Jump to content

[SOLVED] Eregi function, how do I make it search 'word' at END of a string?


Recommended Posts

I am making a profile picture feature for my site and I am working on a 'picture upload' thing. I would like to ONLY allow .jpeg files.

 

 

I got this:

if (eregi (".jpg", $file_name) || eregi(".jpeg", $file_name)
       && eregi("image", $file_type))
    {if (is_uploaded_file($file_tmp))
      {image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
      }
    }
  else
    {echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
    }

 

But it allows files like 'fake.jpeg.hello.exe'. I need it to search for '.jpeg' at the END... Any ideas?..

 

 

Thank you if you took the time to read this  :) lol.

I am making a profile picture feature for my site and I am working on a 'picture upload' thing. I would like to ONLY allow .jpeg files.

 

 

I got this:

if (eregi (".jpg", $file_name) || eregi(".jpeg", $file_name)
       && eregi("image", $file_type))
    {if (is_uploaded_file($file_tmp))
      {image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
      }
    }
  else
    {echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
    }

 

But it allows files like 'fake.jpeg.hello.exe'. I need it to search for '.jpeg' at the END... Any ideas?..

 

 

Thank you if you took the time to read this  :) lol.

 

I would use the substr first count the amount of letters in the uploaded file then use substr to grab only the final 4 check they are equal to .jpg and you are set, also use strtolower to make sure you don't block people uploading a .JPG

$ext = getFileExensions($file_name);
$ext = strtolower($ext);
if (($ext != "jpg") && ($ext != "jpeg")) {
echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
else {
if (is_uploaded_file($file_tmp))
{image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
     }
  }

 

Might work, Idk. I'm way smashed atm can't think clear. Hope it works for you.

$ext = getFileExensions($file_name);
$ext = strtolower($ext);
if (($ext != "jpg") && ($ext != "jpeg")) {
echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
else {
if (is_uploaded_file($file_tmp))
{image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
     }
  }

 

Might work, Idk. I'm way smashed atm can't think clear. Hope it works for you.

 

you would need to include the function you refer to - getFileExensions as it is not standard php.

 


function CheckFileExtention ($ext, $file)
{
   $fext = substr($file, -3);
   $bang = explode($ext, ",");
   foreach ($bang as $next)
   {
      if (strtolower($fext) == strtolower($next))  return true; 
   }

   return false;
}

if (!CheckFileExtention("jpg, gif, png", "yourfile"))
{
    //Not a legal file
}
else
{
   //legal file do what you want with it
}

not got ability to test this here but may work lol

$ext = getFileExensions($file_name);
$ext = strtolower($ext);
if (($ext != "jpg") && ($ext != "jpeg")) {
echo "<p class='error'>File is NOT a photo in jpeg format!</p>";
else {
if (is_uploaded_file($file_tmp))
{image_resize($file_tmp, 320, 260);
        imagejpeg($new_image, "../file_uploads/profile_pic-$user-$user_id.jpeg");
     }
  }

 

Might work, Idk. I'm way smashed atm can't think clear. Hope it works for you.

 

you would need to include the function you refer to - getFileExensions as it is not standard php.

 


function CheckFileExtention ($ext, $file)
{
   $fext = substr($file, -3);
   $bang = explode($ext, ",");
   foreach ($bang as $ext)
   {
      if (strtolower($fext) == strtolower($ext))  return true; 
   }

   return false;
}

if (!CheckFileExtention("jpg, gif, png", "yourfile"))
{
    //Not a legal file
}
else
{
   //legal file do what you want with it
}

not got ability to test this here but may work lol

 

Ahh that's what I was forgetting. I was going back to the first days of making a simple upload form and remembered the getFileExtension but not the rest of it :P

if (!preg_match('~\.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

 

I would also add the D modifier. Else, your pattern would match something like "filename.jpg\n" (I know it's an odd filename, but still).

Where can I look  up these 'patterns', e.g "preg_match('~\.jpe?g$~i',$file)"?..

 

There are resource stickies in this forum.

 

Like for example what does this mean

preg_match("/.jpeg\$/i",$string)

?

 

For this specific pattern:

 

/.jpeg\$/i

 

/ Is the opening delimiter that tells the engine that's where the start of the pattern is.

 

. Is a match-all wildcard.  It matches pretty much everything but a new-line char.

 

jpeg are regular characters. Tells the engine to match literal "jpeg".

 

\$ Is an escaped dollar sign.  Normally a dollar sign has significance to the engine, telling it to match the end of the string (or line, depending on modifiers). But since you have it escaped, that tells the engine to match a literal dollar sign. 

 

/ is the ending delimiter, telling the engine the pattern is done.

 

i after the ending delimiter is a modifier. The "i" modifier means to make the pattern matching case in-sensitive.

 

So overall, your pattern says to match pretty much any one character, followed by a literal "jpeg$", and make it case-insensitive, and since you have no anchors or boundaries in there, it will look for it and match it anywhere in the string.

if (!preg_match('~.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

 

I would also add the D modifier. Else, your pattern would match something like "filename.jpg\n" (I know it's an odd filename, but still).

 

I don't believe this is the case.

For example:

$str = "www.whatever.bork/someFolder/someFile.jpg\n";
if (preg_match('~\.jpe?g$~i',$str, $match)){
  $match[0] = str_replace("\n", '*', $match[0]);
  echo $match[0]; // notice there is no asterisk in the output: .jpg
}

if (!preg_match('~.jpe?g$~i',$file)) {
  // file does not end in .jpg .jpeg .JPG or .JPEG
}

 

I would also add the D modifier. Else, your pattern would match something like "filename.jpg\n" (I know it's an odd filename, but still).

 

I don't believe this is the case.

For example:

$str = "www.whatever.bork/someFolder/someFile.jpg\n";
if (preg_match('~\.jpe?g$~i',$str, $match)){
  $match[0] = str_replace("\n", '*', $match[0]);
  echo $match[0]; // notice there is no asterisk in the output: .jpg
}

 

That's what you'd expect, 'cause the $ also matches right before a newline, without the D modifier. I'm just saying that a filename like "filename.jpg\n" would pass the check.

 

@OP

You should also check if the uploaded file actually is a JPG image, and not just a file with a renamed 'fake' extension. The first two bytes of a JPG file must be hexadecimal FF D8, and the last two hexadecimal FF D9:

 

<?php
//$data is the image data
if (bin2hex(substr($data, 0, 2)) == 'ffd8' && bin2hex(substr($data, -2)) == 'ffd9') {
//file is an actual JPG
}
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.