Skip to content
Advertisement

php returns errors when uploading and image to server

I hope all is well. i am in the process of learning php and sql and i am trying to make a piece of code work where i can upload an image and itll save to a folder…i have found a piece of code that accepts base64 encoding, which would be perfect but it doesnt seem to work currently… so i have been testing it on postman, using the body raw option i have been inputting {"upfile":"whatever the base64 encode is"} when doing that it returns a

Warning: Undefined array key "upfile" in C:xampphtdocsuploadf.php on line 43

Warning: Trying to access array offset on value of type null in C:xampphtdocsuploadf.php on line 43

when i try the other option on postman which is the form data where i specify “upfile” as the key and upload an image, it gives this error

Warning: move_uploaded_file(/xammp/htdocs/pic/60125e70327c5.jpeg): Failed to open stream: No such file or directory in C:xampphtdocsuploadfile2.php on line 107

Warning: move_uploaded_file(): Unable to move "C:xampptmpphpB9AB.tmp" to "/xammp/htdocs/pic/60125e70327c5.jpeg" in C:xampphtdocsuploadfile2.php on line 107
{"result":"Failed to move uploaded file.","filename":"60125e70327c5.jpeg"}

my question is, how can i make it such that this code works, and which method of testing would be better?

<?php

header('Content-Type: text/plain; charset=utf-8');

$server_url = '/xammp/htdocs';
$uploadDirectory = "/pic/";

$target_dir = $server_url.$uploadDirectory; // add the specific path to save the file

//$headers = getRequestHeaders();
//
//$arr = array();
//
//foreach ($headers as $header => $value) {
////    echo "$header: $value <br />n";
//    array_push($arr,"$header: $value");
//}
//
//
////    $arr = array('result'=>'mime type '.$mime_type,'ext '=>$ext);
//    throw new RuntimeException(json_encode(print_r($arr)));

//    echo json_encode('mime_type = '.$mime_type.' extension = '.$ext);

try {
//echo 'Files Array ';
//echo "rn";
//echo print_r($_FILES);

//    throw new RuntimeException(json_encode($_FILES['upfile']['tmp_name']));
//die('here');

    // Undefined | Multiple Files | $_FILES Corruption Attack
    // If this request falls under any of them, treat it invalid.
//    if (
//        !isset($_FILES['upfile']['error']) ||
//        is_array($_FILES['upfile']['error'])
//    ) {
//        throw new RuntimeException('Invalid parameters.');
//    }

    // Check $_FILES['upfile']['error'] value.
    switch ($_FILES['upfile']['error']) {
        case UPLOAD_ERR_OK:
            break;
        case UPLOAD_ERR_NO_FILE:
            throw new RuntimeException('No file sent.');
        case UPLOAD_ERR_INI_SIZE:
        case UPLOAD_ERR_FORM_SIZE:
            throw new RuntimeException('Exceeded filesize limit.');
        default:
            throw new RuntimeException('Unknown errors.');
    }

    // You should also check filesize here.
    if ($_FILES['upfile']['size'] > 1000000000) {
        throw new RuntimeException('Exceeded filesize limit.');
    }

    // DO NOT TRUST $_FILES['upfile']['mime'] VALUE !!
    $finfo = finfo_open(FILEINFO_MIME_TYPE);
    $mime_type = finfo_file($finfo, $_FILES['upfile']['tmp_name']);
//    $mime_type = finfo_buffer(finfo_open(), $_FILES['upfile']['name'], FILEINFO_MIME_TYPE); // extract mime type
    $ext = mime2ext($mime_type); // extract extension from mime type


    $ext1 = mime2ext($_FILES['upfile']['type']);

    if ($ext !== $ext1) {
        $ext=$ext1;
    }


//    $arr = array('result'=>'mime type '.$mime_type,'ext '=>$ext);
//    throw new RuntimeException(json_encode($arr));

//    echo json_encode('mime_type = '.$mime_type.' extension = '.$ext.' FILES type = '.$_FILES['upfile']['type'].' exte 1 = '.$ext1);

//
//
//    // Check MIME Type by yourself.
//    $finfo = new finfo(FILEINFO_MIME_TYPE);
//    if (false === $ext = array_search(
//            $finfo->file($_FILES['upfile']['tmp_name']),
//            array(
//                'jpg' => 'image/jpeg',
//                'png' => 'image/png',
//                'gif' => 'image/gif',
//            ),
//            true
//        )) {
//        throw new RuntimeException('Invalid file format.');
//    }

    // You should name it uniquely.
    // DO NOT USE $_FILES['upfile']['name'] WITHOUT ANY VALIDATION !!
    // On this example, obtain safe unique name from its binary data.

    $newfilename = uniqid();//sha1_file($_FILES['upfile']['tmp_name']);

    $file = $newfilename.".".$ext;

    if (!move_uploaded_file(
        $_FILES['upfile']['tmp_name'],
        sprintf($target_dir.'%s.%s',
            $newfilename,
            $ext
        )
    )) {
        $arr = array('result'=>'Failed to move uploaded file.','filename'=>$file);
        throw new RuntimeException(json_encode($arr));
    }



    $arr = array('result'=>'File Uploaded Sucessfully','filename'=>$file);
//        echo json_encode("File Uploaded Successfully");
    echo json_encode($arr);
//    echo json_encode();

} catch (RuntimeException $e) {

    echo $e->getMessage();

}

function mime2ext($mime){
    $all_mimes = '{"png":["image/png","image/x-png"],"bmp":["image/bmp","image/x-bmp",
"image/x-bitmap","image/x-xbitmap","image/x-win-bitmap","image/x-windows-bmp",
"image/ms-bmp","image/x-ms-bmp","application/bmp","application/x-bmp",
"application/x-win-bitmap"],"gif":["image/gif"],"jpeg":["image/jpeg",
"image/pjpeg"],"xspf":["application/xspf+xml"],"vlc":["application/videolan"],
"wmv":["video/x-ms-wmv","video/x-ms-asf"],"au":["audio/x-au"],
"ac3":["audio/ac3"],"flac":["audio/x-flac"],"ogg":["audio/ogg",
"video/ogg","application/ogg"],"kmz":["application/vnd.google-earth.kmz"],
"kml":["application/vnd.google-earth.kml+xml"],"rtx":["text/richtext"],
"rtf":["text/rtf"],"jar":["application/java-archive","application/x-java-application",
"application/x-jar"],"zip":["application/x-zip","application/zip",
"application/x-zip-compressed","application/s-compressed","multipart/x-zip"],
"7zip":["application/x-compressed"],"xml":["application/xml","text/xml"],
"svg":["image/svg+xml"],"3g2":["video/3gpp2"],"3gp":["video/3gp","video/3gpp"],
"mp4":["video/mp4"],"m4a":["audio/x-m4a"],"f4v":["video/x-f4v"],"flv":["video/x-flv"],
"webm":["video/webm"],"aac":["audio/x-acc"],"m4u":["application/vnd.mpegurl"],
"pdf":["application/pdf","application/octet-stream"],
"pptx":["application/vnd.openxmlformats-officedocument.presentationml.presentation"],
"ppt":["application/powerpoint","application/vnd.ms-powerpoint","application/vnd.ms-office",
"application/msword"],"docx":["application/vnd.openxmlformats-officedocument.wordprocessingml.document"],
"xlsx":["application/vnd.openxmlformats-officedocument.spreadsheetml.sheet","application/vnd.ms-excel"],
"xl":["application/excel"],"xls":["application/msexcel","application/x-msexcel","application/x-ms-excel",
"application/x-excel","application/x-dos_ms_excel","application/xls","application/x-xls"],
"xsl":["text/xsl"],"mpeg":["video/mpeg"],"mov":["video/quicktime"],"avi":["video/x-msvideo",
"video/msvideo","video/avi","application/x-troff-msvideo"],"movie":["video/x-sgi-movie"],
"log":["text/x-log"],"txt":["text/plain"],"css":["text/css"],"html":["text/html"],
"wav":["audio/x-wav","audio/wave","audio/wav"],"xhtml":["application/xhtml+xml"],
"tar":["application/x-tar"],"tgz":["application/x-gzip-compressed"],"psd":["application/x-photoshop",
"image/vnd.adobe.photoshop"],"exe":["application/x-msdownload"],"js":["application/x-javascript"],
"mp3":["audio/mpeg","audio/mpg","audio/mpeg3","audio/mp3"],"rar":["application/x-rar","application/rar",
"application/x-rar-compressed"],"gzip":["application/x-gzip"],"hqx":["application/mac-binhex40",
"application/mac-binhex","application/x-binhex40","application/x-mac-binhex40"],
"cpt":["application/mac-compactpro"],"bin":["application/macbinary","application/mac-binary",
"application/x-binary","application/x-macbinary"],"oda":["application/oda"],
"ai":["application/postscript"],"smil":["application/smil"],"mif":["application/vnd.mif"],
"wbxml":["application/wbxml"],"wmlc":["application/wmlc"],"dcr":["application/x-director"],
"dvi":["application/x-dvi"],"gtar":["application/x-gtar"],"php":["application/x-httpd-php",
"application/php","application/x-php","text/php","text/x-php","application/x-httpd-php-source"],
"swf":["application/x-shockwave-flash"],"sit":["application/x-stuffit"],"z":["application/x-compress"],
"mid":["audio/midi"],"aif":["audio/x-aiff","audio/aiff"],"ram":["audio/x-pn-realaudio"],
"rpm":["audio/x-pn-realaudio-plugin"],"ra":["audio/x-realaudio"],"rv":["video/vnd.rn-realvideo"],
"jp2":["image/jp2","video/mj2","image/jpx","image/jpm"],"tiff":["image/tiff"],
"eml":["message/rfc822"],"pem":["application/x-x509-user-cert","application/x-pem-file"],
"p10":["application/x-pkcs10","application/pkcs10"],"p12":["application/x-pkcs12"],
"p7a":["application/x-pkcs7-signature"],"p7c":["application/pkcs7-mime","application/x-pkcs7-mime"],"p7r":["application/x-pkcs7-certreqresp"],"p7s":["application/pkcs7-signature"],"crt":["application/x-x509-ca-cert","application/pkix-cert"],"crl":["application/pkix-crl","application/pkcs-crl"],"pgp":["application/pgp"],"gpg":["application/gpg-keys"],"rsa":["application/x-pkcs7"],"ics":["text/calendar"],"zsh":["text/x-scriptzsh"],"cdr":["application/cdr","application/coreldraw","application/x-cdr","application/x-coreldraw","image/cdr","image/x-cdr","zz-application/zz-winassoc-cdr"],"wma":["audio/x-ms-wma"],"vcf":["text/x-vcard"],"srt":["text/srt"],"vtt":["text/vtt"],"ico":["image/x-icon","image/x-ico","image/vnd.microsoft.icon"],"csv":["text/x-comma-separated-values","text/comma-separated-values","application/vnd.msexcel"],"json":["application/json","text/json"]}';
    $all_mimes = json_decode($all_mimes,true);
    foreach ($all_mimes as $key => $value) {
        if(array_search($mime,$value) !== false) return $key;
    }
    return false;
}

function getRequestHeaders() {
    $headers = array();
    foreach($_SERVER as $key => $value) {
        if (substr($key, 0, 5) <> 'HTTP_') {
            continue;
        }
        $header = str_replace(' ', '-', ucwords(str_replace('_', ' ', strtolower(substr($key, 5)))));
        $headers[$header] = $value;
    }
    return $headers;
}

?>

Advertisement

Answer

In Your you just have to make a pic folder on current directory and use “$target_dir”

$target_dir ='pic/';

Example of Uploading File in Php :

<!DOCTYPE html>
<html>
<body>

<form action="upload.php" method="post" enctype="multipart/form-data">
  Select image to upload:
  <input type="file" name="fileToUpload" id="fileToUpload">
  <input type="submit" value="Upload Image" name="submit">
</form>

</body>
</html>

php code :

<?php
$target_d

ir = "uploads/";
    $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
    $uploadOk = 1;
    $imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
    // Check if image file is a actual image or fake image
    if(isset($_POST["submit"])) {
      $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
      if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
      } else {
        echo "File is not an image.";
        $uploadOk = 0;
      }

  

        if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {

$query = "INSERT INTO table  (`image_path`) VALUES ('$target_file')
";
            echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
          } else {
            echo "Sorry, there was an error uploading your file.";
          }
    
    
        }
        ?>

base 64 code for image in db :

 $data = file_get_contents($_FILES['name_of_control']['tmp_name']);
$data = mysql_real_escape_string($data);

$query = "
  INSERT INTO table
    (`blob_column`)
  VALUES
    ('$data')
";

mysql_query($query);
User contributions licensed under: CC BY-SA
6 People found this is helpful
Advertisement