Php folks,
Here is my attempt to build a php uploading script using my REQUIREMENTS mentioned above in my original post.
I have yet to do the file renaming.
Notice the comments in CAPITALS.
Also notice that, I have commented-out many code lines. That is because those lines weren't working.
I'd appreciate it if you could point-out my errors in those lines so I can see my mistakes.
And, I would most appreciate it if you could show me snippets how those lines should be.
Q1. How should I have coded my mkdir() as that line is not working ? I get no error on my local host xamp. But I get error on my website:
Warning: mkdir(): Permission denied in /home/domain/public_html/upload.php on line 35.mkdir($directory_path . $user, "$mode", TRUE); //IS THIS LINE CORRECT ?
Q2. How should I have coded my move_uploaded_file() as that line is not working. Not moving the file.
//Move uploaded File to newly created directory on the server.
//move_uploaded_file("$file_tmp", "$directory_path" . "$user" . "/" . "$file_name"); //IS THIS LINE CORRECT ?
//move_uploaded_file("$file_tmp", "$directory_path" . "$user/" . "$file_name"); //IS THIS LINE CORRECT ?
move_uploaded_file("$file_tmp", $directory_path . $user . '/' . $file_name); //IS THIS LINE CORRECT ?
Q3. Is my webform html 5 compatible/compliant ?
<form METHOD="POST" ACTION="" enctype="multipart/form-data">
<fieldset>
<p align="left"><h3>
<?php $site_name ?> ID Video Verification Form</h3></p>
<div class="form-group">
<p align="left"<label>Video File: </label>
<input type="file" name="id_verification_video_file" id="id_verification_video_file" value="uploaded 'Id Verification Video File.'"></p>
</div>
</fieldset>
<p align="left"><button type="submit" class="btn btn-default" name="id_verification_video_file_submit">Submit!</button></p>
</form>
Q4. Anything else I should know ?
Here is my code below.
NOTE:
The header_account.php includes more files.
The $user is defined via SESSION from one of those included files. So don't worry that I have not defined the $user here. Error reporting is ON and I am not getting any error regarding the $user.
<?php
//ERROR REPORTING CODES.
declare(strict_types=1);
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
?>
Full Code: upload.php
<?php
//Required PHP Files.
include 'header_account.php'; //Required on all webpages of the Site.
?> <?php
if (!$conn)
{
$error = mysqli_connect_error();
$errno = mysqli_connect_errno();
print "$errno: $error\n";
exit();
}
if($_SERVER["REQUEST_METHOD"] == "POST")
{
//Check whether the file was uploaded or not without any errors.
if(!isset($_FILES["id_verification_video_file"]) && $_FILES["id_verification_video_file"]["Error"] == 0)
{
$Errors = Array();
$Errors[] = "Error: " . $_FILES["id_verification_video_file"] ["ERROR"];
print_r($_FILES); ?><br>
<?php
print_r($_ERRORS);
exit();
}
else
{
//Feed Id Verification Video File Upload Directory path.
$directory_path = "uploads/videos/id_verifications/";
//Make Directory under $user in 'uploads/videos/id_verifications' Folder.
if(!is_dir($directory_path . $user)) //IS THIS LINE CORRECT ?
{
$mode = "0644";
mkdir($directory_path . $user, "$mode", TRUE); //IS THIS LINE CORRECT ?
}
//Grab Uploading File details.
$Errors = Array(); //SHOULD I KEEP THIS LINE OR NOT ?
$file_name = $_FILES["id_verification_video_file"]["name"];
$file_tmp = $_FILES["id_verification_video_file"]["tmp_name"];
$file_type = $_FILES["id_verification_video_file"]["type"];
$file_size = $_FILES["id_verification_video_file"]["size"];
$file_error = $_FILES['id_verification_video_file']['error'];
//Grab Uploading File Extension details.
$file_extension = pathinfo($file_name, PATHINFO_EXTENSION);
//if(file_exists("$directory_path . $user/ . $file_name")) //THIS LINE IS NOT GIVING THE ERROR THAT FILE HAS ALREADY BEEN UPLOADED. INSTEAD GIVES THE ECHO THAT IS 26 LINES BELOW HERE: "Your Video File \"$file_name\" has been uploaded successfully!"
if(file_exists($directory_path . $user . '/' . $file_name)) ////THIS LINE IS NOT GIVING THE ERROR THAT FILE HAS ALREADY BEEN UPLOADED. INSTEAD SHOWING BLANK WHITE PAGE.
{
$Errors[] = "Error: You have already uploaded a video file to verify your ID!";
exit();
}
else
{
//Feed allowed File Extensions List.
$allowed_file_extensions = array("mp4" => "video/mp4");
//Feed allowed File Size.
$max_file_size_allowed_in_bytes = 1024*1024*100; //Allowed limit: 100MB.
$max_file_size_allowed_in_kilobytes = 1024*100;
$max_file_size_allowed_in_megabytes = 100;
$max_file_size_allowed = "$max_file_size_allowed_in_bytes";
//Verify File Extension.
if(!array_key_exists($file_extension, $allowed_file_extensions)) die("Error: Select a valid video file format. Select an Mp4 file.");
//Verify MIME Type of the File.
elseif(!in_array($file_type, $allowed_file_extensions))
{
$Errors[] = "Error: There was a problem uploading your file $file_name! Make sure your file is an MP4 video file. You may try again."; //IS THIS LINE CORRECT ?
}
//Verify File Size. Allowed Max Limit: 100MB.
elseif($file_size>$max_file_size_allowed) die("Error: Your Video File Size is larger than the allowed limit of: $max_file_size_allowed_in_megabytes.");
//Move uploaded File to newly created directory on the server.
move_uploaded_file("$file_tmp", $directory_path . $user . '/' . $file_name); //IS THIS LINE CORRECT ?
//move_uploaded_file("$file_tmp", "$directory_path" . "$user" . "/" . "$file_name"); //IS THIS LINE CORRECT ?
//move_uploaded_file("$file_tmp", "$directory_path" . "$user/" . "$file_name"); //IS THIS LINE CORRECT ?
//Notify user their Id Verification Video File was uploaded successfully.
echo "Your Video File \"$file_name\" has been uploaded successfully!";
exit();
}
}
}
?> `
<form METHOD="POST" ACTION="" enctype="multipart/form-data">
<fieldset>
<p align="left"><h3>
<?php $site_name ?> ID Video Verification Form</h3></p>
<div class="form-group">
<p align="left"<label>Video File: </label>
<input type="file" name="id_verification_video_file" id="id_verification_video_file" value="uploaded 'Id Verification Video File.'"></p>
</div>
</fieldset>
<p align="left"><button type="submit" class="btn btn-default" name="id_verification_video_file_submit">Submit!</button></p>
</form>
</body>
</html>
<?php
include 'footer_account.php'; //Required on all webpages of the Site.
?> NOTE 1: I have not used the finfo_file() and mine_content_type functions here. I'd like you to show me how to do them.
I'd appreciate a mini script from your end.
NOTE 2: I would appreciate it if someone modified my code according to my requirements mentioned on my original post and add it to this thread for all newbies to learn from.
NOTE 3: This forum is showing my codes funny. Hence, attached my file. Attachment will show my code correctly.
Thanks
