<?php
if(isset($_POST['upload']))
{
//$albumid = $_POST['id'];
// Check to see if the type of file uploaded is a valid image type
function is_valid_type($file)
{
// This is an array that holds all the valid image MIME types
$valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif");
if (in_array($file['type'], $valid_types))
return 1;
return 0;
}
// Just a short function that prints out the contents of an array in a manner that's easy to read
// I used this function during debugging but it serves no purpose at run time for this example
function showContents($array)
{
echo "<pre>";
print_r($array);
echo "</pre>";
}
// Set some constants
//$TARGET_PATH = "video/temp/";
$TARGET_PATH = "video/";
// Get our POSTed variables
$vidname = $_POST['vidname'];
$vidout = "$vidname.wmv";
$thumbname = "$vidname";
$video = $_FILES['video'];
$vidin = $video['name'];
// Sanitize our inputs
$vidname = mysql_real_escape_string($vidname);
//$video['name'] = mysql_real_escape_string($video['name']);
$vidin = $video['name'];
// Build our target path full string. This is where the file will be moved do
// i.e. images/picture.jpg
$TARGET_PATH .= $video['name'];
// Make sure all the fields from the form have inputs
if ( $vidname == "" || $video['name'] == "" )
{
echo "mali 1";
$_SESSION['error'] = "All fields are required";
// header("Location: uploadvid.php");
}
// Lets attempt to move the file from its temporary directory to its new home
if (move_uploaded_file($video['tmp_name'], $TARGET_PATH))
{
//see FFMPEG-PHP for windows
//convert any video format into WMV format
//exec('c:/ffmpeg/bin/ffmpeg.exe -i video/temp/'.$vidin.' -ar 11025 -ab 32 -f flv -s 320x240 video/'.$vidout.'');
//create and get a frame from the video uploaded, to make it thumbnail.
exec('c:/ffmpeg/bin/ffmpeg.exe -i video/'.$vidin.' -vcodec png -vframes 1 -an -f rawvideo -s 320×240 video/thumb/'.$thumbname.'');
exec('c:/ffmpeg/bin/ffmpeg.exe -i video/'.$vidout.' -an -ss 00:00:03 -t 00:00:01 -r 1 -y -s 320x240 video/thumb/'.$thumbname.'');
//unlink("video/temp/".$vidin);
// NOTE: This is where a lot of people make mistakes.
// We are *not* putting the image into the database; we are putting a reference to the file's location on the server
echo $v_id = $_SESSION['v_id'];
$sql = "select * from tvideo where videoId= '$v_id'";
$result=mysql_query($sql);
$myrow = mysql_num_rows($result);
if ($myrow == 0)
{
$sql1 = "insert into tvideo (vthumbnail, vfilename) values ('$thumbname', '$vidin')";
$result = mysql_query($sql1) or die ("Could not insert data into DB: " . mysql_error());
}
else{
$sql2 = "update tvideo set vthumbnail='$thumbname', vfilename = '$vidin' where videoId = '$v_id'";
$result = mysql_query($sql2) or die ("Could not update data into DB: " . mysql_error());
}
//echo "hello<br>";
$tname = $vidout;
//echo "$tname";
//header("Location: index_1.php");
//exit;
}
else
{
// A common cause of file moving failures is because of bad permissions on the directory attempting to be written to
// Make sure you chmod the directory to be writeable
$_SESSION['error'] = "Could not upload file. Check read/write persmissions on the directory";
//header("Location: index_1.php");
exit;
}
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data">
<label>
<div align="center"><span class="style14 style31">Kindly type your Full Name: </span></div>
</label>
<div align="center"><span class="style9">
<input type="text" name="vidname" />
<br>
<br>
<br>
</span></div>
<span class="style9"><label>
<div align="center" class="style11"><span class="style9 style29">Locate the path containing your Video.</span></div>
<br>
<span class="style9">
</label>
</span>
<div align="center">
<span class="style9"><span class="style31">File to upload:</span>
<input type="file" name="video" />
</span></div>
<br><label>
<div align="center"><span class="style14 style31">
<span class="style32">
Note:<li>Maximum video size (???)</li>
</span>
</span> </div>
</label>
<div align="center"><br />
<input type="hidden" name="MAX_FILE_SIZE" value="100" />
<input type="submit" name="upload" id="submit" value="UPLOAD" onClick="return confirm('Warning: Previous video will be overwritten.')" />
<input type="reset" name="reset" id="reset" value="CLEAR" />
</div>
</form>
</div></td>
</tr>
</table>
</center>
</body>
</html>
views:
21answers:
1
+1
A:
You can get the file size with
$_FILES['userfile']['size']
and abort if it's too big.
PS: I don't think you sanitized the input correctly - mysql_real_escape_string($vidname)
doesn't modify a path like C:\Windows\explorer.exe
Otto Allmendinger
2010-02-18 18:32:45
where should i particularly put that code?
schatzie
2010-02-18 18:36:10
I guess before you process the file
Otto Allmendinger
2010-02-18 18:39:24
$_FILES['userfile']['size']
schatzie
2010-02-18 18:39:40
ok thank you,, i'll try it
schatzie
2010-02-18 18:48:16