I am making basic uploading file code. User is only allowed to upload two types of files, word and excel, and the file size limit to upload is 2MB.
I try to upload the word file and is 1MB, it has successfully uploaded to the database. When I test the code, the error message based on the incorrect file format is displayed, so it works.
Now here is the problem. When i try to test it by uploading the file 5MB, that is above the limit 2MB, it displayed the message "Contract Form Sucessfully Submitted!", but the file is not uploaded to the database. It works but it displayed the message wrong when it supposed to be "Sorry. Your file is too large. Only 2MB is allowed.".
So what is going on here?
PHP:
if ($_FILES['upload']['size'] != 0 ){
$filename = mysqli_real_escape_string($con,$_FILES['upload']['name']);
$filedata= mysqli_real_escape_string($con,file_get_contents($_FILES['upload']['tmp_name']));
$filetype = mysqli_real_escape_string($con,$_FILES['upload']['type']);
$filesize = intval($_FILES['upload']['size']);
$created = date("Y-m-d H:i:s");
$allowed = array('zip','rar', 'pdf', 'doc', 'docx');
$ext = pathinfo($filename, PATHINFO_EXTENSION);
if(in_array($ext, $allowed)){
if($filesize < 2097152) {
$query = "INSERT INTO contracts( `filename`,`filedata`,`filetype`,`filesize`,`created`)
VALUES (?,?,?,?,?)";
$stmt = $con->prepare($query);
$null = NULL;
$stmt->bind_param("sbsis", $filename, $filedata, $filetype,$filesize,$created);
$fp = fopen($_FILES['upload']['tmp_name'], "r");
while (!feof($fp)) {
$stmt->send_long_data(18, fread($fp,$filesize));
}
fclose($fp);
$stmt->execute();
if ($stmt->errno){
echo "ERROR!!! " . $stmt->error;
} else {
$successMsg = "Contract Form Sucessfully Submitted!";
}
$stmt->close();
} else {
$errorMsg = "Sorry. Your file is too large. Only 2MB is allowed.";
}
} else {
$errorMsg = "Sorry. Only zip, rar, pdf, doc & docx are allowed.";
}
} else {
$created = date("Y-m-d H:i:s");
$query = "INSERT INTO contracts(`created`)
VALUES (?)" ;
$stmt = $con->prepare($query);
$stmt->bind_param("s", $created);
$stmt->execute();
if ($stmt->errno){
echo "ERROR!!! " . $stmt->error;
} else {
$successMsg = "Contract Form Sucessfully Submitted!";
}
$stmt->close();
}
}
$con->close();
?>
HTML FORM:
<html>
<body>
<form role="form" method="post" action="" enctype="multipart/form-data">
<?php
if(isset($errorMsg)){
?>
<?php echo $errorMsg; ?>
<?php
} else if(isset($successMsg)){
?>
<?php echo $successMsg; ?>
<?php
}
?>
<label>Upload File</label>
<input type="file" name="upload" />
<button type="submit" class="btn btn-primary btn-md" name="submit">
<span class="glyphicon glyphicon-plus"></span> Submit New Contract
</button>
</form>
</body>
</html>
Check upload_max_filesize and post_max_size in php.ini.and set them something like this
memory_limit = 32M
upload_max_filesize = 24M
post_max_size = 32M
then restart your web server and php
you can see them with
<?php
phpinfo();
also
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments