Inserting validation into PHP upload script

[TomBullock]

Hello

I have this script, but i only want it to be able to upload music files, such as mp3, wma and wav.

 

<?php
//set where you want to store files
//in this example we keep files in folder upload 
//$HTTP_POST_FILES['ufile']['name']; = upload file name
//for example uploads file name cartoon.gif . $path will be uploads/cartoon.gif
$path= "uploads/".$HTTP_POST_FILES['ufile']['name'];
if($ufile !=none)
{
if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))
{
echo "Successful<BR/>"; 

//$HTTP_POST_FILES['ufile']['name'] = file name
//$HTTP_POST_FILES['ufile']['size'] = file size
//$HTTP_POST_FILES['ufile']['type'] = type of file
echo "File Name :".$HTTP_POST_FILES['ufile']['name']."<BR/>"; 
echo "File Size :".$HTTP_POST_FILES['ufile']['size']."<BR/>"; 
echo "File Type :".$HTTP_POST_FILES['ufile']['type']."<BR/>"; 
echo "<img src=\"$path\" width=\"150\" height=\"150\">";
}
else
{
echo "Error";
}
}
?>

 

Can anyone help me so if they try to upload anything apart from the music files i mentioned, they get an error.

 

Thanks

Tom Bullock

 

[mpharo]

What you need to do is check for the characters after the extension delimiter...so you would return everything after the last instance of a period. This is then your extension you then compare it to the list of acceptable file extensions then upload it or reject.