Search code examples
phpurluploading

Why do I get this error when trying to upload an image?

When I go to myserver index and upload and image from there using the interface, it works fine. But as soon as I try to enter the path myself, like:

http://myserver/upload.php?image['name']=F:\Bilder\6.jpg

it gives me an error that all fields are required. But I have to upload images like this, because I plan to implement it in an app that I'm making. Thing is, that I'm not that well acquainted with php.

here is the upload.php

<?php
session_start();

require("includes/conn.php");


function is_valid_type($file)
{

$valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif", "image/png");

if (in_array($file['type'], $valid_types))
    return 1;
return 0;
}

function showContents($array)
{
echo "<pre>";
print_r($array);
echo "</pre>";
}

$TARGET_PATH = "images/";

$image = $_FILES['image'];

$image['name'] = mysql_real_escape_string($image['name']);

$TARGET_PATH .= $image['name'];

if ( $image['name'] == "" )
{
$_SESSION['error'] = "All fields are required";
header("Location: index.php");
exit;
}

if (!is_valid_type($image))
{
$_SESSION['error'] = "You must upload a jpeg, gif, or bmp";
header("Location: index.php");
exit;
}

if (file_exists($TARGET_PATH))
{
$_SESSION['error'] = "A file with that name already exists";
header("Location: index.php");
exit;
}

if (move_uploaded_file($image['tmp_name'], $TARGET_PATH))
{
$sql = "insert into Avatar (filename) values ('" . $image['name'] . "')";
$result = mysql_query($sql) or die ("Could not insert data into DB: " .     mysql_error());

exit;
}
else
{
header("Location: index.php");
exit;
}

?>

and the index.php

                <?php
                if (isset($_SESSION['error']))
                {
                    echo "<span id=\"error\"><p>" . $_SESSION['error'] . "</p></span>";
                    unset($_SESSION['error']);
                }
                ?>
                <form action="upload.php" method="post" enctype="multipart/form-data">
                <p>

                    <label>Avatar</label>
                    <input type="file" name="image" /><br />
                    <input type="hidden" name="MAX_FILE_SIZE" value="100000" />
                    <input type="submit" id="submit" value="Upload" />
                </p>
Solution

  • the problem lies in 

    if ( $image['name'] == "" )

    $image has no value there.

    You are doing a get request so if you would like to know what the image variable is you should use 

    $_GET['image']

    Another thing is that you are doing $image = $_FILES['image'];

    $_FILES will only be available from a post request. Uploading files can not be done in the way you are doing now by a parameter from a GET request.