Jump to content

check file extension type


alanl1

Recommended Posts

Hi Professionals

 

 

I have a ffile and folder name passed through as a variable as shown in the code below ready to import into a database, with thanks to (barand) in a previous post I have managed to strip this to retreive the filename only, see code below

 

 

$newname = $_GET['newname'];  //The Uploads/ folder will need to be stripped here to retreive the filename...
$filename = basename($newname,"/");  //basename function strips off filename based on first "/"

echo $newname;

echo $filename;

 

is there any way to check that this is a .csv file extension and if not redirect them back to the previous page

 

 

thanks in advance

 

Link to comment
https://forums.phpfreaks.com/topic/278304-check-file-extension-type/
Share on other sites


$csv_mimetypes = array(
'text/csv',
'text/plain',
'application/csv',
'text/comma-separated-values',
'application/excel',
'application/vnd.ms-excel',
'application/vnd.msexcel',
'text/anytext',
'application/octet-stream',
'application/txt',
);

if (in_array($_FILES['upload']['type'], $csv_mimetypes)) {
// possible CSV file
// could also check for file content at this point to be extra sure
}

thanks for that but i do not understand that I have just put this on my page and tried passing through a pdf file and it still does show these when I echo them out it does not redirect back to my previous page either.

 

sorry once again but I am very new to php

 

 

$csv_mimetypes = array(
'text/csv',
'text/plain',
'application/csv',
'text/comma-separated-values',
'application/excel',
'application/vnd.ms-excel',
'application/vnd.msexcel',
'text/anytext',
'application/octet-stream',
'application/txt',
);

if (in_array($_FILES['upload']['type'], $csv_mimetypes)) {
}

$newname = $_GET['newname'];  //The Uploads/ folder will need to be stripped here to retreive the filename...
$filename = basename($newname,"/");  //basename function strips off filename based on first "/"

Use finfo() when checking file extensions, this will prevent fake extensions

// allowed file types here
$types = array(...);

// initiate finfo() and  get the file type of uploaded file
$finfo = new finfo(FILEINFO_MIME_TYPE);
$type = $finfo->file($_FILES['file']['tmp_name']);

// check in array
if (!in_array($type, $types)) {
    // error
}

hi eliseth

 

I have

 

$filename = basename($newname,"/");

 

echo $filename which results in 'testfile.csv'

 

where does this come from

 

$type = $finfo->file($_FILES['file']['tmp_name']);

 

 would this need to change to

$type = $finfo->file($_FILES['file']['$filename']);

 

 

?????

 

thanks

 

 

 

 

 

 

 


 

Hi Professionals

 

I am really struggling here.  here is the whole code which may help.  On the next page all that shows is

 

/uploads/test_raw.csv

 

test_raw.csv

 

the Types variable is = Array

 

then there is nothing else showing

 

 

<STYLE TYPE="text/css">
<!--
TD{font-family: Arial; font-size: 8pt;}
--->
</STYLE>

<?php include("header.php"); ?>
<!-- <?php include("footer.php"); ?> -->
<?php include("ConnectDB.php"); ?>

<?php

$newname = $_GET['newname'];  //The Uploads/ folder will need to be stripped here to retreive the filename...
$filename = basename($newname,"/");  //basename function strips off filename based on first "/"

echo $newname;

echo $filename;
// allowed file types here
$types = array(
'text/csv',
'text/plain',
'application/csv',
'text/comma-separated-values',
'application/excel',
'application/vnd.ms-excel',
'application/vnd.msexcel',
'text/anytext',
'application/octet-stream',
'application/txt',
);
echo "the Types variable is = " .$types;

// initiate finfo() and  get the file type of uploaded file
$finfo = new finfo(FILEINFO_MIME_TYPE);
$type = $finfo->file($_FILES['file']['tmp_name']);

echo "the Finfo variable is = " .$finfo;
echo "the Type variable is = " .$type;

// check in array
if (!in_array($type, $types)) {
    echo "file has an error ";
}

?>

I have changed that and it still just shows the following output

 

/uploads/test_raw.csv

 

test_raw.csv

 

the Types variable is = Array

 

 

again here is the updated code

 

 

<?php

$newname = $_GET['newname'];  //The Uploads/ folder will need to be stripped here to retreive the filename...
$filename = basename($newname,"/");  //basename function strips off filename based on first "/"

echo $newname;

echo $filename;
// allowed file types here
$types = array(
'text/csv',
'text/plain',
'application/csv',
'text/comma-separated-values',
'application/excel',
'application/vnd.ms-excel',
'application/vnd.msexcel',
'text/anytext',
'application/octet-stream',
'application/txt',
);
echo "the Types variable is = " .$types;

// initiate finfo() and  get the file type of uploaded file
$finfo = new finfo(FILEINFO_MIME_TYPE);
$type = $finfo->file($filename);

echo "the Finfo variable is = " .$finfo;
echo "the Type variable is = " .$type;

// check in array
if (!in_array($type, $types)) {
    echo "file has an error ";
}

?>

I don't think this will be a better way to achieve this.But,it might help you little:

<html>
<head>
<title>CSV Validate</title>
</head>
<body>
<form method="post" action="">
<input type="file" name="cfile" id="cfile">
<input type="submit" value="Submit">
</form>
<?php
function ext($file) {
	return substr(strrchr($file,'.'),1);
}
if (isset($_POST['cfile'])) {
$cfile = $_POST['cfile'];
$cfile = ext($cfile);
if ($cfile == 'csv'){
echo "Valid";
}
else {
echo "Not Valid";
}
}
?>
</body>
</html> 

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.