Upload Restrictions For txt File Not working

system · September 30, 2011, 1:07am

Hi all, and thank you in advance for your time!

When running this code’s upload form, uploaded a “Resume.txt.” file, the code always jumps to printing “Invalid file” It does not do so if i remove all of the file type restrictions. I don’t know what I am doing wrong, since it allows “text/plain” files.

When the restrictions are not even there though the output is :

Upload:
Type:
Size: 0 Kb
Temp file:
already exists.

But there is no file in the uploads folder already existing. I am quite confused.

I know this code isnt secure or anything, that will be explored after I figure this out, it’s killin’ me! Any explanations for these would be most appreciated! Thank you.

[code]if ((($_FILES[“file”][“type”] == “image/gif”)
|| ($_FILES[“file”][“type”] == “image/jpeg”)
|| ($_FILES[“file”][“type”] == “image/pjpeg”)
|| ($_FILES[“file”][“type”] == “text/plain”))
&& ($_FILES[“file”][“size”] < 20000))
{
if ($_FILES[“file”][“error”] > 0) {
echo "Return Code: " . $_FILES[“file”][“error”] . “
”;
}
else {
echo "Upload: " . $_FILES[“file”][“name”] . “
”;
echo "Type: " . $_FILES[“file”][“type”] . “
”;
echo “Size: " . ($_FILES[“file”][“size”] / 1024) . " Kb
”;
echo "Temp file: " . $_FILES[“file”][“tmp_name”] . “
”;

      if (file_exists("upload/" . $_FILES["file"]["name"])) {
          echo $_FILES["file"]["name"] . " already exists. ";
      } else {
         
          if (move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"])) {
              echo "The file " . basename($_FILES['file']['name']) . " has been uploaded";
          } else {
              
              echo "There was an error uploading the file, please try again!";
          }
          echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
      }
  }

} else {
echo “Invalid file”;
}[/code]

CodeR70 · September 30, 2011, 8:50am

If you post the form code then I will test it on my server.

sabinmash005 · October 1, 2011, 3:48am

Here is the code (different username now that i registered):

<!DOCTYPE html>
<html lang="en">

<head>
	<meta charset="utf-8">

	<meta http-equiv="x-ua-compatible" content="ie=edge">
	<!--[if lt IE 9]>
	<script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
	<![endif]-->

	<title></title>
	<meta name="description" content="">
	<base href="/">

	<!-- for mobile devices -->
	<meta name="viewport" content="width=device-width, initial-scale=1.0">

	<link rel="stylesheet" href="stylesheet/reset.css">
	<link rel="stylesheet" href="stylesheet/stylesheet.css">
</head>

<body>
<h1>Registration</h1>
<h2>Enter your information below.</h2>
<form action="Slides03_ex1_process.php" method=post>
<table border = 0>
<tr>
	<td>Name</td>
	<td align="left"><input type="text" name="name" size="30" maxlength=30"></td>
</tr>
<tr>
	<td>Email</td>
	<td align="left"><input type="text" name="email" size="30" maxlength="30"></td>
</tr>

<td>
<form name="myform" enctype="multipart/form-data" action="Slides03_ex1_process.php">
<input name="upload" type="file">
</FORM>
</td>

<tr>
	<td colspan="2" align="center"><input type="submit" value="Submit Order"></td>
</tr>
</table>
</form>
</body>

sabinmash005 · October 2, 2011, 6:24am

Problem solved.

The form named the file “upload” while the php script was looking for a file named “file”.

More importantly, the form was inside another form.

Thanks for all your input!