Search the Community

Hello fellas, I'm trying to write a simple application that uploads a file other than an image into a database. I mean files such as pdf, doc and some common image extensions. My php version is 5.5.24. I have an index page which displays the information of various user high scores, and an addscore script which uploads a new info into the database. The program works fine if i only allow users to upload a file with an extension of type .gif,.jpg, .png and .pjpeg. With the permission of a .doc, .pdf, it doesn't allow the upload anymore and it brings up the error it ought to display if its more than the specified size (even though i'm still within the permissible range!). This is the index code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Guitar Wars - High Scores</title> <link rel="stylesheet" type="text/css6"href="style.css" /> </head> <body> <h2>Guitar Wars - High Scores</h2> <p>Welcome, Guitar Warrior, do you have what it takes to crack the high score list? If so, just <a href="addscore.php">add your own score</a>.</p> <hr /> <?php require_once('appvars.php'); require_once('connectvars.php'); // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die("Error querying database"); // Retrieve the score data from MySQL $query = "SELECT * FROM guitarwars ORDER BY name ASC" ; $data = mysqli_query($dbc, $query); // Loop through the array of score data, formatting it as HTML echo '<table>'; $i = 0; while ($row = mysqli_fetch_array($data)) { // Display the score data if ($i == 0) { echo '<tr><td colspan="2" class="topscoreheader">Top Score:'. $row['score'].'</td></tr>'; } echo '<tr><td class="scoreinfo">'; echo '<span class="score">' . $row['score'] . '</span><br />'; echo '<strong>Name:</strong> ' . $row['name'] . '<br />'; echo '<strong>Date:</strong> ' . $row['date'] . '</td>'; if(is_file(GW_UPLOADPATH . $row['screenshot']) && filesize(GW_UPLOADPATH . $row['screenshot']) > 0) { echo '<td><img src ="' . GW_UPLOADPATH . $row['screenshot'] .'"alt="Score image" /></td></tr>'; } else { echo '<td><img src="' . GW_UPLOADPATH . 'unverified.gif' . '" alt="Unverified score" /></td></tr>'; } $i++; } echo '</table>'; mysqli_close($dbc); ?> </body> </html> This is the addscore script: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Guitar Wars - Add Your High Score</title> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body> <h2>Guitar Wars - Add Your High Score</h2> <?php // Define the upload path and maximum file size constants require_once('appvars.php'); require_once('connectvars.php'); if (isset($_POST['submit'])) { // Grab the score data from the POST $name = $_POST['name']; $score = $_POST['score']; $screenshot = $_FILES['screenshot']['name']; $screenshot_type = $_FILES['screenshot']['type']; $screenshot_size = $_FILES['screenshot']['size']; if (!empty($name) && !empty($score) && !empty($screenshot)) { if ((($screenshot_type == 'image/gif') || ($screenshot_type == 'image/jpeg') || ($screenshot_type == 'image/pjpeg') || ($screenshot_type == 'image/png') || ($screenshot_type == 'image/pdf') || ($screenshot_type == 'image/docx')) && ($screenshot_size > 0) && ($screenshot_size <= GW_MAXFILESIZE)) { if ($_FILES['screenshot']['error'] == 0) { //Move the file to the target upload folder $target = GW_UPLOADPATH . $screenshot; if (move_uploaded_file($_FILES['screenshot']['tmp_name'], $target)) { // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); // Write the data to the database $query = "INSERT INTO guitarwars VALUES (0, NOW(), '$name', '$score', '$screenshot')"; mysqli_query($dbc, $query); // Confirm success with the user echo '<p>Thanks for adding your new high score!</p>'; echo '<p><strong>Name:</strong> ' . $name . '<br />'; echo '<strong>Score:</strong> ' . $score . '<br />'; if (($screenshot_type == 'image/pdf') || ($screenshot_type == 'image/docx')) { echo '<img src="scroll.jpg" alt="Score image" /></p>'; } else { echo '<img src="' . GW_UPLOADPATH .$screenshot.'" alt="Score image" /></p>'; } echo '<p><a href="index.php"><< Back to high scores</a></p>'; // Clear the score data to clear the form $name = ""; $score = ""; $screenshot =""; mysqli_close($dbc); } else { echo '<p class ="error">Sorry, there was a problem uploading your screen shot image.</p>'; } } } else { echo '<p class="error">The screen shot must be a GIF, JPEG, or PNG image file no ' . 'greater than ' . (GW_MAXFILESIZE / 1024) . ' KB in size.</p>'; } // Try to delete the temporary screen shot image file @unlink($_FILES['screenshot']['tmp_name']); } else { echo '<p class="error">Please enter all of the information to add your high score.</p>'; } } ?> <hr /> <form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <input type="hidden" name="MAX_FILE_SIZE" value="102400" /> <label for="name">Name:</label> <input type="text" id="name" name="name" value="<?php if (!empty($name)) echo $name; ?>" /> <br /> <label for="score">Score:</label> <input type="text" id="score" name="score" value="<?php if (!empty($score)) echo $score; ?>" /> <br /> <label for="screenshot">Screen shot:</label> <input type="file" id="screenshot" name="screenshot" /> <hr /> <input type="submit" value="Add" name="submit" /> </form> </body> </html> I've been on this for the past one week. Googling stuffs on how to upload a file other than an image file. I'll so much appreciate it if i can get how else it is to upload a file other than an image. Thank you in advance!