select a new file</small
<input type='file' size='40' name='filename'> <br /> <small> ** Your file must be in Microsoft Word (*.doc /docx) format</small>
if i just want to update the coursename and not update the uploaded file and click the update button i received error message 'could not upload file (2)' no file uploaded
i comment out this..same problem
PHP Code:
case UPLOAD_ERR_NO_FILE: // No file was uploaded $errors[] = "Could not upload file (2)."; break;
a. update both the uploaded file (upload a new file) and course name - successs
b. - upload a new file only..click update button..success
c. update coursename only - click update button .....error
case UPLOAD_ERR_NO_FILE: //No file was uploaded //$errors[] = "Could not upload file (2)."; $log_id=$_POST[log_id]; mysql_query("UPDATE _uploads_log SET courseName='".$_POST[courseName]."' WHERE log_id=$log_id"); header('Location: ' . SUCCESS_URL);
In file_update.php you want to add a condition that looks at the file size.
It will equal 0 if no file is selected for upload.
And you want to put the file upload commands in side this condition.
Like this:
PHP Code:
while(true) { if($_FILES['filename']['size'] != 0) { // make sure destination folder exists if (!@file_exists(DESTINATION_FOLDER)) { $errors[] = "Destination folder does not exist or no permissions to see it."; break; } // check for upload errors $error_code = $_FILES['filename']['error']; if ($error_code != UPLOAD_ERR_OK) { switch($error_code) { case UPLOAD_ERR_INI_SIZE: // uploaded file exceeds the upload_max_filesize directive in php.ini $errors[] = "File is too big (1)."; break; case UPLOAD_ERR_FORM_SIZE: // uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form $errors[] = "File is too big (2)."; break; case UPLOAD_ERR_PARTIAL: // uploaded file was only partially uploaded. $errors[] = "Could not upload file (1)."; break; case UPLOAD_ERR_NO_FILE: // No file was uploaded $errors[] = "Could not upload file (2)."; break; case UPLOAD_ERR_NO_TMP_DIR: // Missing a temporary folder $errors[] = "Could not upload file (3)."; break; case UPLOAD_ERR_CANT_WRITE: // Failed to write file to disk $errors[] = "Could not upload file (4)."; break; case 8: // File upload stopped by extension $errors[] = "Could not upload file (5)."; break; } // switch // leave the while loop break; } // get file name (not including path) $filename = @basename($_FILES['filename']['name']); // filename of temp uploaded file $tmp_filename = $_FILES['filename']['tmp_name']; $file_ext = @strtolower(@strrchr($filename,".")); if (@strpos($file_ext,'.') === false) { // no dot? strange $errors[] = "Suspicious file name or could not determine file extension."; break; } $file_ext = @substr($file_ext, 1); // remove dot // check file type if needed if (count($exts)) { /// some day maybe check also $_FILES['user_file']['type'] if (!@in_array($file_ext, $exts)) { $errors[] = "Files of this type are not allowed for upload."; break; } } // destination filename, rename if set to $dest_filename = $filename; if (RENAME_FILE) { $dest_filename = md5(uniqid(rand(), true)) . '.' . $file_ext; } // append predefined string for safety $dest_filename = $dest_filename . APPEND_STRING; // get size $filesize = intval($_FILES["filename"]["size"]); // filesize($tmp_filename); // make sure file size is ok if (MAX_FILE_SIZE > 0 && MAX_FILE_SIZE*1024 < $filesize) { $errors[] = "File is too big (3)."; break; } if (!@move_uploaded_file($tmp_filename , DESTINATION_FOLDER . $dest_filename)) { $errors[] = "Could not upload file (6)."; break; } }
Linear Mode
