How would you check image size and valid image format from multi image upload?

[imgrooot]

I have a script here that lets you upload and submit multiple images.  It works. But there are couple things i would like to add.

 

1. Have 2 mb limit for each image upload. Give an error if any of the image is over 2 mb.

2. Check if the uploaded images are valid types (jpeg, jpg, gift, and png).

 

Here is the script.

$get_username = 'myusername';
$get_email    = 'smith@myemail.com';

// we'll begin by assigning the To address and message subject
$to		=  "johndoe@myemail.com";
$subject	= "Subject message here....";

// get the sender's name and email address
// we'll just plug them a variable to be used later
$from = stripslashes($get_username)."<".stripslashes($get_email).">";

// generate a random string to be used as the boundary marker
$mime_boundary="==Multipart_Boundary_x".md5(mt_rand())."x";

// now we'll build the message headers
$headers = "From: $from\r\n" .
"MIME-Version: 1.0\r\n" .
   "Content-Type: multipart/mixed;\r\n" .
   " boundary=\"{$mime_boundary}\"";

// here, we'll start the message body.
// this is the text that will be displayed
// in the e-mail
$message = "message text here...";

// next, we'll build the invisible portion of the message body
// note that we insert two dashes in front of the MIME boundary
// when we use it
$message = "This is a multi-part message in MIME format.\n\n" .
   "--{$mime_boundary}\n" .
   "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
   "Content-Transfer-Encoding: 7bit\n\n" .
$message . "\n\n";

// now we'll process our uploaded files
foreach($_FILES as $userfile){
   // store the file information to variables for easier access
   $tmp_name = $userfile['tmp_name'];
   $type 		= $userfile['type'];
   $name 		= $userfile['name'];
   $size 		= $userfile['size'];

   // if the upload succeded, the file will exist
   if(file_exists($tmp_name)){

      // check to make sure that it is an uploaded file and not a system file
      if(is_uploaded_file($tmp_name)){

         // open the file for a binary read
         $file = fopen($tmp_name,'rb');

         // read the file content into a variable
         $data = fread($file,filesize($tmp_name));

         // close the file
         fclose($file);

         // now we encode it and split it into acceptable length lines
         $data = chunk_split(base64_encode($data));
      }

      // now we'll insert a boundary to indicate we're starting the attachment
      // we have to specify the content type, file name, and disposition as
      // an attachment, then add the file content.
      // NOTE: we don't set another boundary to indicate that the end of the
      // file has been reached here. we only want one boundary between each file
      // we'll add the final one after the loop finishes.
      $message .= "--{$mime_boundary}\n" .
         "Content-Type: {$type};\n" .
         " name=\"{$name}\"\n" .
         "Content-Disposition: attachment;\n" .
         " filename=\"{$fileatt_name}\"\n" .
         "Content-Transfer-Encoding: base64\n\n" .
      $data . "\n\n";
   }
}
// here's our closing mime boundary that indicates the last of the message
$message.="--{$mime_boundary}--\n";
// now we just send the message
if(@mail($to, $subject, $message, $headers)) {
   echo 'sent';
} else {
  echo 'There was a problem. Please try again.';
}

One more thing. I notice that some of the images that i take from online(e.g. google images) won't upload, even though they are normal types like jpeg, gift, png. Do you know why that might happen? Are those images somehow encrypted or something?

[requinix]

If you want to check the file size then

$size 		= $userfile['size'];

would be a good place to start.

 

If you want to check file type then

$type 		= $userfile['type'];

would be a bad place to start. It's not trustworthy. Use getimagesize and optionally the file extension to decide whether the file is an image; if you don't check the extension then you should at least make sure the extension in the email is correct (and not from the uploaded filename).

 

As for files not uploading, you'll have to be more specific. How does it "not upload"?