Going Nuts...Uplload Scipt...File Not allowed!

[kelleyi]

Being new to this PHP stuff...I found this "Upload File Code/Script" on the web and modded it with the Path to my Server.  Although the Code/Script states what File Types are Allowable...when you Click the "Send File" Button...I get "The file you attempted to upload is not allowed"  which is the response set in the Code/Script.  The test files I've tired to Upload are allowable Size and Type of File.  I would greatly appreciate if one of the forum members could lead me in the right direction and show me the error/errors preventing visitors to my website from Upload a file.  Here's the Upload File Code/Script that I'm having the probem with...thanks all!

 

 

 

-----------------------------------------------------------------------------------------------------------

<?php

  // Configuration - Your Options

$allowed_filetypes = array('.jpg','.gif','.bmp','.png'); // These will be the types of file that will pass the validation.

$max_filesize = 524288; // Maximum filesize in BYTES (currently 0.5MB).

$upload_path = '/ var/www/vhosts/c5corvettevanityplates.com/httpdocs/my_chosen_design/'; // The place the files will be uploaded to (currently a 'files' directory).

$filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).

$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename.

 

  // Check if the filetype is allowed, if not DIE and inform the user.

  if(!in_array($ext,$allowed_filetypes))

      die('The file you attempted to upload is not allowed.');

  // Now check the filesize, if it is too large then DIE and inform the user.

  if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)

      die('The file you attempted to upload is too large.');

  // Check if we can upload to the specified path, if not DIE and inform the user.

  if(!is_writable($upload_path))

      die('You cannot upload to the specified directory, please CHMOD it to 777.');

  // Upload the file to your specified path.

  if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename))

        echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; // It worked.

      else

        echo 'There was an error during the file upload.  Please try again.'; // It failed .

 

?>

-------------------------------------------------------------------------------------------------------------

Also, if someone could show me how to redirect a visitor to another one of my web pages after the download is complete...that would be very helpful.  Thanks again and I appreciate the help.

 

Ian R. Kelley

US FORCES

KOREA

 

ps. I read the Forum Rules but I'm not sure if this Post is in violation or not!  If it is, I appologize!

[PFMaBiSmAd]

When validating user supplied data, it is always a good idea to display the offending value that does not match an expected value so that the visitor can see what the code actually used for a value.

 

In your case, either it is empty because the upload failed and the code is not checking for upload errors before it attempts to access any of the uploaded data or you have a letter case problem where the actual value is .JPG instead of .jpg (code should convert everything to lower case before making a comparison.)