...

View Full Version : PHP Upload, checking for custom filetype extension



Jeffy
08-31-2011, 02:52 PM
Hi,
Newb coder Jeffy here.

I am working with an introductory book on PHP (O'Reilly's - Robin Nixon) and in one lessen a simple upload functionality is desrcribed along with some file checking to only allow specific files to be uploaded. I modified the example a bit to check for a custom filetype. However it does not work as intended:


<?php
echo <<<_END
<html><head><title>PHP Form Upload</title></head><body>


<form method='post' action='upload2.php' enctype='multipart/form-data'>
-------------LOL Uploader-------------</br></br>

Select File: <input type='file' name='filename' size='10' />
<input type='submit' value='Upload' /></form>
_END;



if ($_FILES)
{
$name = $_FILES['filename']['name'];
$ext = 'blank';
if (($_FILES['filename']['type']) == 'lol')
{
$ext = 'lol';
}
if ($ext == 'lol')
{
$n = $_FILES['filename']['name'];
move_uploaded_file($_FILES['filename']['tmp_name'], $n);
echo "Uploaded file '$name' as '$n' :<br />";

}
else echo "'$name' is not an accepted file";
}
else echo "No file has been uploaded";

echo "</body></html>";
?>


When trying to use it, files with the correct ending (example.lol) are not recognized and it skips the uploading.
I learned that this method can be used to check filetypes:
(example from the book)



switch($_FILES['filename']['type'])
{
case 'image/jpeg': $ext = 'jpg'; break;
case 'image/gif': $ext = 'gif'; break;
case 'image/png': $ext = 'png'; break;
case 'image/tiff': $ext = 'tif'; break;
default: $ext = ''; break;
}

However this appears to be some preset common filetypes. That is why I went for the more custom and direct check for the .lol checking.

Any pointers?

Jeffy
09-01-2011, 11:19 AM
Tried something different, finding the extension and comparing it to the wanted extension. Still it does not work, it skips the uploading. Am I doing something wrong with string comparison?




<?php
echo <<<_END
<html><head><title>PHP Form Upload</title></head><body>


<form method='post' action='upload2.php' enctype='multipart/form-data'>
-------------LOL Uploader-------------</br></br>

Select File: <input type='file' name='filename' size='10' />
<input type='submit' value='Upload' /></form>
_END;



if ($_FILES)
{
$filename = 'empty.xxx';
$name = $_FILES['filename']['name'];
$info = pathinfo($filename);

//check if extension matches
if ($info['extension'] == 'lol')


{
//upload
$n = $_FILES['filename']['name'];
move_uploaded_file($_FILES['filename']['tmp_name'], $n);
echo "Uploaded file '$name' as '$n' :<br />";

}

//fail
else echo "'$name' is not an accepted file";
}
else echo "No file has been uploaded";

echo "</body></html>";
?>

Inigoesdr
09-02-2011, 05:21 AM
Tried something different, finding the extension and comparing it to the wanted extension. Still it does not work, it skips the uploading. Am I doing something wrong with string comparison?

Yeah, you're explicitly setting the extension to 'xxx' and then checking to see if it's 'lol', which will never be true.

You probably want to do this:

$info = pathinfo($_FILES['filename']['name']);
if (strtolower($info['extension']) == 'lol')



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum