squiblo Posted August 3, 2009 Share Posted August 3, 2009 could anyone edit/modify this so that only images can be uploaded (.jpg .jpeg .gif .png) and it rejects any other type of file such as .exe .wmv .flv and so on <?php session_start(); include("checklogin.php"); $_SESSION['myusername']; $username = $_SESSION['myusername']; if ($_POST['submit']) { //get file attributes $name = $_FILES['myfile']['name']; $tmp_name = $_FILES['myfile']['tmp_name']; if ($name) { //start upload process $location = "./profileimages/$name"; move_uploaded_file($tmp_name,$location); $query = mysql_query("UPDATE members SET imagelocation='$location' WHERE username='$username'") or die(mysql_error()); die("Your profile picture have been upload! <a href='profile.php'>Profile</a>"); } else die("Please select a file!"); } echo "Welcome, ".ucwords(strtolower($_SESSION['myusername']))."!<p>"; echo "Upload your image: <form action='upload.php' method='POST' enctype='multipart/form-data'> File: <input type='file' name='myfile'> <input type='submit' name='submit' value='Upload'> </form> "; ?> Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/ Share on other sites More sharing options...
phpSensei Posted August 3, 2009 Share Posted August 3, 2009 Next time do some research please. I put the files extension in a var $ext and used the in_array which checks an array of allowed file types to see if theres a match between the file type and the array haystack. <?php session_start(); include("checklogin.php"); $_SESSION['myusername']; $username = $_SESSION['myusername']; if ($_POST['submit']) { //get file attributes $name = $_FILES['myfile']['name']; $tmp_name = $_FILES['myfile']['tmp_name']; $ext = substr($name, strrpos($name, '.') + 1); $allowed_types = array('.jpg', '.jpeg', '.gif', '.png'); if(!in_array($_FILES['myfile']['type'],$allowed_types)){ die("wrong file type"); }elseif ($name) { //start upload process $location = "./profileimages/$name"; move_uploaded_file($tmp_name,$location); $query = mysql_query("UPDATE members SET imagelocation='$location' WHERE username='$username'") or die(mysql_error()); die("Your profile picture have been upload! <a href='profile.php'>Profile</a>"); }else{ die("Please select a file!"); } } echo "Welcome, ".ucwords(strtolower($_SESSION['myusername']))."!<p>"; echo "Upload your image: <form action='upload.php' method='POST' enctype='multipart/form-data'> File: <input type='file' name='myfile'> <input type='submit' name='submit' value='Upload'> </form> "; ?> Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889540 Share on other sites More sharing options...
RichardRotterdam Posted August 3, 2009 Share Posted August 3, 2009 There was a similar topic not so long ago, it might be usefull to you. http://www.phpfreaks.com/forums/index.php/topic,262800.msg1238113.html#msg1238113 You might also want to do a search on this forum I'm this issue has been discussed many times. Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889547 Share on other sites More sharing options...
Mardoxx Posted August 3, 2009 Share Posted August 3, 2009 if(!in_array($_FILES['myfile']['type'],$allowed_types)){ shouldn't that be if(!in_array($ext,$allowed_types)){ Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889558 Share on other sites More sharing options...
squiblo Posted August 3, 2009 Author Share Posted August 3, 2009 ive just tried to upload a .jpg image but it still echoed "wrong file type" Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889563 Share on other sites More sharing options...
Mardoxx Posted August 3, 2009 Share Posted August 3, 2009 if(!in_array($_FILES['myfile']['type'],$allowed_types)){ shouldn't that be if(!in_array($ext,$allowed_types)){ ^^^^^^ Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889570 Share on other sites More sharing options...
squiblo Posted August 3, 2009 Author Share Posted August 3, 2009 why is it saying "wrong" file type when i try to upload a .jpg image? ive tried both if statements Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889572 Share on other sites More sharing options...
phpSensei Posted August 3, 2009 Share Posted August 3, 2009 if(!in_array($_FILES['myfile']['type'],$allowed_types)){ shouldn't that be if(!in_array($ext,$allowed_types)){ ^^^^^^ ^^^^^^ lol Sorry guys, I have made stupid mistakes in the past 3-4 threads, i havnt slept in 27 hours... Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889577 Share on other sites More sharing options...
squiblo Posted August 3, 2009 Author Share Posted August 3, 2009 its always giving "wrong file type" no matter what the file type is Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889580 Share on other sites More sharing options...
squiblo Posted August 3, 2009 Author Share Posted August 3, 2009 <?php session_start(); include("checklogin.php"); $_SESSION['myusername']; $username = $_SESSION['myusername']; if ($_POST['submit']) { //get file attributes $name = $_FILES['myfile']['name']; $tmp_name = $_FILES['myfile']['tmp_name']; $ext = substr($name, strrpos($name, '.') + 1); $allowed_types = array('.jpg', '.jpeg', '.gif', '.png'); if(!in_array($ext,$allowed_types)){ die("wrong file type"); }elseif ($name) { //start upload process $location = "./profileimages/$name"; move_uploaded_file($tmp_name,$location); $query = mysql_query("UPDATE members SET imagelocation='$location' WHERE username='$username'") or die(mysql_error()); die("Your profile picture have been upload! <a href='profile.php'>Profile</a>"); }else{ die("Please select a file!"); } } echo "Welcome, ".ucwords(strtolower($_SESSION['myusername']))."!<p>"; echo "Upload your image: <form action='upload.php' method='POST' enctype='multipart/form-data'> File: <input type='file' name='myfile'> <input type='submit' name='submit' value='Upload'> </form> "; ?> Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889581 Share on other sites More sharing options...
squiblo Posted August 3, 2009 Author Share Posted August 3, 2009 i dont understand it, everything looks correct Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889588 Share on other sites More sharing options...
PFMaBiSmAd Posted August 3, 2009 Share Posted August 3, 2009 Echo the actual value being tested ($ext) and you will see why the code is wrong (which is how you would troubleshoot any logic test or comparison that is not working as expected.) Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889593 Share on other sites More sharing options...
phpSensei Posted August 3, 2009 Share Posted August 3, 2009 print $ext Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889594 Share on other sites More sharing options...
squiblo Posted August 3, 2009 Author Share Posted August 3, 2009 i echoed $ext when trying to upload a .jpg image and it gave "jpg" Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889599 Share on other sites More sharing options...
phpSensei Posted August 3, 2009 Share Posted August 3, 2009 change $allowed_types = array('.jpg', '.jpeg', '.gif', '.png'); to $allowed_types = array('jpg', '.peg', 'gif', 'png'); Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889601 Share on other sites More sharing options...
squiblo Posted August 3, 2009 Author Share Posted August 3, 2009 that works perfect thank you Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889604 Share on other sites More sharing options...
phpSensei Posted August 3, 2009 Share Posted August 3, 2009 that works perfect thank you mark as solved. It was something in the substr that was wrong, I am so tired cant fix now, You will do just fine with that. Link to comment https://forums.phpfreaks.com/topic/168627-solved-upload-types/#findComment-889605 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.