[SOLVED] Eregi function, how do I make it search 'word' at END of a string?

[cs.punk]

I am making a profile picture feature for my site and I am working on a 'picture upload' thing. I would like to ONLY allow .jpeg files.

 

 

I got this:

if (eregi (".jpg", $file_name) || eregi(".jpeg", $file_name)
       && eregi("image", $file_type))
    {if (is_uploaded_file($file_tmp))
      {image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
      }
    }
  else
    {echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
    }

 

But it allows files like 'fake.jpeg.hello.exe'. I need it to search for '.jpeg' at the END... Any ideas?..

 

 

Thank you if you took the time to read this  lol.

[SetToLoki]

I am making a profile picture feature for my site and I am working on a 'picture upload' thing. I would like to ONLY allow .jpeg files.

 

 

I got this:

if (eregi (".jpg", $file_name) || eregi(".jpeg", $file_name)
       && eregi("image", $file_type))
    {if (is_uploaded_file($file_tmp))
      {image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
      }
    }
  else
    {echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
    }

 

But it allows files like 'fake.jpeg.hello.exe'. I need it to search for '.jpeg' at the END... Any ideas?..

 

 

Thank you if you took the time to read this  lol.

 

I would use the substr first count the amount of letters in the uploaded file then use substr to grab only the final 4 check they are equal to .jpg and you are set, also use strtolower to make sure you don't block people uploading a .JPG

[Tonic-_-]

$ext = getFileExensions($file_name);
$ext = strtolower($ext);
if (($ext != "jpg") && ($ext != "jpeg")) {
echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
else {
if (is_uploaded_file($file_tmp))
{image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
     }
  }

 

Might work, Idk. I'm way smashed atm can't think clear. Hope it works for you.

[SetToLoki]

$ext = getFileExensions($file_name);
$ext = strtolower($ext);
if (($ext != "jpg") && ($ext != "jpeg")) {
echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
else {
if (is_uploaded_file($file_tmp))
{image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
     }
  }

 

Might work, Idk. I'm way smashed atm can't think clear. Hope it works for you.

 

you would need to include the function you refer to - getFileExensions as it is not standard php.

 

function CheckFileExtention ($ext, $file)
{
   $fext = substr($file, -3);
   $bang = explode($ext, ",");
   foreach ($bang as $next)
   {
      if (strtolower($fext) == strtolower($next))  return true; 
   }

   return false;
}

if (!CheckFileExtention("jpg, gif, png", "yourfile"))
{
    //Not a legal file
}
else
{
   //legal file do what you want with it
}

not got ability to test this here but may work lol

[Tonic-_-]

$ext = getFileExensions($file_name);
$ext = strtolower($ext);
if (($ext != "jpg") && ($ext != "jpeg")) {
echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
else {
if (is_uploaded_file($file_tmp))
{image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
     }
  }

 

Might work, Idk. I'm way smashed atm can't think clear. Hope it works for you.

 

you would need to include the function you refer to - getFileExensions as it is not standard php.

 

function CheckFileExtention ($ext, $file)
{
   $fext = substr($file, -3);
   $bang = explode($ext, ",");
   foreach ($bang as $ext)
   {
      if (strtolower($fext) == strtolower($ext))  return true; 
   }

   return false;
}

if (!CheckFileExtention("jpg, gif, png", "yourfile"))
{
    //Not a legal file
}
else
{
   //legal file do what you want with it
}

not got ability to test this here but may work lol

 

Ahh that's what I was forgetting. I was going back to the first days of making a simple upload form and remembered the getFileExtension but not the rest of it

[.josh]

if (!preg_match('~\.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

[SetToLoki]

if (!preg_match('~\.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

 

showoff!

[thebadbad]

if (!preg_match('~\.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

 

I would also add the D modifier. Else, your pattern would match something like "filename.jpg\n" (I know it's an odd filename, but still).

[cs.punk]

Where can I look  up these 'patterns', e.g "preg_match('~\.jpe?g$~i',$file)"?..

 

Like for example what does this mean

preg_match("/.jpeg\$/i",$string)

?

[.josh]

Where can I look  up these 'patterns', e.g "preg_match('~\.jpe?g$~i',$file)"?..

 

There are resource stickies in this forum.

 

Like for example what does this mean

preg_match("/.jpeg\$/i",$string)

?

 

For this specific pattern:

 

/.jpeg\$/i

 

/ Is the opening delimiter that tells the engine that's where the start of the pattern is.

 

. Is a match-all wildcard.  It matches pretty much everything but a new-line char.

 

jpeg are regular characters. Tells the engine to match literal "jpeg".

 

\$ Is an escaped dollar sign.  Normally a dollar sign has significance to the engine, telling it to match the end of the string (or line, depending on modifiers). But since you have it escaped, that tells the engine to match a literal dollar sign. 

 

/ is the ending delimiter, telling the engine the pattern is done.

 

i after the ending delimiter is a modifier. The "i" modifier means to make the pattern matching case in-sensitive.

 

So overall, your pattern says to match pretty much any one character, followed by a literal "jpeg$", and make it case-insensitive, and since you have no anchors or boundaries in there, it will look for it and match it anywhere in the string.

[nrg_alpha]

if (!preg_match('~.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

 

I would also add the D modifier. Else, your pattern would match something like "filename.jpg\n" (I know it's an odd filename, but still).

 

I don't believe this is the case.

For example:

$str = "www.whatever.bork/someFolder/someFile.jpg\n";
if (preg_match('~\.jpe?g$~i',$str, $match)){
  $match[0] = str_replace("\n", '*', $match[0]);
  echo $match[0]; // notice there is no asterisk in the output: .jpg
}

[cs.punk]

if (!preg_match('~\.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

 

Thanks Crayon Violent!

 

Sorry I never even knew the 'PHP Regex' forum was for this kind of 'stuff'.

[Adam]

By the way I'd always use the preg functions from now on, instead of ereg. In the latest release of PHP (5.3.0) it's deprecated, most likely to be removed in PHP 6.

[.josh]

they are being removed from the core as of php6, though you can still manually install them as an extension.

[thebadbad]

if (!preg_match('~.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

 

I would also add the D modifier. Else, your pattern would match something like "filename.jpg\n" (I know it's an odd filename, but still).

 

I don't believe this is the case.

For example:

$str = "www.whatever.bork/someFolder/someFile.jpg\n";
if (preg_match('~\.jpe?g$~i',$str, $match)){
  $match[0] = str_replace("\n", '*', $match[0]);
  echo $match[0]; // notice there is no asterisk in the output: .jpg
}

 

That's what you'd expect, 'cause the $ also matches right before a newline, without the D modifier. I'm just saying that a filename like "filename.jpg\n" would pass the check.

 

@OP

You should also check if the uploaded file actually is a JPG image, and not just a file with a renamed 'fake' extension. The first two bytes of a JPG file must be hexadecimal FF D8, and the last two hexadecimal FF D9:

 

<?php
//$data is the image data
if (bin2hex(substr($data, 0, 2)) == 'ffd8' && bin2hex(substr($data, -2)) == 'ffd9') {
//file is an actual JPG
}
?>