Upload Script removes 1st character of name

[kobsjohn]

I am wanting to put together a simple file upload page for a spec system. I started with the tutorial shown on this site linked here to get a basic understanding of how to do this: http://www.w3schools.com/php/php_file_upload.asp

 

The upload function appears to work properly outside of the fact that it cuts off the first character of every file name. For example the first file I tested this on was the Windows7 stock picture of penguins. This got uploaded as enguins.jpg. I have had the same issue with any file I try. I have searched for some other scripts and they all appear to be functionally the same on how the file is named. I am on PHP version 5.3.8.

 

Does anyone know where this issue may be coming from? Since I haven't found any other posts about this or FAQs referring to it as a common issue I am assuming it must be related to how the version of PHP is set up, but do not know where to look.

[niche]

Please post the script you're actually testing.

[kobsjohn]

This is pretty much straight from the linked page with only a tweak to max file size.

<?php$target_dir = "uploads/";$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);$uploadOk = 1;$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);// Check if image file is a actual image or fake imageif(isset($_POST["submit"])) {    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);    if($check !== false) {        echo "File is an image - " . $check["mime"] . ".";        $uploadOk = 1;    } else {        echo "File is not an image.";        $uploadOk = 0;    }}// Check if file already existsif (file_exists($target_file)) {    echo "Sorry, file already exists.";    $uploadOk = 0;}// Check file sizeif ($_FILES["fileToUpload"]["size"] > 800000) {    echo "Sorry, your file is too large.";    $uploadOk = 0;}// Allow certain file formatsif($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"&& $imageFileType != "gif" ) {    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";    $uploadOk = 0;}// Check if $uploadOk is set to 0 by an errorif ($uploadOk == 0) {    echo "Sorry, your file was not uploaded.";// if everything is ok, try to upload file} else {    if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {        echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";    } else {        echo "Sorry, there was an error uploading your file.";    }}?> 

Here is a bare bones version I got the same results with:

<?php$target_dir = "uploads/";$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);// if everything is ok, try to upload filemove_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file) ?> 

HTML code for reference:

<!DOCTYPE html><html><body><form action="upload.php" method="post" enctype="multipart/form-data">    Select file to upload:    <input type="file" name="fileToUpload" id="fileToUpload">    <input type="submit" value="Upload File" name="submit"></form></body></html>

[justsomeguy]

What happens if you add print_r($_FILES), does it show the file without the first character? If so, that might actually be an issue with your browser. It would be interesting to use your browser's developer tools to look at the request and see what the browser is sending.

[kobsjohn]

Here is what I got for uploading Chrysanthemum.jpg

Array ( [fileToUpload] => Array ( [name] => hrysanthemum.jpg [type] => image/jpeg [tmp_name] => C:xampptmpphp2B.tmp [error] => 0 => 879394 ) )

 

I am using Firefox.

[justsomeguy]

It looks like the browser is doing that. You can verify it by opening your browser's developer tools and checking the network tab to find the request where it uploads the file. The file data will include the file name, I bet there's a problem with something there.

[kobsjohn]

File name showed up ok for Jellyfish.jpg in the developer tools on the param tab, but the uploaded file was ellyfish.jpg. ellyfish.jpg was also what showed up in the response tab. I also tried Chrome and got the exact same result.

 

Params (1st couple lines only. Tab had over 6,000 lines of gibberish):

Content-Type: multipart/form-data; boundary=---------------------------100932476831350Content-Length: 776013-----------------------------100932476831350Content-Disposition: form-data; name="fileToUpload"; filename="Jellyfish.jpg"Content-Type: image/jpeg

Response:

Array(    [fileToUpload] => Array        (            [name] => ellyfish.jpg            [type] => image/jpeg            [tmp_name] => C:xampptmpphp46.tmp            [error] => 0            [size] => 775702        ))

[justsomeguy]

That looks strange, that looks like an actual bug. If you're running PHP 5.3.7 or 5.3.8 on Windows and have magic quotes enabled, then you're probably experiencing this bug:https://bugs.php.net/bug.php?id=55510

[kobsjohn]

I am on PHP 5.3.8 ans right now I am seeing magic_quotes_gpc as ON so this looks like the bug is my problem. I will see if I can get the person at my company who controls PHP to turn off the magic quotes or update the software and let you know if it fixes the issue. Thanks!

[kobsjohn]

FYI turning off the magic quotes worked. Thanks for your help!