Lapskaus IT: php

Showing posts with label php. Show all posts

Sunday, January 02, 2011

Setting limitation on uploading file, PHP

You can always set limitations on the uploading process as it is a big security risk to let users upload whatever they like ...

<?php
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Error: " . $_FILES["file"]["error"] . "<br />";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    echo "Stored in: " . $_FILES["file"]["tmp_name"];
    }
  }
else
  {
  echo "Invalid file";
  }
?>



More detailed types of files : 

"application/pdf" - PDF Files

"application/msword" - MS Word Files

"application/powerpoint" - MS Powerpoint Files

"application/excel" - MS Excel Files

"text/plain" - Text Files



Source : W3Schools

Uploading a file, PHP

With PHP you have the power to upload files to the server.

An example code(The client side) :

<html>

<body>



<form action="upload_file.php" method="post"

enctype="multipart/form-data">

<label for="file">Filename:</label>

<input type="file" name="file" id="file" /> 

<br />

<input type="submit" name="submit" value="Submit" />

</form>

</body>

</html>

In the HTML code above :

The enctype attribute of the tag specifies which content-type to use when submitting the form. "multipart/form-data" is used when a form requires binary data, like the contents of a file, to be uploaded
The type="file" attribute of the input tag specifies that the input should be processed as a file. For example, when viewed in a browser, there will be a browse-button next to the input field

****
An example for the "server side" script

The "upload_file.php" file contains the code for uploading a file:

<?php

 if ($_FILES["file"]["error"] > 0)

  {

  echo "Error: " . $_FILES["file"]["error"] . "<br />";

  }

else

  {

  echo "Upload: " . $_FILES["file"]["name"] . "<br />";

  echo "Type: " . $_FILES["file"]["type"] . "<br />";

  echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";

  echo "Stored in: " . $_FILES["file"]["tmp_name"];

  }

?>

By using the global PHP $_FILES array you can upload files from a client computer to the remote server.

The first parameter is the form's input name and the second index can be either "name", "type", "size", "tmp_name" or "error". Like this:

$_FILES["file"]["name"] - the name of the uploaded file
$_FILES["file"]["type"] - the type of the uploaded file
$_FILES["file"]["size"] - the size in bytes of the uploaded file
$_FILES["file"]["tmp_name"] - the name of the temporary copy of the file stored on the server
$_FILES["file"]["error"] - the error code resulting from the file upload

This is a very simple way of uploading files. You better add restrictions on what the user is allowed to upload to your sever. Down here you can also see a code which saves the uploaded file to a physical place on server. If you do not save the file, the temporary file will be deleted after the script ends. It also checks if the file already exist.



<?php

if ((($_FILES["file"]["type"] == "image/gif")

|| ($_FILES["file"]["type"] == "image/jpeg")

|| ($_FILES["file"]["type"] == "image/pjpeg"))

&& ($_FILES["file"]["size"] < 20000))

  {

  if ($_FILES["file"]["error"] > 0)

    {

    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";

    }

  else

    {

    echo "Upload: " . $_FILES["file"]["name"] . "<br />";

    echo "Type: " . $_FILES["file"]["type"] . "<br />";

    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";

    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";

    if (file_exists("upload/" . $_FILES["file"]["name"]))

      {

      echo $_FILES["file"]["name"] . " already exists. ";

      }

    else

      {

      move_uploaded_file($_FILES["file"]["tmp_name"],

      "upload/" . $_FILES["file"]["name"]);

      echo "Stored in: " . "upload/" . $_FILES["file"]["name"];

      }

    }

  }

else

  {

  echo "Invalid file";

  }

?>

Source : W3Schools

Thursday, December 30, 2010

Set a selected item for select tag in HTML, web design

In this example Green will be the selected item(pay attention to where the selected statement is placed) :



colors:



<select name="colors"> 



<option>White</option>



<option>Red</option>



<option selected>Green</option>



<option>Blue</option>



</select>

Wednesday, December 29, 2010

Configuration about PHP server, HOWTO

If you are wondering about the configuration of the PHP server you have, you can simply make a PHP file with following command :



<?php


	


	


	phpinfo();


	


	


?>

and simply place the file in the localhost folder and browse it in an Internet Browser. You would simply have all the information you need. The result will be something like the picture down here(Take from Wiki)

Saturday, December 19, 2009

PHP string concatation


   $str1 = 'This ';
   $str2 = 'is a ';
   $str3 = 'test string';
 
   $full = $str1.$str2.$str3;
 
   echo $full;
?>

PHP string compare


   $str1 = "Test";
   $str2 = "Test";
 
   if ($str1 == "Test")  echo "OK-1";
   if ($str1 == $str2)   echo "OK-2";
?>

Thursday, June 11, 2009

How to find out your Wordpress version

You can see the version of your Wordpress listed on the bottom of every admin page. If because of any reason you can not login in to the admin pages and you are wondering how to find out your wordpress version here is the way. Go to following address(/wp-includes/version.php) in your website root folders and open the version.php with a text editor or something ...

/wp-includes/version.php

contains :

$wp_version = '2.8';
$wp_db_version = 4593;

Lapskaus IT