How to dynamically determine unknown file extension from file in web folder

[abeamreach]

I have a page using forms to help build listing templates for eBay. I have a folder where I have hundreds of logos stored. I know the logo names but not their extensions. . . . I have to test each potential (jpg, jpeg, gif, png, etc.) until I guess right. Here is an example code for the web form:

<form action="extension_test2.php" method="post">
<p>Logo: <input name="e" value="" type="text" size="15" maxlength="30" /><p>
<input name="Submit" type="Submit"/>
</form>

 

and the form's result:

<?

$e =$_POST['e'];

if(!empty($e)) {
echo '<img src="http://www.gbamedical.com/ebayimg/logos/'.$e.'">';
};

?>

 

Here is a link to the example: http://www.gbamedical.com/extension_test.php Use "olympus.jpg" for test.

I am looking for code that can determine the file type and dynamically add the extension. Can it be done?

[Jacques1]

getimagesize()

finfo_file()

[abeamreach]

getimagesize()

finfo_file()

Thanks Jacques1. . .. .   Could I ask you to help me flesh this out a bit?  I am a novice and I can't figure out how to implement your suggestions.  Can you help me with the code in my example? 

 

Thanks in advance,  Trevor

[Ch0cu3r]

If I understand your problem you want the user to type the name of the logo to be used. You want PHP to guess the correct image extension for the logo. 

 

I think a better idea will be to have a drop down menu populated with all your logo images. Then all you need to do is select the logo you want to use. Rather than having to type the logo name each time. 

 

Code for the dropdown

<form action="extension_test2.php" method="post">
<p>Select Logo Image: <select name="logo">
<?php 
$logo_image_path = $_SERVER['DOCUMENT_ROOT'] . '/ebayimg/logos/';
// find all jpg,jpeg,png and gif images in the logos folder and create a item menu for each logo
foreach(glob($logo_image_path.'/*.{jpg,jpeg,png,gif}', GLOB_BRACE) as $logo_image): 
?>
    <option value="<?php echo basename($logo_image); ?>"><?php echo pathinfo($logo_image, PATHINFO_FILENAME); ?></option>
<?php enforeach; ?>
</select></p>
<input name="Submit" type="Submit"/>
</form>

Then in your PHP code you'd use

<?php
// if the logo field has been submitted
if(isset($_POST['logo']))
{
    // the folder where you logo images are kept
    $logo_images_path = '/ebayimg/logos/';

    // set the path to the chosen logo image
    $logo_image = $logo_images_path . basename($_POST['logo']);

    // check if the logo exists
    if(file_exists($_SERVER['DOCUMENT_ROOT'] . $logo_image))
    {
         // show the image
         echo '<img src="$logo_image" />';
    }
}

?>

Edited September 1, 2014 by Ch0cu3r

[mentalist]

? Convert all the logo's to the same type, faster all round...

[abeamreach]

 

 

 

Code for the dropdown

<form action="extension_test2.php" method="post">
<p>Select Logo Image: <select name="logo">
<?php 
$logo_image_path = $_SERVER['DOCUMENT_ROOT'] . '/ebayimg/logos/';
// find all jpg,jpeg,png and gif images in the logos folder and create a item menu for each logo
foreach(glob($logo_image_path.'/*.{jpg,jpeg,png,gif}', GLOB_BRACE) as $logo_image): 
?>
    <option value="<?php echo basename($logo_image); ?>"><?php echo pathinfo($logo_image, PATHINFO_FILENAME); ?></option>
<?php enforeach; ?>
</select></p>
<input name="Submit" type="Submit"/>
</form>

Thank you, This solution will work well for me.  However, on the code for the drop down. . .  I am getting the following error:  

 

Parse error syntax error, unexpected $end in /home/content/l/a/w/lawson/html/extension_test.php on line 14

 

any ideas?

[Ch0cu3r]

Chnage <?php enforeach; ?> to <?php endforeach; ?>

[abeamreach]

Chnage <?php enforeach; ?> to <?php endforeach; ?>

Thanks again for your help.  I'm not trying to be pain but now the problem is the result at extension_test2.php is:  

<img src="$logo_image" />

see this live test here:  http://www.gbamedical.com/extension_test.php

 

I've tried to figure it out on my own. .  but I'm missing something.

[Ch0cu3r]

Small typo on my behalf again. This line in extension_test2.php

         echo '<img src="$logo_image" />'; 

should be

         echo '<img src="'.$logo_image.'" />';

[abeamreach]

Thank you for all your help. . .  for my learning / edification why should I not just use:

<?
$logo =$_POST['logo'];


echo '<img src="http://www.gbamedical.com/ebayimg/logos/'.$logo.'" />'


?>

and finally. . . Is there a way to add a blank option in the drop down?  In my current page when nothing is inputted into the text box. . . I have code to ignore the logo.  But with the drop box there is no way, currently, to return an empty result.  There are times I don't want a logo at all.

 

Thanks for your patience with me!

Edited September 1, 2014 by abeamreach

[Ch0cu3r]

To prevent directory traversal. A malicious user could completely by pass your form and submit a malicious file path or value. Which could be used to attack your server by either retrieving sensitive information or run an XSS attack.

Basically number one rule of thumb never trust user input. Before using it you need to verify/sanitize it before using it.

 

With my code it ensures the file in $_POST['logo'] only exists in your /ebayimg/logos/ directory.

 

 

 

 Is there a way to add a blank option in the drop down?

Of course add <option></option> after the opening <select> tag

[abeamreach]

Thank you. . . I have a bunch to learn!  My web form is password protected and only for my use to build templates.  Because it is password protected, and I am the only one with the code, can I be confident that directory traversal is unlikely without the measures you suggest?  I ask because I have many forms that I will need to update if not.

 

Thanks again for you huge help!