View Full Version : verifying mail() attachments to specific file formats

01-18-2004, 08:15 PM
Hello, I am creating an on-line job application where the user fills out a form with their info and then uploads two attachments. One is required, their resume, and the other is optional, a cover letter. Then I pass the form input to my emailing script to verify, clean, etc. all my variables and format the output.

What I would like to do is verify that the user has attached only an acceptable file format. This will of course be instructed to them on the form but I want to make sure that they do.

The formats accepted are .doc, .pdf, .txt (maybe I will include rtf as well but this doesn't matter right now)

I'm thinking that this would just be an if statement of some sort. For example,

if ($example == .doc or .pdf or .txt) {
} else {
Sorry this is not an acceptable file format please try again

My question is I'm wondering how to actually verify these formats... should they be set up as strings and I'm actually just verifying that the characters of the strings are identical? it gets confusing for me as a php rookie because I wouldn't know how to specify the position of these characters when the preceding char length is unknown because this is the user's file name?

Could someone please help me get going in the right direction with this please?

Dylan Leblanc
01-18-2004, 09:28 PM
This is how to do it

Get the extension like this:

$extension = substr(strToLower($_FILES['xxx']['name']), -3);

where xxx is the name of the html form's field

This will check the file's extension:

if (in_array($extension, array('doc', 'pdf', 'txt'))

I use something like this on my website and it works quite well

// if not GIF

$imagesize = @getImageSize($_FILES['drawing']['tmp_name']);

if (($imagesize[2] != 1) || (!in_array(subStr(strToLower($_FILES['drawing']['name']), -3), $this->format['drawing']['valid file extensions']))) {
$this->error[] = 'File is not GIF format (field: ' . $this->format['drawing']['title'] . ')';
return 0;

01-18-2004, 09:48 PM
To get the filetype, use $_FILES['xxx']['type']

Dylan Leblanc
01-18-2004, 10:08 PM
Yeah, that gives the MIME type of the file. The manual says "if the borwser provided this information", http://www.php.net/manual/en/features.file-upload.php#features.file-upload.post-method

01-19-2004, 01:29 AM
Thank you Dylan and Nightfire... as a rookie with PHP I find it so much easier when I see code as an example. Quite often these examples aren't so explicit to my needs when researching the subject and of course this causes many hours of frustration.

I use PHP.net manual quite a bit now and I must have been entering wrong search terms cause I just couldn't find this one... so thanks for the link Dylan. Cheers to Vancouver... I just moved outta there a year and half ago...


01-19-2004, 05:24 AM
I tried to interpret Dylan's example that he uses, but I can't seem to interpret it in a way that fit's my needs. I can see that it would probably be just what I need to check both size and format, but because image size and file size are different functions I can't seem to figure it out. I can't believe I used to think I was somewhat intelligent before I started learning PHP... :o

I retrieve the file type as mentioned but don't know quite how this would fit in.
to retrieve file type use $_FILES['xxxx']['type']

Due to my inexperience my coding is probably not the most efficient way to do it, but I'm wondering if I'm on the right track for checking that the files are not exceeding the size and are of proper file format?

// retrieve file information



// verify files are not over max size

if (filesize($_FILES['file_resume']['size']) <= 2097152) {

$file_resume = $_FILES['file_resume']['name'];

} else {
echo "Sorry but your file exceeds the maximum size of 2MB.";

if (filesize($_FILES['file_cover']['size']) <= 2097152) {

$file_resume = $_FILES['file_resume']['name'];

} else {
echo "Sorry but your file exceeds the maximum size of 2MB.";

// verify files are of proper format

$extension_1 = substr(strToLower($_FILES['file_resume']['name']), -3);

if (in_array($extension_1, array('doc', 'pdf', 'txt'))

$file_resume = $_FILES['file_resume']['name'];

} else {
echo "Sorry but your file is not of an acceptable format - .doc, .pdf, or .txt ";

$extension_2 = substr(strToLower($_FILES['file_cover']['name']), -3);

if (in_array($extension_2, array('doc', 'pdf', 'txt'))

$file_resume = $_FILES['file_cover']['name'];

} else {
echo "Sorry but your file is not of an acceptable format - .doc, .pdf, or .txt ";

EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum