I hope all is well.
i am in the process of learning php and sql and i am trying to make a piece of code work where i can upload an image and itll save to a folder…i have found a piece of code that accepts base64 encoding, which would be perfect but it doesnt seem to work currently… so i have been testing it on postman, using the body raw option i have been inputting {"upfile":"whatever the base64 encode is"}
when doing that it returns a
Warning: Undefined array key "upfile" in C:xampphtdocsuploadf.php on line 43
Warning: Trying to access array offset on value of type null in C:xampphtdocsuploadf.php on line 43
when i try the other option on postman which is the form data where i specify “upfile” as the key and upload an image, it gives this error
Warning: move_uploaded_file(/xammp/htdocs/pic/60125e70327c5.jpeg): Failed to open stream: No such file or directory in C:xampphtdocsuploadfile2.php on line 107
Warning: move_uploaded_file(): Unable to move "C:xampptmpphpB9AB.tmp" to "/xammp/htdocs/pic/60125e70327c5.jpeg" in C:xampphtdocsuploadfile2.php on line 107
{"result":"Failed to move uploaded file.","filename":"60125e70327c5.jpeg"}
my question is, how can i make it such that this code works, and which method of testing would be better?
<?php
header('Content-Type: text/plain; charset=utf-8');
$server_url = '/xammp/htdocs';
$uploadDirectory = "/pic/";
$target_dir = $server_url.$uploadDirectory; // add the specific path to save the file
//$headers = getRequestHeaders();
//
//$arr = array();
//
//foreach ($headers as $header => $value) {
//// echo "$header: $value <br />n";
// array_push($arr,"$header: $value");
//}
//
//
//// $arr = array('result'=>'mime type '.$mime_type,'ext '=>$ext);
// throw new RuntimeException(json_encode(print_r($arr)));
// echo json_encode('mime_type = '.$mime_type.' extension = '.$ext);
try {
//echo 'Files Array ';
//echo "rn";
//echo print_r($_FILES);
// throw new RuntimeException(json_encode($_FILES['upfile']['tmp_name']));
//die('here');
// Undefined | Multiple Files | $_FILES Corruption Attack
// If this request falls under any of them, treat it invalid.
// if (
// !isset($_FILES['upfile']['error']) ||
// is_array($_FILES['upfile']['error'])
// ) {
// throw new RuntimeException('Invalid parameters.');
// }
// Check $_FILES['upfile']['error'] value.
switch ($_FILES['upfile']['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_NO_FILE:
throw new RuntimeException('No file sent.');
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
throw new RuntimeException('Exceeded filesize limit.');
default:
throw new RuntimeException('Unknown errors.');
}
// You should also check filesize here.
if ($_FILES['upfile']['size'] > 1000000000) {
throw new RuntimeException('Exceeded filesize limit.');
}
// DO NOT TRUST $_FILES['upfile']['mime'] VALUE !!
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime_type = finfo_file($finfo, $_FILES['upfile']['tmp_name']);
// $mime_type = finfo_buffer(finfo_open(), $_FILES['upfile']['name'], FILEINFO_MIME_TYPE); // extract mime type
$ext = mime2ext($mime_type); // extract extension from mime type
$ext1 = mime2ext($_FILES['upfile']['type']);
if ($ext !== $ext1) {
$ext=$ext1;
}
// $arr = array('result'=>'mime type '.$mime_type,'ext '=>$ext);
// throw new RuntimeException(json_encode($arr));
// echo json_encode('mime_type = '.$mime_type.' extension = '.$ext.' FILES type = '.$_FILES['upfile']['type'].' exte 1 = '.$ext1);
//
//
// // Check MIME Type by yourself.
// $finfo = new finfo(FILEINFO_MIME_TYPE);
// if (false === $ext = array_search(
// $finfo->file($_FILES['upfile']['tmp_name']),
// array(
// 'jpg' => 'image/jpeg',
// 'png' => 'image/png',
// 'gif' => 'image/gif',
// ),
// true
// )) {
// throw new RuntimeException('Invalid file format.');
// }
// You should name it uniquely.
// DO NOT USE $_FILES['upfile']['name'] WITHOUT ANY VALIDATION !!
// On this example, obtain safe unique name from its binary data.
$newfilename = uniqid();//sha1_file($_FILES['upfile']['tmp_name']);
$file = $newfilename.".".$ext;
if (!move_uploaded_file(
$_FILES['upfile']['tmp_name'],
sprintf($target_dir.'%s.%s',
$newfilename,
$ext
)
)) {
$arr = array('result'=>'Failed to move uploaded file.','filename'=>$file);
throw new RuntimeException(json_encode($arr));
}
$arr = array('result'=>'File Uploaded Sucessfully','filename'=>$file);
// echo json_encode("File Uploaded Successfully");
echo json_encode($arr);
// echo json_encode();
} catch (RuntimeException $e) {
echo $e->getMessage();
}
function mime2ext($mime){
$all_mimes = '{"png":["image/png","image/x-png"],"bmp":["image/bmp","image/x-bmp",
"image/x-bitmap","image/x-xbitmap","image/x-win-bitmap","image/x-windows-bmp",
"image/ms-bmp","image/x-ms-bmp","application/bmp","application/x-bmp",
"application/x-win-bitmap"],"gif":["image/gif"],"jpeg":["image/jpeg",
"image/pjpeg"],"xspf":["application/xspf+xml"],"vlc":["application/videolan"],
"wmv":["video/x-ms-wmv","video/x-ms-asf"],"au":["audio/x-au"],
"ac3":["audio/ac3"],"flac":["audio/x-flac"],"ogg":["audio/ogg",
"video/ogg","application/ogg"],"kmz":["application/vnd.google-earth.kmz"],
"kml":["application/vnd.google-earth.kml+xml"],"rtx":["text/richtext"],
"rtf":["text/rtf"],"jar":["application/java-archive","application/x-java-application",
"application/x-jar"],"zip":["application/x-zip","application/zip",
"application/x-zip-compressed","application/s-compressed","multipart/x-zip"],
"7zip":["application/x-compressed"],"xml":["application/xml","text/xml"],
"svg":["image/svg+xml"],"3g2":["video/3gpp2"],"3gp":["video/3gp","video/3gpp"],
"mp4":["video/mp4"],"m4a":["audio/x-m4a"],"f4v":["video/x-f4v"],"flv":["video/x-flv"],
"webm":["video/webm"],"aac":["audio/x-acc"],"m4u":["application/vnd.mpegurl"],
"pdf":["application/pdf","application/octet-stream"],
"pptx":["application/vnd.openxmlformats-officedocument.presentationml.presentation"],
"ppt":["application/powerpoint","application/vnd.ms-powerpoint","application/vnd.ms-office",
"application/msword"],"docx":["application/vnd.openxmlformats-officedocument.wordprocessingml.document"],
"xlsx":["application/vnd.openxmlformats-officedocument.spreadsheetml.sheet","application/vnd.ms-excel"],
"xl":["application/excel"],"xls":["application/msexcel","application/x-msexcel","application/x-ms-excel",
"application/x-excel","application/x-dos_ms_excel","application/xls","application/x-xls"],
"xsl":["text/xsl"],"mpeg":["video/mpeg"],"mov":["video/quicktime"],"avi":["video/x-msvideo",
"video/msvideo","video/avi","application/x-troff-msvideo"],"movie":["video/x-sgi-movie"],
"log":["text/x-log"],"txt":["text/plain"],"css":["text/css"],"html":["text/html"],
"wav":["audio/x-wav","audio/wave","audio/wav"],"xhtml":["application/xhtml+xml"],
"tar":["application/x-tar"],"tgz":["application/x-gzip-compressed"],"psd":["application/x-photoshop",
"image/vnd.adobe.photoshop"],"exe":["application/x-msdownload"],"js":["application/x-javascript"],
"mp3":["audio/mpeg","audio/mpg","audio/mpeg3","audio/mp3"],"rar":["application/x-rar","application/rar",
"application/x-rar-compressed"],"gzip":["application/x-gzip"],"hqx":["application/mac-binhex40",
"application/mac-binhex","application/x-binhex40","application/x-mac-binhex40"],
"cpt":["application/mac-compactpro"],"bin":["application/macbinary","application/mac-binary",
"application/x-binary","application/x-macbinary"],"oda":["application/oda"],
"ai":["application/postscript"],"smil":["application/smil"],"mif":["application/vnd.mif"],
"wbxml":["application/wbxml"],"wmlc":["application/wmlc"],"dcr":["application/x-director"],
"dvi":["application/x-dvi"],"gtar":["application/x-gtar"],"php":["application/x-httpd-php",
"application/php","application/x-php","text/php","text/x-php","application/x-httpd-php-source"],
"swf":["application/x-shockwave-flash"],"sit":["application/x-stuffit"],"z":["application/x-compress"],
"mid":["audio/midi"],"aif":["audio/x-aiff","audio/aiff"],"ram":["audio/x-pn-realaudio"],
"rpm":["audio/x-pn-realaudio-plugin"],"ra":["audio/x-realaudio"],"rv":["video/vnd.rn-realvideo"],
"jp2":["image/jp2","video/mj2","image/jpx","image/jpm"],"tiff":["image/tiff"],
"eml":["message/rfc822"],"pem":["application/x-x509-user-cert","application/x-pem-file"],
"p10":["application/x-pkcs10","application/pkcs10"],"p12":["application/x-pkcs12"],
"p7a":["application/x-pkcs7-signature"],"p7c":["application/pkcs7-mime","application/x-pkcs7-mime"],"p7r":["application/x-pkcs7-certreqresp"],"p7s":["application/pkcs7-signature"],"crt":["application/x-x509-ca-cert","application/pkix-cert"],"crl":["application/pkix-crl","application/pkcs-crl"],"pgp":["application/pgp"],"gpg":["application/gpg-keys"],"rsa":["application/x-pkcs7"],"ics":["text/calendar"],"zsh":["text/x-scriptzsh"],"cdr":["application/cdr","application/coreldraw","application/x-cdr","application/x-coreldraw","image/cdr","image/x-cdr","zz-application/zz-winassoc-cdr"],"wma":["audio/x-ms-wma"],"vcf":["text/x-vcard"],"srt":["text/srt"],"vtt":["text/vtt"],"ico":["image/x-icon","image/x-ico","image/vnd.microsoft.icon"],"csv":["text/x-comma-separated-values","text/comma-separated-values","application/vnd.msexcel"],"json":["application/json","text/json"]}';
$all_mimes = json_decode($all_mimes,true);
foreach ($all_mimes as $key => $value) {
if(array_search($mime,$value) !== false) return $key;
}
return false;
}
function getRequestHeaders() {
$headers = array();
foreach($_SERVER as $key => $value) {
if (substr($key, 0, 5) <> 'HTTP_') {
continue;
}
$header = str_replace(' ', '-', ucwords(str_replace('_', ' ', strtolower(substr($key, 5)))));
$headers[$header] = $value;
}
return $headers;
}
?>
Advertisement
Answer
In Your you just have to make a pic folder on current directory and use “$target_dir”
$target_dir ='pic/';
Example of Uploading File in Php :
<!DOCTYPE html>
<html>
<body>
<form action="upload.php" method="post" enctype="multipart/form-data">
Select image to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload Image" name="submit">
</form>
</body>
</html>
php code :
<?php
$target_d
ir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
$query = "INSERT INTO table (`image_path`) VALUES ('$target_file')
";
echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
?>
base 64 code for image in db :
$data = file_get_contents($_FILES['name_of_control']['tmp_name']);
$data = mysql_real_escape_string($data);
$query = "
INSERT INTO table
(`blob_column`)
VALUES
('$data')
";
mysql_query($query);