Few queries

[sphinx]

Hi.

 

This is my basic image uploader:

 

<?php

  $allowed_filetypes = array('.jpg','.gif','.bmp','.png');
  $max_filesize = 2097152; 
  $upload_path = 'upload/'; 

  $filename = $_FILES['userfile']['name']; 
  $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); 


  if(!in_array($ext,$allowed_filetypes))
     die('The file you attempted to upload is not allowed.');


  if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
     die('The file you attempted to upload is too large.');


  if(!is_writable($upload_path))
     die('You cannot upload to the specified directory, please CHMOD it to 777.');


  if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename))
     echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; 
       else
        echo 'There was an error during the file upload.  Please try again.'; 

?>

 

I have the following questions:

 

1: Although i've specified the allowed file types, for some reason, it will allow .jpg files, but not .JPG files.

2: Is there a way for it to check the image size prior to uploading? At the moment, a massive image will fully upload before error message comes up.

 

Thank you.

[Jessica]

Checking the file's extension isn't the best way to determine the file type. 

But if you want to do it that way, look for the case-insensitive version of the function you're using to test it. Check the manual. 

[PFMaBiSmAd]

Computers are completely literal in what they do. To compare any letter-case variation with your allowed extensions, you would need to use strtolower on the value before using it in the in_array() statement.

 

If you include a hidden MAX_FILE_SIZE field in the form (there are examples in the php.net upload handling documentation), php should check the content-size header of the file being uploaded and abort the upload at the start.

[sphinx]

Thanks, I believe(ish) I understand this.

 

Ta.