Results 1 to 4 of 4

Thread: Setting MAX FILENAME LENGTH

Threaded View

  1. May 29th, 2009, 05:44 PM #1
    druss016
    druss016 is offline

    Thread Starter
    New Member
    Join Date
    May 2009
    Posts
    5

    Setting MAX FILENAME LENGTH

    i really am trying to figure out, in a php script, how to allow files to be uploaded that are less than 17 characters.....and not to allow files with filenames over 17 characters EX. i want "evil_artwork_work.bmp" and not "evil_artwork_longer_name_of_filename.bmp" that has a long name.

    Also, I am using a php uploader to upload files to a folder in my public_html directory.

    This is the script: (the upload form is at bottom of script):


    <?php
    //vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
    // You may change maxsize, and allowable upload file types.
    //^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    //Mmaximum file size. You may increase or decrease.
    $MAX_SIZE = 99900000000000;

    //Allowable file Mime Types. Add more mime types if you want
    $FILE_MIMES = array('application/pdf','image/jpeg','image/psd','image/png','image/jpg','image/gif'
    ,'image/png','image/bmp');

    //Allowable file ext. names. you may add more extension names.
    $FILE_EXTS = array('.bmp','.jpg','.png','.gif','.psd','.dib','.jpeg','.jpe','.jfif','.tiff');

    //Allow file delete? no, if only allow upload only
    $DELETABLE = false;

    //vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
    // Do not touch the below if you are not confident.
    //^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    /************************************************************
    * Setup variables
    ************************************************************/
    $site_name = $_SERVER['HTTP_HOST'];
    $url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['php_SELF']);
    $url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['php_SELF'];

    $upload_dir = "mmorpg/";
    $upload_url = $url_dir."/mmorpg/";
    $message ="";

    /************************************************************
    * Create upload Directory
    ************************************************************/
    if (!is_dir("mmorpg")) {
    if (!mkdir($upload_dir))
    die ("upload_files directory doesn't exist and creation failed");
    if (!chmod($upload_dir,0755))
    die ("change permission to 755 failed.");
    }

    /************************************************************
    * Process User's Request
    ************************************************************/
    if ($_REQUEST[del] && $DELETABLE) {
    $resource = fopen("log.txt","a");
    fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n");
    fclose($resource);

    if (strpos($_REQUEST[del],"/.")>0); //possible hacking
    else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking
    else if (substr($_REQUEST[del],0,6)==$upload_dir) {
    unlink($_REQUEST[del]);
    print "<script>window.location.href='$url_this?message=deleted successfully'</script>";
    }
    }


    else if ($_FILES['userfile']) {




    $file_type = $_FILES['userfile']['type'];
    $file_name = $_FILES['userfile']['name'];
    $file_ext = strtolower(substr($file_name,strrpos($file_name,".")));

    //File Size Check
    if ( $_FILES['userfile']['size'] > $MAX_SIZE)
    $message = "The file size is over 2MB.";
    //File Type/Extension Check
    else if (!in_array($file_type, $FILE_MIMES)
    &&!in_array($file_ext, $FILE_EXTS) )
    $message = "Sorry, $file_name($file_type) is not allowed to be uploaded.";
    else
    $message = do_upload($upload_dir, $upload_url);

    print "<script>window.location.href='$url_this?message=$message'</script>";





    }


    else if (!$_FILES['userfile']);
    else
    $message = "Invalid File Specified.";

    /************************************************************
    * List Files
    ************************************************************/
    $handle=opendir($upload_dir);
    $filelist = "";
    while ($file = readdir($handle)) {
    if(!is_dir($file) &&!is_link($file)) {
    $filelist .= "<a href='$upload_dir$file'>".$file."</a>";
    if ($DELETABLE) {
    $delfile = $file;
    $delfile = str_replace("&#37;","%25",$delfile);
    $delfile = str_replace("&","%26",$delfile);
    $delfile = str_replace("+","%2b",$delfile);
    $delfile = str_replace("?","%3f",$delfile);
    $filelist .= " <a href='?del=$upload_dir".$delfile."' title='delete'>x</a>";
    }
    $filelist .= "<sub><small><small><font color=grey> ".date("d-m H:i", filemtime($upload_dir.$file))
    ."</font></small></small></sub>";
    $filelist .="<br>";
    }
    }

    function do_upload($upload_dir, $upload_url) {

    $temp_name = $_FILES['userfile']['tmp_name'];
    $file_name = $_FILES['userfile']['name'];
    $file_name = str_replace("\\","",$file_name);
    $file_name = str_replace("'","",$file_name);
    $file_path = $upload_dir.$file_name;

    //File Name Check
    if ( $file_name =="") {
    $message = "Invalid File Name Specified";
    return $message;
    }



    $result = move_uploaded_file($temp_name, $file_path);
    if (!chmod($file_path,0777))
    $message = "change permission to 777 failed.";
    else

    $message = ($result)?"$file_name uploaded successfully." :
    "Something is wrong with uploading the file.";
    return $message;

    }


    ?>


    <left>
    <font color=red><?=$_REQUEST[message]?></font>
    <br>
    <form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
    Upload Image <input type="file" id="userfile" name="userfile">
    <input type="submit" name="upload" value="upload">
    </form>


    </left>
    Last edited by druss016; May 29th, 2009 at 05:51 PM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width