unexpected T_STRING $_FILES['userfile']['tmp_name'] 3

[vamonos]

I have tried several variations of a file upload script but all give me an unexpected T_STRING error with $_FILES['userfile']['tmp_name']. Does anyone know why this might be?
For example - from this same page:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
        <TITLE>Upload Files</TITLE>
</HEAD>

<BODY>
<H1>File Uploader</H1>
<HR>
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="fupload.php" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <input type="submit" name="Submit" value="Send File" />
</form>

<?php
if(isset($_POST['Submit'])){
$nwfile = "files/". basename($_FILES['userfile']['name']);

echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $nwfile)) {
   echo "File is valid, and was successfully uploaded.\n";
} else {
   echo "Possible file upload attack!\n";
}

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";
}
?>
</BODY>
</HTML>

or from my own trial page:

<?php require_once('Connections/recommendingpeople.php'); 
mysql_select_db($database_recommendingpeople, $recommendingpeople);?>
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
if(isset($_POST['upload']) && $_FILES['userfile']['size']>0)
 { 
 $fileName = $_FILES['userfile']['name'];
 $tmpName  = $_FILES['userfile']['tmp_name'];
 $fileSize = $_FILES['userfile']['size'];
 $fileType = $_FILES['userfile']['type'];

 $fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
$content = addslashes($content);
 fclose($fp);

 if(!get_magic_quotes_gpc())
 {
     $fileName = addslashes($fileName);
 }

 include 'library/config.php';
 include 'library/opendb.php';
mysql_select_db($database_recommendingpeople, $recommendingpeople);
 $query = "INSERT INTO userphoto (name, size, type, content)".
 "VALUES ('$fileName', '$fileSize', '$fileType', '$content')";

 mysql_query($query) or die('Error, query failed'); 
 include 'library/closedb.php';

 echo "<br>File $fileName uploaded<br>";
 } 
else { echo "there is no post"; }
 ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "[URL unfurl="true"]http://www.w3.org/TR/html4/loose.dtd">[/URL]
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<form method="post" enctype="multipart/form-data">
 <table width="350" border="0" cellpadding="1"  cellspacing="1" class="box">
 <tr> 
 <td width="246">
<input type="hidden" name="MAX_FILE_SIZE" value="2000000">
 <input name="userfile" type="file" id="userfile"> 
 </td>
 <td width="80"><input name="upload" type="submit"  class="box" id="upload" value=" Upload "></td>
 </tr>
 </table>
 </form>
</body>
</html>

 

[vacunita]

The PHP example works for me. Couldn't test your example because obviously I don't have your connection files and database, but if the first code works for me, it suggests some type of configuration issue with the PHP parser.

If you are running this locally check your PHP.ini.

Also note you are limiting your files to be under 30KB in size.

----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[vamonos]

Thanks for checking this out. Yes as far as I can see there is no problem with the php - that's what makes it more frustrating. What sort of thing can I look for in my php? I am using php5.2.11 on a remote server. file uploads is on, upload_tmp_dir has no value which from what I have read leaves the default path. File size and security I will adjust later - I just want to display this page to understand what is going wrong before I apply it to my real page. thanks again for looking I really appreciate any input.

 

[vacunita]

Try this out:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
        <TITLE>Upload Files</TITLE>
</HEAD>

<BODY>
<H1>File Uploader</H1>
<HR>
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="upload.php" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <input type="submit" name="Submit" value="Send File" />
</form>

<?php
if(isset($_POST['Submit'])){
echo "<pre>" .  $_FILES['userfile'] . "</pre>";

?>
</BODY>
</HTML>

Stripped down version.

See if the error key has a number other than 0.



----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[vacunita]

Ignore that, try this instead:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
        <TITLE>Upload Files</TITLE>
</HEAD>

<BODY>
<H1>File Uploader</H1>
<HR>
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="upload.php" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="3000	00" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <input type="submit" name="Submit" value="Send File" />
</form>

<?php
if(isset($_POST['Submit'])){
echo "<pre>";
print_r($_FILES['userfile']);
echo "</pre>";
}
?>
</BODY>
</HTML>

----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[vamonos]

that worked (the second one )

 

[vamonos]

what's the next stage?

 

[vamonos]

whereever I get mention of tmp_name I get an error in any script I try

 

[vacunita]

What did it say? did the error key have any number other than 0.
And did the tmp_key have anything in it?
It should have looked kind of like this if there's an error,

Array
(
    [name] => file.txt
    [type] => 
    [tmp_name] =>
    [error] => 2
    [size] => 0
)

We want the [error] value. What was it?



----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[vamonos]

Well I can't see the error codes as I can not display a page I just get -
Parse error: syntax error, unexpected T_STRING in /home/biomagn1/public_html/recommendingpeople.com/ya.php on line 11

It would seem that whenever it sees tmp_name it throws the above error

 

[vacunita]

You said the second script worked. I assumed it displayed something.

----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[vamonos]

the second script displayed the form fine - no mention of tmp_name. However if I submit anything it does nothing.

 

[vamonos]

ok got it working now
Array
(
[name] => code_640340_1.txt
[type] => text/plain
[tmp_name] => /tmp/phpQOIGee
[error] => 0
[size] => 429
)

however if I try to upload anything bigger - small photo it doesn't sent.

 

[vamonos]

back to matters in hand: this seems to be the source of all problems:

<?php
if(isset($_POST['upload']) && $_FILES['userfile']['size']>0){
print_r($_FILES['userfile']);
  $fileName = $_FILES['userfile']['name'];
  echo  $fileName;

}
?>

gives
Parse error: syntax error, unexpected T_VARIABLE in /home/biomagn1/public_html/recommendingpeople.com/Untitled-2.php on line 4

I have now figured out tmp_name, name etc are populated and fine.:
Array ( [name] => LOGO5.GIF [type] => image/gif [tmp_name] => /tmp/php1fXM4c [error] => 0 [size] => 47776 )

 

[vacunita]

No I'm confused, it works? it doesn't work? it only works on small files?

The file you tried to upload originally, does it populate the array correctly? Or is there an error? Just the array, nothing more at this time. Or does the [error] key have anything in it?

Array
(
[name] => code_640340_1.txt
[type] => text/plain
[tmp_name] => /tmp/phpQOIGee
[error] => 0
[size] => 429
)

however if I try to upload anything bigger - small photo it doesn't sent.

If that works but a bigger file doesn't, then it means there's an upload size limit. Either by the form, or by the actual php.ini file.

Again if you can edit that, you can change the max_upload_filesize directive in it to something larger. Though if this is a 3rd party host it may not let you.

;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;

; Whether to allow HTTP file uploads.
;

http://php.net/file-uploads

file_uploads = On

; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
;

http://php.net/upload-tmp-dir

upload_tmp_dir = "c:/wamp/tmp"

; Maximum allowed size for uploaded files.
;

http://php.net/upload-max-filesize

[red]upload_max_filesize = 2M[/red]

If the file being uploaded is larger than what is allowed in PHP.ini then the values will not get populated, so trying to use the tmp_name array key would result in an error as it won't be there.

With that said, I have not managed to get the T_String error, the most I've managed was to get an undefined index for userfile when the form's enctype was not present, therefor nothing is sent to the server and the $_FILES array is not populated at all.


----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[vamonos]

I got the jpg up now. So all is good here. this still gives error... Something wrong with variables??

<?php
if(isset($_POST['upload']) && $_FILES['userfile']['size']>0){
print_r($_FILES['userfile']);
  $fileName = $_FILES['userfile']['name'];
  echo  $fileName;

}
?>

 

[jpadie]

before testing for the value of an array element test whether it exists. if you do not, then a NOTICE is returned if the array element does not exist

if(isset($_POST['upload']) && isset($_FILES['userfile']) && $_FILES['userfile']['error'] == 0){
print_r($_FILES['userfile'])

remember that if you provide good information in your posts then we can help more. simply telling us there is 'an error' is about as useless as giving a dictionary to a donkey. without knowing the full error message we are simply taking educated stabs in the dark.

 

[vamonos]

Yes you are right - most of my problem is trying to figure out which page to open the dictionary - to try and figure out what the problem is. The error I have posted in full above.
Now I know that I can populate the array above - all is well. Infact retyping out the examples got much further. The next hurdle is this - should be simple

['code'] $addfile = "INSERT INTO userphoto (name, size, type, content)"."VALUES ('$filename', '$filesize', '$filetype', '$content')";
[/code]

gives me this: Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING

nearly there ... I think. Thankyou for looking over this - all your help is invaluable even if just to get me to ask the right questions.

 

[vamonos]

RESOLVED - just with a careful retype and check of all variables. It would appear my editor was pasting in extra characters as well with copy and paste.
thanks a lot for all your help and pointing in the right direction.

 

[ingresman]

Glad you got it working!
Mental note guys:
Perhaps we need to see a hexdump of the source files when these kind of errors manifest. For windows

http://www.richpasco.org/utilities/hexdump.html

does the job and is a tiny download
*nix od should be ok?