File Uploader - php script with file validation - diyAudio
Go Back   Home > Forums > Member Areas > The Lounge

The Lounge A place to talk about almost anything but politics and religion.

Please consider donating to help us continue to serve you.

Ads on/off / Custom Title / More PMs / More album space / Advanced printing & mass image saving
Reply
 
Thread Tools Search this Thread
Old 10th February 2007, 08:02 AM   #1
lineup is offline lineup  Sweden
diyAudio Member
 
lineup's Avatar
 
Join Date: Dec 2005
Location: the north
Smile File Uploader - php script with file validation

found this nice

File Uploader script
It is free code and written in PHP and will work at most websites / servers.

Original websource is the PHP Dedicated site http://www.phpfreaks.com/
It is one wellknown place,
to find info and some good free php scripts.


Here is the PHP Code for File Uploader:
( includes comments on options/settings )
Quote:
<?php
/**

Page: function.upload_files.php
Developer: Jeffrey M. Johns
Support: .... binary.star (at) verizon.net ....

******
Purpose: To validate against file uploads to the server.
******
Notes/Comments: This function will do a variety of activities. It will check to see if the file's
extension is accepted which is set by the user, check to make sure the file is not over the
allowable file size
******
Security: All proper measure were taken to make everything as secure as possible.
******

Code Example:
$self = $_SERVER['PHP_SELF'];
$submit = $_POST['Submit'];
$temp_file_name = trim($_FILES['upload']['tmp_name']);
$file_name = trim($_FILES['upload']['name']);
$upload_dir = "uploads/";
$upload_log_dir = "uploads/upload_logs/";
$max_file_size = 524288;
$banned_array = array("");
$ext_array = array(".jpg",".gif",".jpeg",".png",".txt",".doc"," .wps",".pdf",".zip",".bmp",".tif",".html",".htm"," .php");

if (($submit) AND ($temp_file_name)) {
print upload_files($temp_file_name,$file_name,$upload_di r,$upload_log_dir,$max_file_size,$banned_array,$ex t_array);
}

the HTML form to go with this code:
<form action="<*php print"$self";*>" method="post" enctype="multipart/form-data" name="uploader">
Upload: <input name="upload" type="file" size="50">
<input type="submit" name="Submit" value="Submit">
</form>

**/

function upload_files($temp_file_name,$file_name,$upload_di r,$upload_log_dir,$max_file_size,$banned_array,$ex t_array) {

//Get Day and Time Variables
$m = date("m"); //Get month
$d = date("d"); //Get day
$y = date("Y"); //Get year
$date = date("m/d/Y"); //Get today's date
$time = date("h:i:s A"); //Get now's time

//Get User Passed Variables
$temp_file_name = trim($temp_file_name); //Trim Temp File Name
$file_name = trim(strtolower($file_name)); //Trim File Name
$upload_dir = trim($upload_dir); //Trim Upload Directory
$upload_log_dir = trim($upload_log_dir); //Trim Upload Log Directory
$max_file_size = trim($max_file_size); //Trim Max File Size

//Figure if last character for the upload directory is a back slash
$ud_len = strlen($upload_dir); //Get upload log directory size
$last_slash = substr($upload_dir,$ud_len-1,1); //Get Last Character
if ($last_slash <> "/") { //Check to see if the last character is a slash
$upload_dir = $upload_dir."/"; //Add a backslash if not present
} else {
$upload_dir = $upload_dir; //If backslash is present, do nothing
}

//Figure if last character for the upload log directory is a back slash
$udl_len = strlen($upload_log_dir); //Get upload log directory size
$last_slash = substr($upload_log_dir,$udl_len-1,1); //Get Last Character
if ($last_slash <> "/") { //Check to see if the last character is a slash
$upload_log_dir = $upload_log_dir."/"; //Add a backslash if not present
} else {
$upload_log_dir = $upload_log_dir; //If backslash is present, do nothing
}

//Validate the extension array
foreach ($ext_array as $key => $value) { //Start extension loop
$first_char = substr($value,0,1); //Get first character
if ($first_char <> ".") { //If not a period,
$extensions[] = ".".strtolower($value); //Write value with a period to a new array
} else { //Else
$extensions[] = strtolower($value); //Write the value to a new array
}
}

//Get Counts
$ext_count = count($extensions); //Count the number of extensions
$banned_count = count($banned_array); //Count the number of banned users

//Figure if anyone is banned
if ($banned_count >= 1) { //If number of banned users if 1 or greater
$banned_users = "TRUE"; //Set banned_users to TRUE
}

//Get server constants
$ip = $_SERVER['REMOTE_ADDR']; //Get IP address
$self = $_SERVER['PHP_SELF']; //Get PHP Self
$site = $_SERVER['HTTP_HOST']; //Get Start of Web URL
$ip = $_SERVER['REMOTE_ADDR']; //Get IP Address

//Set file size variables
$kb = 1024; //Set KB
$mb = 1024 * $kb; //Set MB
$gb = 1024 * $mb; //Set GB
$tb = 1024 * $gb; //Set TB

//Get The File's Extension
$extension = strtolower(strrchr($file_name,".")); //Get the file extension

//Validate Extension
foreach ($extensions as $key => $value) { //Start extract loop of valid extensions
if ($value == $extension) { //If extension is equal to any in the array
$valid_extension = "TRUE"; //Set valid extension to TRUE
}
$all_ext .= $value.", "; //Get all the extensions
}
$all_ext_len = strlen($all_ext); //Get the number of characters
$all_ext = substr($all_ext,0,$all_ext_len-2); //Extract all text except the last (2) characters

//Validate the file's size
$size = filesize($temp_file_name); //Get the size of the file
if ($size > $max_file_size) { //Set over limit statement
$over_limit = "TRUE"; //Set over_limit to TRUE
}

//Get the size of the uploaded file in other than bytes
if ($size < $kb) {
$screen_size = "$size Bytes"; //Set screen_size in bytes, if applicable
}
elseif ($size < $mb) {
$final = round($size/$kb,2);
$screen_size = "$final KB"; //Set screen_size in kilo-bytes, if applicable
}
elseif ($size < $gb) {
$final = round($size/$mb,2);
$screen_size = "$final MB"; //Set screen_size in mega-bytes, if applicable
}
else if($size < $tb) {
$final = round($size/$gb,2);
$screen_size = "$final GB"; //Set screen_size in giga-bytes, if applicable
}
else {
$final = round($size/$tb,2);
$screen_size = "$final TB"; //Set screen_size in tera-bytes, if applicable
}

//Get the size of the max file size in other than bytes
if ($max_file_size < $kb) { //Set screen_max in bytes, if applicable
$screen_max = "$max_file_size Bytes";
}
elseif ($max_file_size < $mb) {
$final = round($max_file_size/$kb,2);
$screen_max = "$final KB"; //Set screen_max in kilo-bytes, if applicable
}
elseif ($max_file_size < $gb) {
$final = round($max_file_size/$mb,2);
$screen_max = "$final MB"; //Set screen_max in mega-bytes, if applicable
}
else if($max_file_size < $tb) {
$final = round($max_file_size/$gb,2);
$screen_max = "$final GB"; //Set screen_max in giga-bytes, if applicable
}
else {
$final = round($max_file_size/$tb,2);
$screen_max = "$final TB"; //Set screen_max in tera-bytes, if applicable
}

//Validate the banned users list
if ($banned_users) { //If banned users are present
foreach($banned_array as $key => $value) { //Start extraction of banned users from the array
if ($value == $ip) { //If the user's IP address is found in list, continue
$banned_ip = "TRUE"; //and set the banned_ip to TRUE
}
}
}

//Start the validation process
if ($banned_ip) {
$result = "You have been banned from uploading any files to this directory!";
$log = $upload_log_dir."banned.txt"; //Log Banned File Name
$fp = fopen($log,"a+"); //Set File Pointer
fwrite($fp,"
$ip tried to upload on $date at $time."); //Write File
fclose($fp); //Close File Pointer
}
elseif (!$valid_extension) {
return FALSE;
}
elseif ($over_limit) {
return FALSE;
}
else {
if (is_uploaded_file($temp_file_name)) {
if (move_uploaded_file($temp_file_name,$upload_dir . $file_name)) {
$log = $upload_log_dir.$y."_".$m."_".$d.".txt"; //Log File Name
$fp = fopen($log,"a+"); //Set File Pointer
fwrite($fp,"
$ip | $file_name | $screen_size | $date | $time"); //Write File
fclose($fp); //Close File Pointer
return TRUE;
} else {
$result = "Your file could not be uploaded, please try again.";
return FALSE;
}
} else {
$result = "Your file could not be uploaded, please try again.";
return FALSE;
}
}
}
?>
Webpage, for full information:

Navigate: PHP Code Library > PHP > File Handling
http://www.phpfreaks.com/quickcode/F...loader/152.php

Regards, lineup
  Reply With Quote
Old 10th February 2007, 12:34 PM   #2
diyAudio Member
 
Geek's Avatar
 
Join Date: Sep 2004
Looks very useful, thanks!!

(I'll let you know if I get hacked )
  Reply With Quote
Old 10th February 2007, 06:54 PM   #3
lineup is offline lineup  Sweden
diyAudio Member
 
lineup's Avatar
 
Join Date: Dec 2005
Location: the north
Quote:
Originally posted by Geek
Looks very useful, thanks!!
(I'll let you know if I get hacked )

... by the way, talking of uploading
my PHP 5.2.0 settings vs. (PHP default recommended)
at my personal site is:


- upload_max_filesize 55M (default= 2M)
- post_max_size 55M (default= 8M)

- max_execution_time 300 (default= 30 seconds)
- max_input_time 300 (default= 60 seconds)



The reason for need to increase time settings in php.ini
is that uploading BIG FILE takes TIME
So, if the php page script will Time Out before the uploading is complete. This breaks the uploading.

Still, if uploading 50MB within 5 minutes at my site, require you have not too slow upload connection.
Better than 10MB per minute, with my current setting.
Same as 1 MB per 6 seconds. (160kByte/sec ~1280 kbits/sec ~1.28Mbits/sec)

For my own connection, this worked alright.
But I have rather fast internet.
I have tested figures like 2-10 MBits/s, even when testing against servers in USA,
at the other side of Atlantic Ocean.

PHP Manual
http://php.net/features.file-upload


Regards, lineup

====================================
edit:
I ran this speed test right now.
Against a speed test server in San Francisco
Quote:
Your Results:
2,766 Kbps Download Size: 995,974 bytes
346 KBytes per second Download Time: 2.81 secs
This equals like 8x346 = 2.7Mbits/s
http://sanfrancisco-speedtest.sprintbbd.net


Links, SPEED TEST for different servers all over the world:

http://www.dslreports.com/speedtest?more=1

__________________
lineup
  Reply With Quote
Old 10th February 2007, 09:38 PM   #4
diyAudio Member
 
Geek's Avatar
 
Join Date: Sep 2004
I shouldn't have to mod the timing then, 160kByte/sec is exactly my transfer rate.

Size of files is never an issue, it's a quantity of pesky little files
  Reply With Quote
Old 11th February 2007, 07:19 AM   #5
lineup is offline lineup  Sweden
diyAudio Member
 
lineup's Avatar
 
Join Date: Dec 2005
Location: the north
Quote:
Originally posted by Geek
I shouldn't have to mod the timing then, 160kByte/sec is exactly my transfer rate.

Size of files is never an issue, it's a quantity of pesky little files
That is an above average speed!

Where I can run into trouble
is , of course, when browsing/downloading from some Asian countries.

Because, it does not matter if I can download with 381 kByte/sec
if those websites, can Upload to my PC
with only 50-75kByte/sec. ( ~0.50 MBits/sec )

It is always the slower side, that sets The LIMIT.

And 50kByte/s was the Download SPEED I got when testing against KOREA.
Using this great site:
http://www.dslreports.com/speedtest?more=1


lineup
__________________
lineup
  Reply With Quote
Old 11th February 2007, 10:09 AM   #6
diyAudio Member
 
Geek's Avatar
 
Join Date: Sep 2004
This is average for me for North America. Anything on APNIC is just HORRIBLE though >.<
Attached Images
File Type: jpg bw_test.jpg (52.7 KB, 15 views)
  Reply With Quote

Reply


Hide this!Advertise here!
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
.slb file (translated library file)...! spice freak Solid State 0 28th October 2008 04:20 PM
.wav file limits? Netlist Digital Source 5 2nd December 2006 08:16 AM
Help I need a file!!!! lawbadman Everything Else 9 8th October 2006 07:33 PM
PDF file advice cm961 Everything Else 9 9th August 2005 04:00 AM


New To Site? Need Help?

All times are GMT. The time now is 05:36 AM.


vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
Copyright 1999-2014 diyAudio

Content Relevant URLs by vBSEO 3.3.2