7

I'm using UserFrosting a user management system and I'm having some trouble uploading a file through form post, this is what I tried

This is how my twig file looks.

<form name="eveniment" method="post" action="{{form_action}}" enctype="multipart/form-data">
  ...
  <input type="file" class="form-control" name="poza" id="poza">
  ...
</form>`

This is how my controller looks like

$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["poza"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);

// Check if image file is a actual image or fake image
$check = getimagesize($_FILES);
if($check !== false) {
    $ms->addMessage("success", "File is an image - " . $check["mime"] . ".");
    $uploadOk = 1;
} else {
    $ms->addMessage("danger", "File is not an image.");
    $uploadOk = 0;
}
$ms->addMessage("success", $target_file);
// Check if file already exists
if (file_exists($target_file)) {
    $ms->addMessage("danger", "Sorry, file already exists.");
    $uploadOk = 0;
}
// Check file size
if ($_FILES["poza"]["size"] > 500000) {
    $ms->addMessage("danger", "Sorry, your file is too large.");
    $uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    $ms->addMessage("danger", "Sorry, your file was not uploaded.");
// if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["poza"]["name"], $target_file)) {
        $ms->addMessage("success", "The file ". basename( $_FILES["poza"]["name"]). " has been uploaded.");
    } else {
        $ms->addMessage("danger",  "Sorry, there was an error uploading your file.");
    }
}

Route

$app->post('/evenimente/?', function () use ($app) {
    $controller = new UF\EvenimentController($app);
    return $controller->createEveniment();
});

PHP configuration

file_uploads On

upload_max_filesize 128M

Every other input is posted succesfully, except this one with the type="file".

I don't have any errors, I tried different ways, but with no success. Also if I print $_FILES["poza"]["name"] it will be empty.

alexw
  • 8,468
  • 6
  • 54
  • 86
Gerald Hughes
  • 5,771
  • 20
  • 73
  • 131
  • Are you sure that you're sending the request to your controller? – Davide Pastore Feb 22 '16 at 23:00
  • Nothing wrong with your code, not from this angle. Start troubleshooting one component at a time. Begin by posting to your route with a file upload. – Scriptonomy Feb 23 '16 at 04:25
  • @DavidePastore Yes, I am, the other fields are posted successfully. Here is my route : $app->post('/evenimente/?', function () use ($app) { $controller = new UF\EvenimentController($app); return $controller->createEveniment(); }); – Gerald Hughes Feb 23 '16 at 10:02
  • `var_dump($_FILES);` – CBroe Feb 23 '16 at 10:32
  • 3
    `getimagesize($_FILES)` – that‘s nonsense of course, you can not call that function by passing the complete $_FILES array into it. http://stackoverflow.com/questions/9799343/how-can-i-use-getimagesize-with-files – CBroe Feb 23 '16 at 10:33
  • @CBroe $_FILES is empty – Gerald Hughes Feb 23 '16 at 13:40
  • How big is the file you are uploading? If the file size is larger than your web server allows it will behave exactly as you are describing – geggleto Feb 23 '16 at 14:59
  • @geggleto the maximum file size is set to 128 mb. My files is 2mb – Gerald Hughes Feb 24 '16 at 12:47

1 Answers1

3

This answer is assuming you're using UserFrosting, since you linked this question in the UserFrosting Gitter chat.

UserFrosting includes CSRFGuard Middleware to make sure all POST requests originated locally. You need to include the CSRF token to ensure that the middleware does not block the POST request.

Since the token is already in the Twig global variables, the easiest way is to use a hidden form field with the CSRF token in it:

<input type="hidden" name="{{csrf_key}}" value="{{csrf_token}}">
Netrilix
  • 121
  • 5