Upload script problems very strange

[yobo]

Hey All,

 

I am new at PHP and have been messing around with an upload script that I built from following numerous tutorials over the net.

I am trying to allow the user to upload zip files as well as pdf and images.  the pdf and images all work however if the user wants to upload a zip it will not work meaning it will not accept the input nor add it to the uploads directory.

 

I am not sure whats going on.

 

here is my code

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Upload an Image</title>
<style type="text/css" title="text/css" media="all">
.error {
	font-weight: bold;
	color: #C00
}
</style>
</head>
<body>
<?php # Script 10.3 - upload_image.php

// Check if the form has been submitted:
if (isset($_POST['submitted'])) {

// Check for an uploaded file:
if (isset($_FILES['upload'])) {

	// Validate the type. Should be JPEG or PNG.
	$allowed = array ('application/zip','application/pdf', 'image/pjpeg', 'image/jpeg', 'image/JPG', 'image/X-PNG', 'image/PNG', 'image/png', 'image/x-png');
	if (in_array($_FILES['upload']['type'], $allowed)) {

		// Move the file over.
		if (move_uploaded_file ($_FILES['upload']['tmp_name'], "C:/wamp/uploads/{$_FILES['upload']['name']}")) {
			echo '<p><em>The file has been uploaded!</em></p>';
		} // End of move... IF.

	} else { // Invalid type.
		echo '<p class="error">Please upload a JPEG or, PDF Or, PNG image.</p>';
	}

} // End of isset($_FILES['upload']) IF.

// Check for an error:

if ($_FILES['upload']['error'] > 0) {
	echo '<p class="error">The file could not be uploaded because: <strong>';

	// Print a message based upon the error.
	switch ($_FILES['upload']['error']) {
		case 1:
			print 'The file exceeds the upload_max_filesize setting in php.ini.';
			break;
		case 2:
			print 'The file exceeds the MAX_FILE_SIZE setting in the HTML form.';
			break;
		case 3:
			print 'The file was only partially uploaded.';
			break;
		case 4:
			print 'No file was uploaded.';
			break;
		case 6:
			print 'No temporary folder was available.';
			break;
		case 7:
			print 'Unable to write to the disk.';
			break;
		case 8:
			print 'File upload stopped.';
			break;
		default:
			print 'A system error occurred.';
			break;
	} // End of switch.

	print '</strong></p>';

} // End of error IF.

// Delete the file if it still exists:
if (file_exists ($_FILES['upload']['tmp_name']) && is_file($_FILES['upload']['tmp_name']) ) {
	unlink ($_FILES['upload']['tmp_name']);
}

} // End of the submitted conditional.
?>

<form enctype="multipart/form-data" action="upload.php" method="post">

<input type="hidden" name="MAX_FILE_SIZE" value="5242888888888">

<fieldset><legend>Select a JPEG or PNG image of 512KB or smaller to be uploaded:</legend>

<p><b>File:</b> <input type="file" name="upload" /></p>

</fieldset>
<div align="center"><input type="submit" name="submit" value="Submit" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</form>
</body>
</html>

 

thanks

 

Joe

[Adam]

Like some of your other file formats in that array, the ZIP format has quite a few different possible MIME types:

 

application/zip

application/x-zip

application/x-zip-compressed

application/octet-stream

application/x-compress

application/x-compressed

multipart/x-zip

 

For this reason, it's better to use the file extension in the actual file name to validate the data type.

[yobo]

Hey MrAdam,

 

Thanks for the tip about the file extension validation input rather than what I was doing before hand ,it worked.

this is what i changed

if ($_FILES['upload']['type'] == 'zip' || 'pdf') {do stuff here}

 

Joe