Reaper0167 Posted February 7, 2009 Share Posted February 7, 2009 I would only like to be able to upload gif jpeg png jpg Any other file type would get an error. Right now if the file is larger than .5mb, i will will recieve an error, which is good, that is working correctly. Just the files types I can't seem to get. Here is the script again. <?php session_start(); include ("upload_db_info.php"); if (!empty($_POST['upload'])) { extract($_POST); if(isset($_POST['upload']) && $_FILES['upload_file']['size'] < 500000) { $fileName = $_FILES['upload_file']['name']; $tmpName = $_FILES['upload_file']['tmp_name']; $fileSize = $_FILES['upload_file']['size']; $fileType = $_FILES['upload_file']['type']; if ( file_exists($tmpName) ) { $content = file_get_contents($tmpName); } } else { unset($_SESSION['uploadcomplete']); $_SESSION['uploaderror'] = "<font color=red><font size=2>Please select a valid picture format under 500,000 bytes(.5 megabytes)"; header("location: http://www.---------.com"); exit(); } $user = mysql_real_escape_string($user); $trade = mysql_real_escape_string($trade); $picname = mysql_real_escape_string($picname); $fileName = mysql_real_escape_string($fileName); $fileSize = (int)$fileSize; $fileType = mysql_real_escape_string($fileType); $content = mysql_real_escape_string($content); $descrip = mysql_real_escape_string($_POST["descrip"]); $trade = mysql_real_escape_string($_POST["trade"]); $picname = mysql_real_escape_string($_POST["picname"]); $query = "INSERT INTO UploadedFiles (name, size, type, content, user, descrip, trade, picname)VALUES('$fileName', '$fileSize', '$fileType', '$content', '$user', '$descrip', '$trade', '$picname')"; $result = mysql_query($query)or die (mysql_error()); unset($_SESSION['uploaderror']); $_SESSION['uploadcomplete'] = "Your picture was uploaded to our system."; header("location: http://www._________-.com"); exit(); } ?> Link to comment https://forums.phpfreaks.com/topic/144237-up-all-night-still-cant-limit-file-types-on-upload/ Share on other sites More sharing options...
.josh Posted February 7, 2009 Share Posted February 7, 2009 one way... $allowed = array('.jpg','.gif','.bmp'); $fileName = $_FILES[$fieldName]['name']; $imageType = strtolower(substr($fileName,-4)); if (!in_array($imageType,$allowed)) { // file not allowed, do something } You could alternatively have an $allowed array of the different values in $_FILES[filename][type] Link to comment https://forums.phpfreaks.com/topic/144237-up-all-night-still-cant-limit-file-types-on-upload/#findComment-756927 Share on other sites More sharing options...
chronister Posted February 7, 2009 Share Posted February 7, 2009 Ahh.. CV was a little quicker than me. <?php $allowedTypes = array('image/gif', 'image/jpeg', 'image/png'); if(in_array($fileType, $allowedTypes)){ //upload file }else{ // give error stating this type is not allowed. } ?> nate Link to comment https://forums.phpfreaks.com/topic/144237-up-all-night-still-cant-limit-file-types-on-upload/#findComment-756929 Share on other sites More sharing options...
Reaper0167 Posted February 7, 2009 Author Share Posted February 7, 2009 Thanks guys, I'll give it a shot. Link to comment https://forums.phpfreaks.com/topic/144237-up-all-night-still-cant-limit-file-types-on-upload/#findComment-756932 Share on other sites More sharing options...
printf Posted February 7, 2009 Share Posted February 7, 2009 also check if the upload is really an image, try loading it into a image resource imagecreatefromstring() or use something like getimagesize()... Link to comment https://forums.phpfreaks.com/topic/144237-up-all-night-still-cant-limit-file-types-on-upload/#findComment-756933 Share on other sites More sharing options...
Reaper0167 Posted February 7, 2009 Author Share Posted February 7, 2009 Not really sure what you mean by that. I'll try that next. Link to comment https://forums.phpfreaks.com/topic/144237-up-all-night-still-cant-limit-file-types-on-upload/#findComment-756949 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.