Yes, I have had this same upload1file2.php for a long time, but I don’t use it much, because I try to avoid any marking by hand!
I uploaded a couple of files today, then I fetched them with rsync to a folder on my laptop, no problems!
Here is the whole thing, sorry it is messy, I don’t write this stuff for a living!
Perhaps you can suggest a way to change it to reject files that are too large or too small.
<?php
$_SESSION['error'] = 'So far everything is OK.';
$studentnr = $_POST['sn'];
//First, check if the student number is present
if($studentnr == ''){
echo " 错误:没有学号! No student number! <br> ";
echo " Please enter your student number and name. <br>";
echo " Your homework could not be sent. <br>";
echo " 返回再次试一试! Try again!";
exit;
}
include '../../includes/studentdbWriteto.inc.php';
//check if the studentnr exists in this course names and numbers list
$stmt = $pdo->prepare('SELECT 1 FROM allstudents20BE WHERE student_nr = ?');
try{
$stmt->execute([$studentnr]);
//echo 'row count is ' . $stmt->rowCount();
if($stmt->rowCount() == 0){
//echo 'this student is not in the database';
$_SESSION['error'] = 'This student number is not in this class students\' database: <b>' . $studentnr . '</b>. Please try again!';
//echo $_SESSION['error'];
//header('Location: /20PYhw/uploadessaysV1.html.php');
header('Location: /20BEhw/uploadessaysV1.html.php');
//include '../20BEwW9.html.php';
exit();
// if the student number exists, save the answers
}
}
catch(PDOException $e){
$_SESSION['error'] = $e->getMessage();
//echo $_SESSION['error'];
//header("Location: ../19BEwW1.html");
header('Location: /20BEhw/uploadessaysV1.html.php');
exit();
}
$upload_file_name = $_FILES['my_upload']['name'];
//echo 'The file name is ' . $upload_file_name;
//$time = microtime($get_as_float = false);
//$newname = $upload_file_name . '.data_' . $time;
//echo 'newname is ' . $newname;
$path = $_SERVER['DOCUMENT_ROOT'] . '/20BEhw/php/files/';
$q1 = $_POST['cn'];
$q2 = $_POST['sn'];
$q3 = $_POST['email'];
$q4 = $_POST['message'];
$q5 = $_POST['week'];
$newname = $upload_file_name . '_' . $q1 . '_' . $q2 . '_data';
$fp = fopen($path . $newname, 'w');
$savestring = 'Week nr. ' . $q5 . "\n" . 'Chinese name: ' . $q1 . "\n". 'Student number: ' . $q2 . "\n". 'Email address: ' . $q3 . "\n" . 'Message text: ' . $q4 . "\n";
fwrite($fp, $savestring);
fclose($fp);
//echo ' Your data has been saved in a text file! <br> ';
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
if (is_uploaded_file($_FILES['my_upload']['tmp_name']))
{
//First, Validate the file name
if(empty($_FILES['my_upload']['name']))
{
echo " The file name is empty! <br> ";
echo " Please select a file. <br>";
echo " Your file could not be sent. <br>";
exit;
}
$upload_file_name = $_FILES['my_upload']['name'];
//Too long file name?
if (strlen($upload_file_name)>100)
{
echo " The file name is too long! <br> ";
echo " Please make the file name shorter. <br>";
echo " Your file could not be sent. <br>";
exit;
}
//replace any non-alpha-numeric characters in th file name
$upload_file_name = preg_replace("/[^A-Za-z0-9 \.\-_]/", '', $upload_file_name);
//set a limit to the file minimum size
if ($_FILES['my_upload']['size'] < 5000)
{
echo " 错误!! <br> ";
echo " The file you are sending is too small. <br> ";
echo " Your essay should be about 15kB or more. <br> ";
echo " This is cannot be an essay <br>";
echo " Please check the file you are sending and send again. <br>";
echo " Your file could not be sent. <br>";
exit;
}
//set a limit to the file upload size
if ($_FILES['my_upload']['size'] > 512000)
{
echo " The file you are sending is too big. <br> ";
echo " The maximum size should be less than 5MB <br>";
echo " Please send a smaller file or send the file in an email. <br>";
echo " Your file could not be sent. <br>";
exit;
}
//Save the file
$dest=__DIR__.'/files/'.$q5.$q2.$upload_file_name;
if (move_uploaded_file($_FILES['my_upload']['tmp_name'], $dest))
{
//echo " Your contact details have been saved. <br>";
//echo 'Your file has been uploaded to our cloud! <br> ';
//echo 'We will contact you very soon! <br> ';
}
}
}
?>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Success</title>
<link rel="stylesheet" type="text/css" href="css/mystyle5.css" />
</head>
<body>
<div id="div-success">
成功!Your data has been saved.</div><br>
<div> <h1>The date and time now is:</h1> </div><br>
<div id="div-date"<div> <h1>The date and time now is:</h1> </div><br>> </div><br>
<div id="div-namenumber"> Name: <?=$q1;?> --|-- Student number: <?=$q2;?> </div><br>
<div id="div-list">
<ul>
<li> <a href="http://www.mywebpage.com">反回.<p> Go back to the homepage. </p> </a> </li>
<li> <a href="http://www.ted.com">更多有趣的<p> Go somewhere interesting.</p></a> </li>
<li> <a href="https://breakingnewsenglish.com/">更多有趣的<p> Go somewhere interesting.</p></a> </li>
<li> <a href="https://learnenglish.britishcouncil.org/">更多有趣的<p> Go somewhere interesting.</p></a> </li>
</ul>
<script>
document.getElementById("div-date").innerHTML = formatAMPM();
function formatAMPM() {
var d = new Date(),
minutes = d.getMinutes().toString().length == 1 ? '0'+d.getMinutes() : d.getMinutes(),
hours = d.getHours().toString().length == 1 ? '0'+d.getHours() : d.getHours(),
ampm = d.getHours() >= 12 ? 'pm' : 'am',
months = ['Jan','Feb','Mar','Apr','May','Jun','Jul','Aug','Sep','Oct','Nov','Dec'],
days = ['Sun','Mon','Tue','Wed','Thu','Fri','Sat'];
return days[d.getDay()]+' '+months[d.getMonth()]+' '+d.getDate()+' '+d.getFullYear()+' '+hours+':'+minutes+ampm;
}
</script>
</div>
</body>
</html>
