Search code examples
phpmysqlhtmlfile-upload

Image upload not working

I would really like your help. I would consider myself an intermediate PHP programmer, but I have never used file uploads before. I have been stuck on this problem for a long time. This is a simplified version of my code and I'm 99% sure the error lies somewhere in here. The output is always "The file wasn't an image file."

This is my HTML...

<form action="upload.php" method="post" enctype="multipart/form-data">
<input type="file" id ="partyPic"><br/>
<button  type="button" onClick="uploadFile()">upload</button>
</form>

This is my PHP...

$image = $_FILES['image']['tmp_name'];

if (!isset($image)){

  //Create default image.

}else{

$image =  mysql_real_escape_string(file_get_contents($_FILES['image']['tmp_name']));
$name = mysql_real_escape_string($_FILES['image']['name']);
$image_size = getimagesize($_FILES['image']['tmp_name']);
}

if($image_size == FALSE){
echo 'The file wasn\'t an image file.';
}else{
//I have code that successfully uploads stuff to my database.
}

If you could help it would be greatly appreciated.

Thank you, Rick Ryan

Solution

  • Example Upload from http://www.php.net/manual/en/features.file-upload.post-method.php:

    The basic Form:

    <!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="__URL__" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <input type="submit" value="Send File" />
</form>

    The PHP:

    <?php

$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
    echo "File is valid, and was successfully uploaded.\n";
} else {
    echo "Possible file upload attack!\n";
}

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";

?>

    The example from the manual.

    So you should build apon something like this:

    <form enctype="multipart/form-data" action="upload.php" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
    Send this file: <input name="userfile" type="file" />
    <input type="submit" value="Send File" />
</form> 

<?php
if($_SERVER['REQUEST_METHOD'] == 'POST' && $_FILES['userfile']['error'] == 'UPLOAD_ERR_OK'){
    $uploaddir = '/var/www/uploads/';
    $uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
    list($width, $height, $type, $attr) = getimagesize($_FILES['userfile']['tmp_name']);

    if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
        echo "File was successfully uploaded.\n";
        ... Do Database stuff
    }
}
?>