Jump to content


Photo

validating mime types


  • Please log in to reply
2 replies to this topic

#1 r08m

r08m
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 23 August 2006 - 04:02 AM

I am doing a script that uploads files but I need the users only to be able to upload JPEG images.  I have developed the following code which is unusable since the expression always comes to true:

$mimetype = $arch_info['type'];
if(is_uploaded_file($arch_info['tmp_name'])){
     if (($mimetype != "image/jpeg") || ($mimetype != "image/pjpeg")){
        header("location:./upsimgs.php?status=tipoimg");
        exit;
}

I have checked the type of data that the "type" property returns, which returns a "string" and strip it with the code below to check if it had any special characters to no avail.

echo $mimetype . "<br>";
for($contador=0;$contador < strlen($mimetype); $contador++){
  $letra=substr($mimetype,$contador,1);
  echo $letra . ord($letra) . "<br>";
}


This is not for security purposes just to make the user uploads the correct type since these files will be uploaded to another ODBC database (which I will love to have access to and change many things) that accepts only JPEGS and file size less than 190KB.

I'm pretty sure that what I have is a logic error but I can't see it.  Please I need your help!

Thanks in advanced.

Rob Muro

#2 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 23 August 2006 - 04:38 AM

where is $arch_info['type'] being assigned?

try echoing $mimetype to see what it's holding when it's being checked

$mimetype = $arch_info['type'];
echo $mimetype;
if (...)
maybe you aren't passing the value correctly or something.

Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#3 r08m

r08m
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 24 August 2006 - 03:23 AM

I didn't find the best solution but I figured:

if(is_uploaded_file($file_info['tmp_name'])){
  if ($file_info['type'] != "image/pjpeg"){
    if($file_info['type'] != "image/jpeg"){
      header("location:./upsimgs.php?status=imgtype");
      exit;
    }
  }
}

an it worked!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users