Jump to content

Recommended Posts

could anyone edit/modify this so that only images can be uploaded (.jpg .jpeg .gif .png) and it rejects any other type of file such as .exe .wmv .flv and so on

 

<?php

session_start();

include("checklogin.php");

$_SESSION['myusername'];

$username = $_SESSION['myusername'];

if ($_POST['submit'])
{

//get file attributes
$name = $_FILES['myfile']['name'];
$tmp_name = $_FILES['myfile']['tmp_name'];

if ($name)
{
    //start upload process
   
   $location = "./profileimages/$name";
        move_uploaded_file($tmp_name,$location);
        $query = mysql_query("UPDATE members SET imagelocation='$location' WHERE username='$username'") or die(mysql_error());
   
   die("Your profile picture have been upload! <a href='profile.php'>Profile</a>");
   
   
   
}
else
die("Please select a file!");




}

echo "Welcome, ".ucwords(strtolower($_SESSION['myusername']))."!<p>";

echo "Upload your image:

<form action='upload.php' method='POST' enctype='multipart/form-data'>
  File: <input type='file' name='myfile'> <input type='submit' name='submit' value='Upload'>
</form>

";

?>

Link to comment
https://forums.phpfreaks.com/topic/168627-solved-upload-types/
Share on other sites

Next time do some research please. I put the files extension in a var $ext and used the in_array which checks an array of allowed file types to see if theres a match between the file type and the array haystack.

<?php

session_start();

include("checklogin.php");

$_SESSION['myusername'];

$username = $_SESSION['myusername'];

if ($_POST['submit'])
{

//get file attributes
$name = $_FILES['myfile']['name'];
$tmp_name = $_FILES['myfile']['tmp_name'];
$ext = substr($name, strrpos($name, '.') + 1);
$allowed_types = array('.jpg', '.jpeg', '.gif', '.png');

if(!in_array($_FILES['myfile']['type'],$allowed_types)){
   die("wrong file type"); 
}elseif ($name)
{
    //start upload process
   
   $location = "./profileimages/$name";
        move_uploaded_file($tmp_name,$location);
        $query = mysql_query("UPDATE members SET imagelocation='$location' WHERE username='$username'") or die(mysql_error());
   
   die("Your profile picture have been upload! <a href='profile.php'>Profile</a>");
   
   
   
}else{
die("Please select a file!");
}



}

echo "Welcome, ".ucwords(strtolower($_SESSION['myusername']))."!<p>";

echo "Upload your image:

<form action='upload.php' method='POST' enctype='multipart/form-data'>
  File: <input type='file' name='myfile'> <input type='submit' name='submit' value='Upload'>
</form>

";

?>

Link to comment
https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889540
Share on other sites

There was a similar topic not so long ago, it might be usefull to you.

http://www.phpfreaks.com/forums/index.php/topic,262800.msg1238113.html#msg1238113

 

You might also want to do a search on this forum I'm this issue has been discussed many times.

Link to comment
https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889547
Share on other sites

<?php

session_start();

include("checklogin.php");

$_SESSION['myusername'];

$username = $_SESSION['myusername'];

if ($_POST['submit'])
{

//get file attributes
$name = $_FILES['myfile']['name'];
$tmp_name = $_FILES['myfile']['tmp_name'];
$ext = substr($name, strrpos($name, '.') + 1);
$allowed_types = array('.jpg', '.jpeg', '.gif', '.png');


if(!in_array($ext,$allowed_types)){
   die("wrong file type"); 
}elseif ($name)
{
    //start upload process
   
   $location = "./profileimages/$name";
        move_uploaded_file($tmp_name,$location);
        $query = mysql_query("UPDATE members SET imagelocation='$location' WHERE username='$username'") or die(mysql_error());
   
   die("Your profile picture have been upload! <a href='profile.php'>Profile</a>");
   
   
   
}else{
die("Please select a file!");
}



}

echo "Welcome, ".ucwords(strtolower($_SESSION['myusername']))."!<p>";

echo "Upload your image:

<form action='upload.php' method='POST' enctype='multipart/form-data'>
  File: <input type='file' name='myfile'> <input type='submit' name='submit' value='Upload'>
</form>

";

?>

Link to comment
https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889581
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.