File upload not working for all files

Question

I'm using the code below to upload some files with allowed extension under 5MB. But using this code, all doc or pdf etc are not uploading! For example: a 4.78MB docx file or a windows phone 1.64 mb jpg is not uploading!

$allowedExts = array("gif", "jpeg", "jpg","png","pdf","doc","docx","txt","rtf","bmp","psd","zip","rar","ppt","pptx");

$extension = end(explode(".", $_FILES["file"]["name"]));

if (in_array($extension, $allowedExts) && $_FILES["file"]["size"]<5242880 && $_FILES["file"]["error"]<=0) {
    $rand = rand(000,999);
    $tempfile = $_FILES["file"]["name"];
    $file = $time . "=" . $rand . "=" . $tempfile;

    if(file_exists("upload/".$file)) {
        header("location:home.php?error=error"); 
    } else {
        move_uploaded_file($_FILES["file"]["tmp_name"],"upload/".$file);
    }
} else {
    header("location:home.php?error=error"); //this gets executed for some doc or pdf files !
}

Answer 1

For that file "Holidays.docx'" it seems to me that file exceeds upload_max_filesize. At least that is what the var_dump said about $_FILES['file']['error'] which is equal to 1 (UPLOAD_ERR_INI_SIZE)

You should chech php.ini settings upload_max_filesize and post_max_size because that is the actual limit of how large file can be uploaded to server. By default upload_max_filesize = 2M so your 5MB limit means nothing.

Also you can use ini_get('upload_max_filesize'); to get runtime setting.
If you are unsure where is your php.ini configuration file located use phpinfo().

Also to know about is that PHP will return $_FILES['file']['size'] equal to 0 if file exceeds file size limit - which is exactly what happened.

So IMO everything is working as it should be. You should post more var_dump() infos for other files that don't upload.

Also to note, you don't check file extensions in case-insensitive manner so files with extensions like .DOCX will not be accepted by your script.

Answer 2

You're combining three conditions in your if statements here and if one of them fails, the else block will execute. But it won't tell you which condition failed.

if ( in_array($extension, $allowedExts) && $_FILES["file"]["size"]<5242880 &&
$_FILES["file"]["error"]<=0) {

Here:

• in_array($extension, $allowedExts) — from your var_dump output, this seems to be correct.

• $_FILES["file"]["error"]<=0) — this is okay, but you don't need to check if it is less than 0. The errors range from 1 to 8 and won't go below 0, but that won't be causing any issues though.

• $_FILES["file"]["size"]<5242880 — this could be failing. Check your php.ini configurations and find out what upload_max_size is. If it's less than the filesize of your file, the condition will fail and the else block will execute.

For troubleshooting purposes, I'd recommend splitting the if statements in separate blocks. That way, you'll understand which part is executing and will help you find out why.

An example:

$check = True;
if (!condition) {
    $check = False;
}
if (!condition) {
    $check = False;
}
if (!condition) {
    $check = False;
}

if ($check == True) {
    # code...
}

---

Here are some other minor improvements for your code:

You're currently using:

$extension = end(explode(".", $_FILES["file"]["name"]));

to get the image extension. This could fail if the extension is in different case.

Change this to:

$extension = strotolower( end(explode(".", $_FILES["file"]["name"])) );

or better yet:

$extension = strtolower( pathinfo($_FILES["file"]["name"], PATHINFO_EXTENSION) );

Second, you're using $time variable in the following statement:

$file = $time . "=" . $rand . "=" . $tempfile;

That variable isn't defined anywhere and PHP will throw an Undefined variable error when you run the script. Change it to:

$time = time();
$file = $time . "=" . $rand . "=" . $tempfile;

Hope this helps!