0

Got what I'm sure is a simple problem but can't seem to find a simple solution which works. I'm creating an image upload website and I want only JPEG's and PNG's to be the allowed file types. Here is the start of my PHP code which runs when a user clicks on the 'upload' button after selecting their file. After this I just have a long list of IF statements which all run and work.

Any help would be much appreciated.

if ($_FILES['filename']['name']['size']) {

 session_start(); $name = $_FILES['filename']['name']; $size = $_FILES['filename']['size']; $tmp_name = $_FILES['filename']['tmp_name']; if($size < 2000000) {...
Improve this question
6
  • 1
    have you checked: $_FILES['filename']['type'] Commented Mar 25, 2012 at 2:26
  • You can use regex ("/\.(\w+)$/") to check the extension and then match it against an array of supported extensions. Commented Mar 25, 2012 at 2:28
  • @KoolKabin - With regards to what you suggested, can I simply say something like if($_FILES["file"]["type"] == "image/jpeg") {... ? Commented Mar 25, 2012 at 3:01
  • @user1134548: definitely you can. but make sure you are adding or for gif, bmp and png files too if required. Commented Mar 25, 2012 at 5:09
  • So at the minute I have this but it won't let me upload any type of file. if (($_FILES['filename']['name']['size']) & ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png")) { What am I doing wrong? Commented Mar 25, 2012 at 15:10

3 Answers 3

Reset to default
6

I think this will do 

 $allowed_types =array('jpg','png') $userFile = $_FILES['filename']['name']; $error = null; // Get the file extension $extension = pathinfo($userFile, PATHINFO_EXTENSION); // Search the array for the allowed file type if (in_array($extension, $allowed_types, false) != true) { $error = "ERROR: ILLEGAL FILE TYPE"; return $error; // or use exit; }
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This worked like a charm. Thanks! One tiny correction: first line needs a semicolon at the end.
1

check the type attribute of uploaded file. Sample code from: http://www.php.net/manual/en/features.file-upload.php 

/*** now verify the mime, i did not find something more easy than verify the 'image/' ty^pe. if wrong tell it! ***/ if(!eregi('image/', $_FILES['attachement']['type'])) { echo 'The uploaded file is not an image please upload a valide file!'; } else {
Improve this answer

Comments

1

I tried this.. it helped me..

This could help you too..

<?php $target_dir = "images/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION); // Check if image file is a actual image or fake image if(isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if($check !== false) { echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { echo "File is not an image."; $uploadOk = 0; } } // Check if file already exists if (file_exists($target_file)) { echo "Sorry, file already exists."; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { echo "Sorry, your file is too large."; $uploadOk = 0; } // Allow certain file formats if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) { echo "Sorry, only JPG, PNG, JPEG and GIF files are allowed."; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Sorry, your file was not uploaded."; // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded."; } else { echo "Sorry, there was an error uploading your file."; } } ?>
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.