Please Help. I am developing php project that allows to upload spreadsheet data and import it to database i am using phpSpreadsheet but I notice that when I upload .xls , .csv, and .xlsx the the $FILE[''][''] is not recognize and it return to no file has been attached, but I notice it when I transfer it to another project directory without the .htaccess that removes the .php and .html extension , the code works.

here is the htaccess

RewriteEngine on
RewriteCond %{THE_REQUEST} /([^.] )\.php [NC]
RewriteRule ^ /%1 [NC,L,R]

RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^ %{REQUEST_URI}.php [NC,L]

RewriteCond %{THE_REQUEST} /([^.] )\.html [NC]
RewriteRule ^ /%1 [NC,L,R]

RewriteCond %{REQUEST_FILENAME}.html -f
RewriteRule ^ %{REQUEST_URI}.html [NC,L]

RewriteCond %{REQUEST_URI} !(/$|\.) 
RewriteRule (.*) %{REQUEST_URI}/ [R=301,L] 

Here is my form

<form action="php/import.php" method="post" enctype="multipart/form-data">
                    

                    <div >
                        <div >
                            <span>File</span>
                            <input type="file" name="file_upload">
                        </div>
                        <div >
                            <input  type="text">
                            <span  data-error="" data-success=""><?php echo (!empty($handler)) ? $handler : 'Note: Only file formats .xls, .csv, and .xlsx';?></span>
                        </div>
                    </div>
                    <div class='input-field col s12 m12 l2 xl2 '>
                        <input type="submit" name="file_submit" id="file_submit"  class='btn'>
                        
                    </div>
                </form>

and here is my import code

<?php
require '../../includes/domain_name.php';
require '../../includes/config.php';
require 'vendor/autoload.php';

use PhpOffice\PhpSpreadsheet\Spreadsheet;
use PhpOffice\PhpSpreadsheet\Writer\Xlsx;


if(isset($_POST['file_submit'])){
    
    $fileName = $_FILES['file_upload']['name'];
    $file_ext = pathinfo($fileName, PATHINFO_EXTENSION);
    $allowed_ext = ['xls','csv','xlsx'];
    
    if(in_array($file_ext, $allowed_ext)){
        
        $targetPath  = $_FILES['file_upload']['tmp_name'];
        $spreadsheet = \PhpOffice\PhpSpreadsheet\IOFactory::load($targetPath);
        $data = $spreadsheet->getActiveSheet()->toArray();
        $count = 0;
        foreach($data as $row){
            if($count > 0){
                $access_code = $row['0'];
                $first_name = $row['1'];
                $last_name =  $row['2'];
                $email = $row['3'];
                
                $sql = "INSERT INTO attendees (access_code, first_name, last_name, email_address) VALUES (?, ?, ?, ?)";
                $stmt = mysqli_stmt_init($mysqli);
                if(!mysqli_stmt_prepare($stmt,$sql)){
                    header('location:'.$domain_name.'/admin/login.php?error=stmtfailed');
                    exit();
                }
                mysqli_stmt_bind_param($stmt,"isss",$access_code,$first_name, $last_name,$email);
                mysqli_stmt_execute($stmt);
                mysqli_stmt_close($stmt);  
            }else{
                $count = 1;
            }
        }
        header('location:'.$domain_name.'admin/attendees.php?error=none');
        exit();
    }
    else{
        header('location:'.$domain_name.'admin/attendees.php?error=invalidformat');
        exit();
    }
}
else{
    header('location:'.$domain_name.'admin/attendees.php?error=nofile');
    exit();
}

?>

CodePudding user response：

If your form action looks like this

<form action="/upload.php" method="post" enctype="multipart/form-data">

Your /upload.php request is redirected to /upload and you'll lose your post data. Redirecting is happening because of the rules in .htaccess

This is how the network request looks like in Chrome \ Network

You can read more about why POST data isn't carried on redirect:

https://softwareengineering.stackexchange.com/questions/99894/why-doesnt-http-have-post-redirect