PDA

View Full Version : The FTP Script is Here



Jas
11-07-2007, 05:39 PM
(Don't know if this is the right place for this, but. . . )

At long last, here is my version of FTP Uploading with PHP.
FEATURES: Uploads content, saves info in a table, zip's EXE files, uploads only filetypes you deem safe, simple anti-overwrite feature . . .
TO SET UP:

FILE: form.php
CONTENTS:


<?php
function showform(){
if($_GET['error'] == 1){
$error = '<h3><u>ERROR:</u> You must put a title.</h3>';
}elseif($_GET['error'] == 2){
$error = '<h3><u>ERROR:</u> That file format is not supported.</h3>';
}elseif($_GET['error'] == 3){
$error = '<h3><u>ERROR:</u> Your file failed to load.</h3>';
}elseif($_GET['error'] == 'x'){
$error = '<h3><u>UPLOAD:</u> Your file has been uploaded to the server.</h3>';
}

print " <html>
<head>
<style type='text/css'>
body{
text-align: center;
}div#left, div#right{
float: left;
width: 300px;
height: 300px;
}div#base{
float: left;
width: 600px;
border-style: solid;
border-color: #000000;
border-width: 1 0 1 0;
text-align: center;
}p{
text-align: justify;
text-indent: 30px;
margin: 0;
}div#terms{
width: 600px;
margin-right: auto;
margin-left: auto;
}div#form{ width: 600px; display: none; text-align: left; margin: auto; }
</style>
<script type='text/javascript'>
<!--
function agree(){
document.getElementById('terms').style.display = 'none';
document.getElementById('form').style.display = 'block';
}
//-->
</script>
</head>
<body>
<div id='terms'>
<!--========================================//-->
<div style='width:600px; margin:auto; font-size:1px;'>$error</div>
<h2><p style='text-align: center'>TERMS OF USE:</p></h2>
<hr></hr>
<p>YOUR TERMS OF USE GO HERE</p>
<p style='text-align: center'>I agree:<input type='radio' onclick=agree() name='1'>
I disagree:<input type='radio' onclick='javascript:history.back()' name='1'></p>
<!--========================================//-->
</div>
<div id='form'>
<form name='upload' enctype='multipart/form-data' action='upload.php' method='POST'>
<h2>Submit Information</h2>
<div id='left'>
File To Upload:<br>
<input type='file' name='up_file'><br>
Title:<br>
<input type='text' name='title'><br>
Description:<br>
<textarea name='discription'></textarea><br>
</div>
<div id='right'>
Notes:<br>
<textarea name='notes'></textarea><br>
Copyright:<br>
<input type='text' name='copyright'><br>
</div>
<div id='base'>
<input type='submit' name='Submit' value='Submit'>
<input type='reset' value='Reset'>

<input type=hidden name=box value=''>

</div>
</form>
</div>
Script by: Jason Mace 2007
</body>
</html>";
}
?>


FILE: upload.php
(NOTE THAT THIS IS THE FILE THAT SHOULD BE VIEWED)
CONTENTS:


<?php

$Connection = MySQL_Connect($host, $name, $pass) or die ('NO CONNECTION TO MySQL');

if (!MySQL_Select_db('Files')){
print 'Create DB: '. mysql_query('CREATE DATABASE Files');
print '<br>Select DB: '.MySQL_Select_db('Files');
print '<br>Create Table: '.

MySQL_query("CREATE TABLE files (
num SERIAL,
path VARCHAR(150),
title VARCHAR(100),
filetype VARCHAR(20),
disc VARCHAR(500),
provider VARCHAR(50),
notes VARCHAR(500),
copyright VARCHAR(150)
);");

}else{}

if ($_POST['Submit'] == 'Submit'){
if($_POST['title'] == ''){
header("Location: ./upload.php?error=1");
}else{
set_time_limit(0);

$conn_id = ftp_connect($host) or die("Couldn't connect");
$login_result = ftp_login($conn_id, $ftpName, $ftpPass) or die("ERROR IN FTP CONNECTION");


$theFile = $_FILES['up_file'];
$source = $theFile['tmp_name'];
$file_destination = $_FILES['up_file']['name'];

$allowedTYPES = array('JPEG','JPG','AVI','MPEG','WMV','PDF','DOC','DOCX','TXT','EXE','ZIP');
$filetype = pathinfo($_FILES['up_file']['name']);
$filetype = strtoupper($filetype['extension']);

if(array_search($filetype, $allowedTYPES)){
ftp_chdir($conn_id, "/information/");
ftp_chdir($conn_id, "upload");
$path = './information/upload/';

$i = 0;
while(is_file('./upload/'.$file_destination) == 1){
$file_destination = $i.$file_destination;
$i++;
}

$path2= '/upload/'.$file_destination;

$upload = ftp_put($conn_id, $file_destination, $source, FTP_BINARY);

if($filetype == 'EXE'){
$zip = new ZipArchive;
$res = $zip->open("./upload/$file_destination.zip", ZipArchive::CREATE);
if ($res === TRUE) {
$zip->addFile("./upload/$file_destination", $file_destination);
$zip->close();
unlink("./upload/$file_destination");
$path2 .= '.zip';
} else {
$upload = false;
}
}else{}

if($upload){

$title = $_POST['title'];
$disc = $_POST['discription'];
$provider = $_SESSION['username'];
$notes = $_POST['notes'];
$copyright = $_POST['copyright'];

MySQL_Query("INSERT INTO files VALUES(
NULL,
'$path2',
'$title',
'$filetype',
'$style',
'$disc',
'$sugrank',
'$provider',
'$notes',
'$copyright'
)");

header("Location: ./upload.php?error=x");

}else{ header("Location: ./upload.php?error=3"); }
}else{ header("Location: ./upload.php?error=2&filetype=$filetype");}
MySQL_Close($Connection);
ftp_close($conn_id);
}
} else {
showform();
}

?>


There is a little more work to set it up. These files should be in a folder called "information", and you need to create a folder inside "information" called "upload". Make sure that you have the PHP_zip option enabled in your ini file. The fastest way to do that is to click the wamp server quicklink on the taskbar>> PHP Settings >> Extensions >> PHP_zip. You will also need to download and set up an FTP Server as well. This is VERY easy to do. I am using FileZilla Server (http://filezilla-project.org/download.php?type=server). Lastly, you also need to put this line of code into your .htaccess file:

php_value upload_max_filesize 50M

This controls the max filesize your script will allow. Note that if you do not add this to your .htaccess, it will only DL things as big as JPEG files.

*All the things in red should be changed.

If you have any questions, feel free to post them. And, I did spend several months creating this, so an "Upload Script by Jason Mace" somewhere on the site would be great-- You don't have to, of course. . .

pssparkman
11-07-2007, 07:35 PM
So if I understand this right I can upload large video files right? Up to how big would you say?

Also, what is it asking for when it says $conn_id above in your upload.php code? Also, where would the .htaccess file be in the ftp server? One last thing, I have copied and pasted the two portions of code and tried to bring up the form and nothing comes up. What could be the problem?

Jas
11-08-2007, 12:21 AM
So if I understand this right I can upload large video files right? Up to how big would you say?


php_value upload_max_filesize 50M
This sets it to 50 MB, which is very high. You probably want to lower it.


Also, what is it asking for when it says $conn_id above in your upload.php code?

that is the connection to FTP.


Also, where would the .htaccess file be in the ftp server? One last thing, I have copied and pasted the two portions of code and tried to bring up the form and nothing comes up. What could be the problem?

.htaccess is a file on the server (named .htaccess) that contains settings for your webserver--it's not part of the FTP server. If you don't have one on your webserver yet, create one. Put the code into the file and name it .htacces and put it in the root folder. As for the last question, are you viewing the upload.php file? (Not the form.php file.)

pssparkman
11-08-2007, 12:41 AM
I went to view the form.php and it displayed nothing on the screen. I copied and pasted the form.php code exactly as you had it and then went to view it in the browser and nothing came up.

As for the $conn_id do I need to replace that with anything. I still don't understand. Sorry, as my coding skills just simply suck.

The 50MB file size is actually too small for the video files that I need to uploaded. Will it handle say up to 100-200MB files?

Thanks.

Jas
11-08-2007, 04:47 AM
I went to view the form.php and it displayed nothing on the screen. I copied and pasted the form.php code exactly as you had it and then went to view it in the browser and nothing came up.

View the upload.php file NOT the form.php file. The form.php file contains only a function to display the form; the upload.php file calls it. I should have made that clearer--sorry. View the upload.php file.


As for the $conn_id do I need to replace that with anything. I still don't understand. Sorry, as my coding skills just simply suck.

Sorry! That should not have been in bold/red. That part does not need editing-- my mistake.


The 50MB file size is actually too small for the video files that I need to uploaded. Will it handle say up to 100-200MB files?


That *might* be too big to do-- I haven't tried. I would suggest condencing the files to make them smaller, because you probably don't want files that big being sent to your server-- it'll fill up really really fast. But the script might take it if you edit the 50M to something larger, like the 200M you want. Let me know.

Did you figure out everything else okay?

pssparkman
11-08-2007, 05:11 AM
Yeah, everything is pretty explanatory.


When trying to view it, this came up:

Parse error: parse error, unexpected ')', expecting '(' in .........

The line in question is:

$res = $zip->open("./uploads/$file_destination.zip", ZipArchive::CREATE);

Jas
11-08-2007, 09:33 PM
It might be that you need to enable that feature in you PHP ini file. The easiest way to do that is to click the wamp server quicklink on the taskbar>> PHP Settings >> Extensions >> PHP_zip

EDIT: There was also an error in the file location. Try replacing the zip portion of code as well (I fixed it).
EDIT2: Actually, replace the whole file. There was another location error for the MySQL area. :(

Try enabing that, replacing the code, and If it doesn't work, give me the full error message and I'll see what I can do from there.

insanemonkey
11-12-2007, 08:08 AM
for somereason, i get a 500 internal error when i put the .htaccess in my file, why is this, i dont understand it..

pssparkman
11-12-2007, 07:01 PM
Jas, what file type does the .htaccess have to be? (htm, php, html, etc.)

insanemonkey
11-13-2007, 05:44 AM
.htaccess is its own file..
put that htaccess code into a notepad.
save as
name=
.htaccess
and make sure it says .htaccess only..
it should not say .htaccess.txt
or anything just .htaccess...

BLiZZaRD
11-13-2007, 05:22 PM
You will also need to download and set up an FTP Server as well. This is VERY easy to do. I am using FileZilla Server.


So why not just use Filezilla FTP client?

pssparkman
11-13-2007, 07:11 PM
for somereason, i get a 500 internal error when i put the .htaccess in my file, why is this, i dont understand it..

I also get this error when trying to view my website with the file on the server. If I delete the file, I can then access my website like nothing is wrong.

Any thoughts?

BLiZZaRD
11-13-2007, 07:18 PM
CHMOD is a usual suspect, either on a file or a directory. If you have any that are CHMOD 777, change them to 755 and see if that works.

Jas
11-13-2007, 08:17 PM
Blizzard: Making each user download the FTP Fillzilla client wouldn't go over well. It could work, certainly, but this way is easier for the average user. Having each user configure an uploader is a bit impracticle (spelling?), I think.

As for the .htaccess issue, I don't really know what's wrong there. . . .

BLiZZaRD
11-13-2007, 08:28 PM
But having them download and configure the filezilla server is different? Just pointing it out. Not bashing your work, it seems like a nice script.

Jas
11-16-2007, 04:57 PM
But having them download and configure the filezilla server is different? Just pointing it out. Not bashing your work, it seems like a nice script.

No offense taken. But I think your a little confuised. The server needs filezilla, the users don't. This script lets users upload files like you would an attachement to a post or email-- nothing to worry about in the way of cinfiguring or installing on the users end. The server on the other hand needs the Fillezilla server.

The_Saints1: This isn't the place for that question. . . And I don't know, sorry. :(

insanemonkey
11-17-2007, 06:31 PM
there is no filezilla server, filezilla is a ftp program that is just like connection through your browser but through ftp, you do not have to have filezilla or any other program as microsoft has had it build in to your program, for example.
type this into your browser.
ftp://yourdomain.com
or ftp://you@you.com:8888 sometimes looks like this..
filezilla does not have a server and you do not have to download the program.. but filezilla is recommended for transferring files from your computer to your server/hosting server...
also you have to set ftp up in your hosting company... a loong process but worth it..
and the .htaccess file does not work jas

BLiZZaRD
11-17-2007, 08:21 PM
there is no filezilla server

Wrong. FZ is a whole lot more than an FTP client. including a server (http://filezilla-project.org/download.php?type=server)



filezilla is a ftp program that is just like connection through your browser but through ftp, you do not have to have filezilla or any other program as microsoft has had it build in to your program, for example.
type this into your browser.
ftp://yourdomain.com
or ftp://you@you.com:8888 sometimes looks like this..
filezilla does not have a server and you do not have to download the program.. but filezilla is recommended for transferring files from your computer to your server/hosting server...

Yeah, I know how FTP clients work, and it's a type of request, and it's not Windows, it the servers that have it. IE is very limited in it's FTP protocols as well as most other browsers, including upload and download size, etc.



also you have to set ftp up in your hosting company... a loong process but worth it..

What's long? If your server supports FTP transfers, you should have a log in name and password to get to your control panel, and 90% ot thee time FTP uses the same, always port 21, enter your username your password and the domain, connected. Takes about 10 seconds.

Jas
11-17-2007, 11:13 PM
Okay, okay-- No need to argue.:D

I agree with BLiZZaRD partially, but I think that as far as users are concerned, they aren't going to want to DL an FTP client on their machine. Yes, it would probable work better, but as far as practicality-- people are just too lazy to do it. I know that I wouldn't even consider it. And even if they did, how many would actually figure it out (most ppl don't know what FTP is)? I know it's not hard, but honestly, some people aren't very computer savvy (spelling?). UL from the net and letting the script do all the work is easier for the average user-- plus my script stores files in a DB and zips EXE files. FileZilla can't do that :) . . . not boasting, of course:p

Insanemonkey: 1) FileZilla IS an FTP Server. 2) Paste the code and the error (I think I know what it is, but let's have a look anyway) and let's see what we can do. (not just that line, either-- if you don't mind sharing a little more. If it is a config error, it could be caused by a conflict with something else-- or a syntax error)

insanemonkey
11-18-2007, 03:34 PM
I just thought it wasnt a sever now i know.. i dont know how it is a server and how is it a server when all it is, is a program contecting to your ftp host, not filezilla, unless you can do more with filezilla then i know.. but..

my host, 1and1, they horribly suck, oh my god its annoying me, but there ftp thing takes a long time to set up.. like an hour, not long but yeh, cuase they suck.

also probably my host blocks that .htaccess i think, becuase they are lame in always..

but yeh. i dont understand how filezilla is a server??
all it does is connect to a port, is that considered as a server...

BLiZZaRD
11-18-2007, 03:38 PM
Two different applications. The FileZilla server is separate from the FileZilla FTP Client.

And if your looking to switch hosts let me know I have a link to a really good deal ;)

insanemonkey
11-19-2007, 08:05 AM
oh. i c, i use ftp clien only.. i dunno anything about the server... oops, what would be the link.. cuase i am really thinking about switching...

BLiZZaRD
11-19-2007, 02:50 PM
Use this link (http://www.site5.com/in.php?id=10585-6) to see the main page of offers. I have been with them for over 2 years now. They just merged with a smaller business to offer more servers.

Support response times varies from 30 minutes to about 3 hours (depending) or you can pay $1 to escalate your trouble ticket. (I haven't had to do this yet).

You really do get what they say, and I have been overly happy with them since I switched.

Shotgun Ninja
11-21-2007, 03:48 PM
Jas, what file type does the .htaccess have to be? (htm, php, html, etc.)

FAIL!!!

insanemonkey
11-24-2007, 04:28 AM
hey does site5, allow you to have your own ip address, also, say if i had a service like tinyurl.com
where they let users have a url,
I want to create a service on my site(1and1 dont allow it) where when a user creates a profile on my site it will give them a subdomain name for every users like
myname.host.com..
can site5 do that...
I believe they are called wildcard subdomains
there services look awesome by the way and thats alot of space for that much....

BLiZZaRD
11-24-2007, 04:59 AM
you have unlimited subdomains, unlimited pointers, wildcards are allowed. Site5 just started hosting domains, so most of us don't use there domain service yet. I still buy my domain through godaddy and point the DNS to site5.

insanemonkey
11-25-2007, 06:22 AM
I cant believe you buy domains from godaddy, they are the most crappiest service out there, I here so many bad reveiws about them and their hosting services, but after my hosting(6month period) service is over I will try to transfer all my stuff and try them out.. sounds great.. Thankyou guys!!:eek:

BLiZZaRD
11-25-2007, 04:06 PM
I don't do anything through godaddy except buy my domains (3 domains, with private registration.. 8 bucks a year? yeah I will do that) My webhost site5, handles everything else. ;)

Jas
12-23-2007, 04:25 AM
I updated the .htaccess file so that the max size works correctly. Before there was an error where it still would not accept anything over 10MB. Note that the value of post_max_size should be bigger then upload_max_filesize.
Here it is:

php_value upload_max_filesize 50M
php_value max_input_time 70
php_value post_max_size 65M
(I would put this on the original .htaccess file, but I can't edit it any more. . . )
Thanks and keep enjoying!

Jas
04-29-2008, 06:54 PM
Heh. I noticed a problem with form.php: the error messages don't display. I wondered why, and then I noticed:

<!--========================================//-->
<div style='width:600px; margin:auto; font-size:1px;'>$error</div>
<h2><p style='text-align: center'>TERMS OF USE:</p></h2>
<hr></hr>
<p>YOUR TERMS OF USE GO HERE</p>
<p style='text-align: center'>I agree:<input type='radio' onclick=agree() name='1'>
I disagree:<input type='radio' onclick='javascript:history.back()' name='1'></p>
<!--========================================//-->
This is a minor cosmetic problem, but I thought that I would let everyone know. To fix it, just change the number or remove the font-size. The reason I put it in there was so that, if there is no error, the div doesn't take up space. If you want to continue to avoid that problem, you can replace the
<div . . . . >$error</div> with
$error and put the div in each error message, like so:


if($_GET['error'] == 1){
$error = '<div style='width:600px; margin:auto'><h3><u>ERROR:</u> You must put a title.</h3></div>';
}elseif($_GET['error'] == 2){
$error = '<div style='width:600px; margin:auto'><h3><u>ERROR:</u> That file format is not supported.</h3></div>';
}elseif($_GET['error'] == 3){
$error = '<div style='width:600px; margin:auto'><h3><u>ERROR:</u> Your file failed to load.</h3></div>';
}elseif($_GET['error'] == 'x'){
$error = '<div style='width:600px; margin:auto'><h3><u>UPLOAD:</u> Your file has been uploaded to the server.</h3></div>';
}

magicyte
11-26-2008, 11:48 PM
Huzzah! I like the script.

-magicyte

LKLostKID
09-11-2009, 06:01 PM
please help im tearing my hair out tryin to get this to work :( i dont know why im having such trouble. maybe something i have over looked?

Create DB:
Select DB:
Create Table:
Fatal error: Call to undefined function showform() in /home/www/brokenbo/information/upload.php on line 98

thatguyuk
10-02-2009, 03:24 PM
I am having the same issue on a mac as well, yet if i reload the page the database does get built, but cannot get past this error.