473,385 Members | 1,720 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > wrong if statement logic

Join Bytes to post your question to a community of 473,385 software developers and data experts.

Wrong if statement logic

I am trying to upload images using either exec command.
The file is uploaded ok.
My script:

<html>
<head>
<title>Picture Upload Page</title>
<?php

if ($_POST['upload']=="upload") {

$fnamefrom = ' ()/\%"'."'^&*@!`~";
$fnameto = "+__________+___";
$fname = strtr($pic_name,$fnamefrom,$fnameto);

if ($pic_size > 0) {
$upload_file = system("/bin/cp $pic
/mnt/raid/WWWROOT/lexon.ws/imgstore/$fname", $retval);

if ($upload_file) {
$goodsave = 1;
}
else {
echo "error while uploading files";
};
};
}

else {echo "no submit";};

?>
</head>
<body>
<?php
if ($goodsave == 1) {
?>
<p>The picture, $pic, was successfully saved to the server.</p>
<?php
}
else {echo "NOT SAVED!!!";};
?>

<form action="<?php echo $PHP_SELF?>" method="post"
enctype="multipart/form-data">
<input type="file" name="pic" size="25">
<input type="submit" name="upload" value="upload">
</form>

</body>
</html>
I still receive error NOT SAVED and error uploading files.
Is something wrong with my logic.

Thanks
Jul 17 '05 #1
3 1718
Bartosz Wegrzyn wrote:
I am trying to upload images using either exec command.
The file is uploaded ok.
My script:

<html>
<head>
<title>Picture Upload Page</title>
<?php

if ($_POST['upload']=="upload") {

$fnamefrom = ' ()/\%"'."'^&*@!`~";
$fnameto = "+__________+___";
$fname = strtr($pic_name,$fnamefrom,$fnameto);

if ($pic_size > 0) {
$upload_file = system("/bin/cp $pic

^
Where is $pic coming
from?

And why are you using system commands when there's perfectly good PHP
functions to do exactly what you want? e.g. move_uploaded_file(), or
even just copy()

--
Oli

Jul 17 '05 #2
Oli Filth wrote:
Bartosz Wegrzyn wrote:
I am trying to upload images using either exec command.
The file is uploaded ok.
My script:

<html>
<head>
<title>Picture Upload Page</title>
<?php

if ($_POST['upload']=="upload") {

$fnamefrom = ' ()/\%"'."'^&*@!`~";
$fnameto = "+__________+___";
$fname = strtr($pic_name,$fnamefrom,$fnameto);

if ($pic_size > 0) {
$upload_file = system("/bin/cp $pic


^
Where is $pic coming
from?

And why are you using system commands when there's perfectly good PHP
functions to do exactly what you want? e.g. move_uploaded_file(), or
even just copy()

the pic is comming from the form
Jul 17 '05 #3
Bartosz Wegrzyn wrote:
Oli Filth wrote:
Bartosz Wegrzyn wrote:
I am trying to upload images using either exec command.
The file is uploaded ok.
My script:

<html>
<head>
<title>Picture Upload Page</title>
<?php

if ($_POST['upload']=="upload") {

$fnamefrom = ' ()/\%"'."'^&*@!`~";
$fnameto = "+__________+___";
$fname = strtr($pic_name,$fnamefrom,$fnameto);

if ($pic_size > 0) {
$upload_file = system("/bin/cp $pic


^
Where is $pic coming
from?

And why are you using system commands when there's perfectly good PHP functions to do exactly what you want? e.g. move_uploaded_file(), or even just copy()

the pic is comming from the form


This is assuming that you have register_globals enabled. But having it
enabled is a Bad Thing. See
http://www.php.net/manual/security.globals.php for why.

Have you actually read the manual on how to handle file uploads? Start
with the examples there.
http://www.php.net/manual/features.file-upload.php
--
Oli

Jul 17 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

11
Proposal: runtime validation statement
by: Paul Rubin | last post by:
I frequently find myself writing stuff like # compute frob function, x has to be nonnegative x = read_input_data() assert x >= 0, x # mis-use of "assert" statement frob = sqrt(x)...
Python
47
Table Layout and What's Wrong With it
by: Neal | last post by:
Patrick Griffiths weighs in on the CSS vs table layout debate in his blog entry "Tables my ass" - http://www.htmldog.com/ptg/archives/000049.php . A quite good article.
HTML / CSS
94
the c# return statement
by: John Bailo | last post by:
The c# *return* statement has been bothering me the past few months. I don't like the fact that you can have different code paths in a method and have multiple return statements. To me, it...
.NET Framework
51
what is wrong with the goto command?
by: WindAndWaves | last post by:
Can anyone tell me what is wrong with the goto command. I noticed it is one of those NEVER USE. I can understand that it may lead to confusing code, but I often use it like this: is this...
Microsoft Access / VBA
41
Are gotos truly evil?
by: Mark R. Dawson | last post by:
I have never used a goto statement in my code, one of the first things I was told in my software classes a number of years ago was "goto statements are evil and lead to spagetti code - do not use...
C# / C Sharp
3
if statement in web.config file
by: sck10 | last post by:
Hello, Currently, I have two web.config files on different machines (test and production). The only difference between the two is that the connectionstring and appsettings point to different...
ASP.NET
6
What's wrong the the logic in this code?
by: Jeff Gardner | last post by:
Greetings: I am attempting to get conditional output based on POSTed form data. If the posted value is either the key or value of an array, $x=key and $q=foo. elseif it is neither key nor...
PHP
8
insert statement blocked
by: nano2k | last post by:
Hi Shortly, I keep invoices in a table. Occasionally, someone will fire the execution of a stored procedure (SP) that performs several UPDATEs against (potentially) all invoices OLDER than a...
Microsoft SQL Server
25
Re: What am I doing wrong?
by: Cromulent | last post by:
On 2008-07-06 21:09:55 +0100, Joe Wright <joewwright@comcast.netsaid: Err, no not really as that has nothing to do with stock market prices :). -- "I disapprove of what you say, but I'll defend...
C / C++
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!