I have a problem with some PHP/MySQL not working. I can upload files like .docx and .sql perfectly but when i try with .gif, .jpg .zip and .rar, it doesn't work.
Here is the upload form code:
<?php
if (isset($_GET['uploadError']))
{
echo '<div id="error">There was an error uploading the file. Please try again</div>';
}
elseif ((!isset($_SESSION['dbusername']))&&(!isset($_SESSION['dbpassword'])))
{
header('Location: ?page=login&uploadAttempt=true&attemptedSite=upload');
}
else
{
echo '
<center>
<form class="form" enctype="multipart/form-data" action="uploadaction.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="30720" />
<p class="uploadfile">
<input name="uploadedfile" type="file" />
</p>
<p class="submit">
<input type="hidden" name="upload" value="start" />
<input type="submit" value="Upload File" />
</p>
</form></center>';
}
?>
Here is the uploadaction.php code:
<?php
require('lib.php');
localhost_con('filehunt');
session_start();
if(isset($_POST['upload']) && $_FILES['uploadedfile']['size'] > 0)
{
$fileName = $_FILES['uploadedfile']['name'];
$tmpName = $_FILES['uploadedfile']['tmp_name'];
$fileSize = $_FILES['uploadedfile']['size'];
$fileType = $_FILES['uploadedfile']['type'];
$fp = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
}
/*$fh = fopen($_FILES['uploadedfile']['tmp_name'], 'r');
$theData = fread($fh, filesize($_FILES['uploadedfile']['tmp_name']));
$theData = mysql_real_escape_string($theData);
fclose($fh); */
$date = date("y/m/d : H:i:s", time());
$sql = "INSERT INTO files (rowID, file, mimetype, data, uploaded_by, uploaded_date, size, times_downloaded)
VALUES (NULL, '$fileName', '$fileType', '$content', '$user', '$date', $fileSize, 0);";
if (mysql_query($sql,$con))
{
header('Location: index.php?page=search&uploadSucces=true');
}
else echo mysql_error();
}
else header('Location: index.php?page=upload&uploadError=true');
?>
It gets inserted in the database, but the mimetype and data column is empty. Can anyone tell me why this is happening, and how to fix it?
Thank you in advance Adam
Not quite shure, but this:
$fileType = $_FILES['uploadedfile']['type'];
must be like this:
$finfo = new finfo();
$fileType = $finfo->file($_FILES['uploadedfile']['tmp_name'], FILEINFO_MIME);
I had the same problem with other type of files. The workaround is encoding the file with base64 that is safer to transmit (do not contain invalid characters that may truncate the streaming).