Jump to content

Upload Script - File Type Filter - HELP!!!!!!


Recommended Posts

i have a PHP upload script, that very much works, but it dosn't filter any file types out. i want to be able to block certain file types. or if thats not possible, then just specify which file types. but i'd be much better if i could block. anyway, here is my code:
[url=http://www.csscobalt.com/large/code1.txt]http://www.csscobalt.com/large/code1.txt[/url]
Link to comment
Share on other sites

You can get the file ext like so

$file_ext = substr($_FILES['ufile']['name'], strrpos($_FILES['ufile']['name'], '.')+1); // get the file extension, like .gif, .jpg etc..

(Assuming your name of the file field is ufile)

with this you can make an array of Unwanted upload extensions
and run a check

Link to comment
Share on other sites

the form
[code]
<form method='post' action=''>
<input type='file' name='ufile' /><br />
<input type='submit' value='Upload File' />
</form>
[/code]
Note htat the name is ufile, thats what I meant

now the code

[code]
<?php
if($_FILES["ufile"]){
$disallowed_ext = array("php","exe","js","html","xml");
num_disallowed = count($disallowed_ext);

$file_ext = substr($_FILES["ufile"]["name"], strpos($_FILES["ufile"]["name"], ".") +1)
$file_ext = strtolower($file_ext);
$upload_file = true;

for($i = 0; $i < $num_disallowed; $num ++){
if($file_ext == $disallowed_ext[$i]){
$upload_file = false;
}
}

if($upload_file == true){
//upload file script
}else{
echo "The file is an invalid file type";
}

}

?>
[/code]

Any problems, let us know
NOTE: its 1am for me, I am tired, sorry if there are minor errors in that code
Link to comment
Share on other sites

[code]/**
* Establish extension of passed file. Return true when allowed.
*
*/
function checkExt($filename) {
$regs = array();
$allowed = array('php','exe','js','html','xml');    // the allowed file types
$filename=strtolower($filename);                    // set filename in lower case
ereg( ".*\.([a-zA-z0-9]{0,5})$", $filename, $regs ); // check file extension
$f_ext = $regs[1];                                  // save file extension
if (in_array($f_ext, allowed))                // extension allowed:
  return true;                         
else                                                // extension NOT allowed
  return false;
}[/code]

Ronald  8)
Link to comment
Share on other sites

ronald, where do i put that code? where do i insert it in my old code?

and onlyican, thanks for doin it  ;D i appreciate it

but when you go to the HTML form and try to upload something it basically just refreshes the page...nothing  realy happens. and i checked on FTP, nothing was uploaded. also...are they uploaded to a specific folder? if so, whats the name? and should this code be part of my old code? if so, where should i insert it?
Link to comment
Share on other sites

Except that script checks for allowed,
He wants Not Allowed.
Same thing, u just check for false, rather than true

The reason the form returns blank is because I set action to blank
which means it loads that page

All of that code on one page, and it should work
Link to comment
Share on other sites

ok on the HTML doc, i set the action to my PHP script:
<form method='post' action='[b]upload.php[/b]'>

and i put ur exact code on 1 php page, but it still won't work. but i ask again, what folder does this upload to?

btw if u wana c my php code here it is:
[url=http://www.csscobalt.com/large/code2.txt]http://www.csscobalt.com/large/code2.txt[/url]

and if u wana try it out, here is a demo:
[url=http://csscobalt.com/17/index.html]http://csscobalt.com/17/index.html[/url]
Link to comment
Share on other sites

yea i hella need help with this. and yea, that would be awesome if u could make me an upload script. i just need all uploads to upload to a "upload" folder, and i need these file types banned from uploading:
.php .exe .js .html .xml .htm .css .jsp .asp .vbs .cf
and also if it dosn't HAVE a file extention, i need that to be banned too.
Link to comment
Share on other sites

[url=http://darkwaterstudio.net/TestUpload/upload.php]PREVIEW YOUR UPLOAD SCRIPT HERE[/url]
I all ready made it,yeah i included a "Ban" function for you.
It allows only the files you want and places in folder securly!
If you want me to match it to your php give me the link ok.
You dont need to edit anything just upload them and "777"

OPTIONS:
**********************************************
Upload up to 10 files, with no interupt!!
If one file fails it will still uplod the others..
Ban files and ections..
Ban users who upload bad content!!
By IP
By Userid
Change thetheme & style
Secure Transfer!!
View Uploaded Files
Diffrent Catogorys!
***********************************************

Mail me at my site, and i will mail it to you ok.
[url=http://darkwaterstudio.net/datingsite/contactus.php]Mail Me Here[/url]

If you need live help just find me in my chat room or [url=http://darkwaterstudio.net/datingsite/Whos_Online(FreeView).php]LIVE SUPPORT[/url]!
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.