sphinx Posted January 28, 2013 Share Posted January 28, 2013 Hi. This is my basic image uploader: <?php $allowed_filetypes = array('.jpg','.gif','.bmp','.png'); $max_filesize = 2097152; $upload_path = 'upload/'; $filename = $_FILES['userfile']['name']; $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); if(!in_array($ext,$allowed_filetypes)) die('The file you attempted to upload is not allowed.'); if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize) die('The file you attempted to upload is too large.'); if(!is_writable($upload_path)) die('You cannot upload to the specified directory, please CHMOD it to 777.'); if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename)) echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; else echo 'There was an error during the file upload. Please try again.'; ?> I have the following questions: 1: Although i've specified the allowed file types, for some reason, it will allow .jpg files, but not .JPG files. 2: Is there a way for it to check the image size prior to uploading? At the moment, a massive image will fully upload before error message comes up. Thank you. Quote Link to comment Share on other sites More sharing options...
Jessica Posted January 28, 2013 Share Posted January 28, 2013 Checking the file's extension isn't the best way to determine the file type. But if you want to do it that way, look for the case-insensitive version of the function you're using to test it. Check the manual. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 28, 2013 Share Posted January 28, 2013 Computers are completely literal in what they do. To compare any letter-case variation with your allowed extensions, you would need to use strtolower on the value before using it in the in_array() statement. If you include a hidden MAX_FILE_SIZE field in the form (there are examples in the php.net upload handling documentation), php should check the content-size header of the file being uploaded and abort the upload at the start. Quote Link to comment Share on other sites More sharing options...
sphinx Posted January 29, 2013 Author Share Posted January 29, 2013 (edited) Thanks, I believe(ish) I understand this. Ta. Edited January 29, 2013 by sphinx Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.