I have a simple upload form. It uses getEssays.php to write the data to my webpage.
Students can use it to upload an essay, normally about 20KB. Last week it worked fine, group 1 uploaded their essays, no problem.
This week it was group2’s turn. I received 2 zero byte files. I don’t know how they managed that!
I have the following to validate the files. I am not good at this. What is the best way to add a check for a ZERO byte file and exit with an error message?
Thanks in advance for any tips or advice.
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
if (is_uploaded_file($_FILES['my_upload']['tmp_name']))
{
//First, Validate the file name
if(empty($_FILES['my_upload']['name']))
{
echo " The file name is empty! <br> ";
echo " Please select a file. <br>";
echo " Your file could not be sent. <br>";
exit;
}
$upload_file_name = $_FILES['my_upload']['name'];
//Too long file name?
if (strlen($upload_file_name)>100)
{
echo " The file name is too long! <br> ";
echo " Please make the file name shorter. <br>";
echo " Your file could not be sent. <br>";
exit;
}
//replace any non-alpha-numeric cracters in th file name
$upload_file_name = preg_replace("/[^A-Za-z0-9 \.\-_]/", '', $upload_file_name);
//set a limit to the file upload size
if ($_FILES['my_upload']['size'] > 1000000)
{
echo " The file you are sending is too big. <br> ";
echo " The maximum size should be 1MB <br>";
echo " Please send a smaller file or send the file in an email. <br>";
echo " Your file could not be sent. <br>";
exit;
}
//Save the file
$dest=__DIR__.'/essays/'.$upload_file_name . '_' . $time;
if (move_uploaded_file($_FILES['my_upload']['tmp_name'], $dest))
{
echo " Your contact details have been saved. <br>";
echo 'Your file has been uploaded! <br> ';
}
}
}