Secure File Upload Class - Problem

Any problems relating to the premium downloads should go in here
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Secure File Upload Class - Problem

Post by Mikem »

Hi,

Just got the class and I am getting two errors:

Strict Standards: Only variables should be passed by reference in D:\EasyPHP\EasyPHP-5.3.6.0\www\secure_upload.class.php on line 49

Warning: disk_free_space() [function.disk-free-space]: The system cannot find the path specified. in D:\EasyPHP\EasyPHP-5.3.6.0\www\secure_upload.class.php on line 138 Error: E_DISK_SPACE


I am using it as it comes, and extracted the files in the root folder, also tested this on a real server but same errors, the chmod was 777 for the files folder and there’s giga bytes of space so that isn’t really the problem.

Any idea on how to solve these?

Thanks for your time.
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

Are you using windows hosting ? I think the disk_free_space function behaves oddly on windows platforms. If so you will have to wait for me to do an update to fix this or just remove that check from the code as you are not that likely to run out of disk space.

For the strict error, it would be easiest to disable this level of error you can do that with php by adding

[syntax=php]error_reporting(E_ALL & ~E_STRICT);[/syntax]
to the top of the file or by editing your php.ini file.
Image
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

Mikem wrote:Thanks for the quick reply!

I tried that still getting the error: Warning: disk_free_space() [function.disk-free-space]: The system cannot find the path specified. in D:\EasyPHP\EasyPHP-5.3.6.0\www\secure_upload.class.php on line 138 Error: E_DISK_SPACE

And yes easyphp is running on windows 7, so does the online server run on some windows server version I believe.

I also tried to null out the lines: }else if (disk_free_space($dirname) < $this->size){

$this->error = self::E_DISK_SPACE;

But than I am getting a:

Error: E_DISALLOWED_TYPE

And its a .jpg file

I am going to use it anyway for filetypes such as .doc, docx. .zip, .rar

I wouldn’t mind getting it to work without checking the disk space, though I would appreciate if you could find a fix for windows server, if that really is the problem anyways.

Thanks

Can you make sure that the folder you are trying to upload into definitely exists ? The file type error may come from a problem with your php set up that prevents you from determining the type of files, can you make sure you either have the mime_content_type() or finfo_file() function available ?

Can you also post the code you are using ? no need to post the actual class, but just how you use it.
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

I am using the default setup which comes with your class and unpacked everything in the server root, so the path should be right.

www us my root folder and contains:
example.php
secure_upload.class.php
files (folder)

[syntax=php] <?php
error_reporting(E_ALL & ~E_STRICT);
if (isset($_FILES['image'])){

$upload = new secure_upload('image');
$upload->set_max_size(500 * 1024);
$upload->set_type_whitelist(array('image'));
$upload->set_extension_blacklist(array('php', 'phtml', 'php4', 'php5', 'pht', 'phps'));
$upload->save_to('./files/' . $upload->name);


if ($upload->error > 0){
echo '<div>Error: ', $upload->get_error_constant_name(), '</div>';
}else{
echo '<img src="files/', $upload->name ,'" alt="', $upload->name, '" />';
}
}else{
?>
<form action="" method="post" enctype="multipart/form-data">
<div>
<input type="file" name="image" />
<input type="submit" value="Upload" />
</div>
</form>
<?php
}

?>
[/syntax]

I tried to find where the available function may be listed within "easy php" setup, I also checked the "PHP Version 5.3.6" but nothing there seems to be indicating any function nor didn't I find anything related to those two functions.

Thanks for your time.
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

Okay, thanks for that.

Can you just try a quick test script

[syntax=php]var_dump(function_exists('mime_content_type'));

var_dump(function_exists('finfo_open'));[/syntax]
this will tell you if the necessary functions are available, post the result here. I may need to add another method for working out the type.
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

boolean false

boolean false


Seems like that means these are not available?

Anyways if its really too hard to get it working, I would rather just have the disk space check removed, though its security issue.
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

Mikem wrote:Seems like that means these are not available?

It means exactly that. It's very odd to have both methods unavailable.

Anyway, if you put this in a file and include it before my items file it should solve that problem of the type not being worked out correctly.

mime_content_type.txt
(17.39 KiB) Downloaded 382 times

Try that out, and we will worry about the disk space check once this first thing is solved
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

Thanks for the quick reply!

So I included mime_content_type.php in example.php and enclosed the (mime_content_type text with <?php ?> also corrected "fase" to "false" but I am getting the error:

Error: E_DISALLOWED_TYPE
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

[quote="Mikem"]also corrected "fase" to "false"[/quote
:oops: well spotted ;)

Right next thing to try, can you change line 44 of the class file from
[syntax=php]$this->mime_type = $this->get_mime();[/syntax]
to

[syntax=php]$this->mime_type = $this->get_mime();
var_dump($this->mime_type);[/syntax]

Hopefully you will get some text as the result.
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

Allright thanks, this is what I am getting:

string '' (length=0)

Error: E_DISALLOWED_TYPE
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

Well that cant be good.

Can you PM me a zip of the folder so I can test it out locally ?
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

Sorry about my stupid mistake >.<

I am now getting this:

Code: Select all

string 'application/octet-stream' (length=24)

Error: E_DISALLOWED_TYPE
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

No problem, it's all over piracy sites anyway ;)

What is the extension of the file you are uploading ? if you are getting that it means it is not being recognised for some reason :?
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

.jpg

I tried with others .jpg and I am also getting this different error:

Code: Select all

string 'application/octet-stream' (length=24)

Error: E_SIZE


Anyway I don't want the uploader for pictures, but to upload some file types (.rar,zip,.doc,.pdf,.docx..)
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

OH ! Okay I see why it's not working now, unfortunately this will require a modification to the class,

on line 86 replace the entire get_mime() method with this

[syntax=php] private function get_mime(){

return strtolower(mime_content_type($this->name));

}[/syntax]

that should solve that problem ;)
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

Same error, I think I am just gonna go find another uploader now, thanks though.
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

Mikem wrote:Same error, I think I am just gonna go find another uploader now, thanks though.

Ah, that may have been because the name property is not defined when that function is called.

Try changing the __construct method to this

[syntax=php] public function __construct($key){
$this->name = $_FILES[$key]['name'];

$this->temp_name = $_FILES[$key]['tmp_name'];

$this->upload_error = $_FILES[$key]['error'];

$this->mime_type = $this->get_mime();

var_dump($this->mime_type);

$this->type = explode('/', $this->mime_type);

$this->type = $this->type[0];

$this->size = $_FILES[$key]['size'];

$this->extension = end(explode('.', $_FILES[$key]['name']));

}[/syntax]
The only change is moving the line
[syntax=php]$this->name = $_FILES[$key]['name'];[/syntax]
to the top of the list.
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

Allright! uploading images now works =)

However I am now trying to allow uploading these filetypes only: zip,rar,doc,docx,pdf
Also I am limiting the max filesize to 10MB.
Right now it doesn't work, it justs returns to the upload file selection and no error message.

Here's what the code looks like atm:

[syntax=php] <body>
<?php

if (isset($_FILES['file'])){
$upload = new secure_upload('file');
$upload->set_max_size(1310720);
$upload->set_extension_whitelist(array('zip','rar','doc','docx','pdf'));
$upload->save_to('./files/' . $upload->name);



if ($upload->error > 0){
echo '<div>Error: ', $upload->get_error_constant_name(), '</div>';
}else{
echo 'files/'.$upload->name.$upload->name;
}
}else{
?>
<form action="" method="post" enctype="multipart/form-data">
<div>
<input type="file" name="file" />
<input type="submit" value="Upload" />
</div>
</form>
<?php
}

?>[/syntax]
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

Mikem wrote:it justs returns to the upload file selection and no error message.

what do you mean by that exactly ? do you get the

[syntax=php]echo 'files/'.$upload->name.$upload->name;[/syntax]
message but no file in the folder ?
Image
Mikem
Posts: 14
Joined: Sun Jul 10, 2011 3:47 pm

Re: Secure File Upload Class - Problem

Post by Mikem »

Well it seems " echo 'files/'.$upload->name.$upload->name;" was causing the problem, its working properly now, finally.

Thanks a lot for your time and support.
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: Secure File Upload Class - Problem

Post by jacek »

Mikem wrote:its working properly now, finally.

I'm glad you stuck with it, I don’t like the thought of people wasting their money. ;)

Mikem wrote:Thanks a lot for your time and support.

No problem, that's what the forum is for.
Image
Post Reply