People ask me how to make an upload script with optional extentions. Now everyone has their own style of coding when learning on their own and I don't spam that I'm the best but it works and I find it simple. Compared to other more dynamic scripts that always don't seem to work. I always thought I couldn't do a script like this until I couldn't find a working one and then just looked up functions to make my own and tutorials.


<?php

$filepath = "files/";

if ($_POST['Submit'] != "") {

$filename = $_FILES['image']['name'];
$file = $_FILES['image']['tmp_name'];

if(preg_match('/\.(jpg|gif|png|psd|tif|tiff|raw)$/i', $filename)) { // Contribution Snippet

if (!(file_exists("$filepath$filename"))) {
$savedfile = @copy("$file", "$filepath$filename");
}
if ($savedfile) {
echo 'File has been uploaded successfully! Your image is waiting!<br><br>
Your image is located at <a href="http://site.com/images/. $filepath . '' . $filename . '">http://site.com/images/' . $filepath . '' . $filename . '</a><br>
Upload another below! Remember you file URL! Records are not kept and the administrator is not responcible for your images!;
}
else
{
echo 'This file has not been uploaded successfully; Please use a unique file name. (<i>Example:</i> Username_Imagename.ext) If the error continues contact the administrator, Thank you.';
}

}

else {

echo 'This file is not a valid extention! Please pick an image file.';

}
}


echo '<div align="center"><form method="post" action="upload.php" enctype="multipart/form-data">
<input name="image" type="file" size="20"><br> <br>
<input type="submit" name="Submit" value="Upload!" size="20"><br>
</form></div>';

?>

Nice job, but I know you can shorten that at least... 20 lines! :P

Just make your if's and elseif's into an if/else.

if (preg_match("/.jpg/i", $filename) || preg_match("/.gif/i", $filename) || preg_match("/.png/i", $filename) || preg_match("/.psd/i", $filename) || preg_match("/.tif/i", $filename) || preg_match("/.tiff/i", $filename) || preg_match("/.raw/i", $filename)) {
$valid = true;
}
else
{
$valid = false;
}


Other than that, as I said before, nice job. ;)
-Yaggles

Nice job, but I know you can shorten that at least... 20 lines! :P

Just make your if's and elseif's into an if/else.

if (preg_match("/.jpg/i", $filename) || preg_match("/.gif/i", $filename) || preg_match("/.png/i", $filename) || preg_match("/.psd/i", $filename) || preg_match("/.tif/i", $filename) || preg_match("/.tiff/i", $filename) || preg_match("/.raw/i", $filename)) {
$valid = true;
}
else
{
$valid = false;
}


Other than that, as I said before, nice job. ;)
-Yaggles

You know I tried that, with || and & and it kept returning the file wasn't upload error.

Nice!

Ive been trying to do this for ages!

Thanks! :)

Nice!

Ive been trying to do this for ages!

Thanks! :)

Your very welcome.

You know what... you can shorten it by more than 20 lines!..


<?php
if(preg_match('/\.(jpg|gif|png|psd|tif|tiff|raw)$/i', $filename)){

if (!(file_exists("$filepath$filename"))) {
$savedfile = @move_uploaded_file("$file", "$filepath$filename");
// Should really use move_uploaded_file, not copy().. :)
}
if ($savedfile) {
echo 'File has been uploaded successfully! Your image is waiting!<br><br>
Your image is located at <a href="http://site.com/images/'. $file_path . '' . $file_name .'">http://site.com/images/' . $file_path . '' . $file_name . '</a><br>
Upload another below! Remember you file URL! Records are not kept and the administrator is not responcible for your images!';
}
else
{
echo 'This file has not been uploaded successfully; Please use a unique file name. (<i>Example:</i> Username_Imagename.ext) If the error continues contact the administrator, Thank you.';
}

}

else {

echo 'This file is not a valid extention! Please pick an image file.';

}
}

}
else
{
echo '<div align="center"><form method="post" action="upload.php" enctype="multipart/form-data">
<input name="image" type="file" size="20"><br> <br>
<input type="submit" name="Submit" value="Upload!" size="20"><br>
</form></div>';
}
?>

You know what... you can shorten it by more than 20 lines!..


<?php
if(preg_match('/\.(jpg|gif|png|psd|tif|tiff|raw)$/i', $filename)){

if (!(file_exists("$filepath$filename"))) {
$savedfile = @move_uploaded_file("$file", "$filepath$filename");
// Should really use move_uploaded_file, not copy().. :)
}
if ($savedfile) {
echo 'File has been uploaded successfully! Your image is waiting!<br><br>
Your image is located at <a href="http://site.com/images/'. $file_path . '' . $file_name .'">http://site.com/images/' . $file_path . '' . $file_name . '</a><br>
Upload another below! Remember you file URL! Records are not kept and the administrator is not responcible for your images!';
}
else
{
echo 'This file has not been uploaded successfully; Please use a unique file name. (<i>Example:</i> Username_Imagename.ext) If the error continues contact the administrator, Thank you.';
}

}

else {

echo 'This file is not a valid extention! Please pick an image file.';

}
}

}
else
{
echo '<div align="center"><form method="post" action="upload.php" enctype="multipart/form-data">
<input name="image" type="file" size="20"><br> <br>
<input type="submit" name="Submit" value="Upload!" size="20"><br>
</form></div>';
}
?>


Oh my god! We have a saviour! I was looking for how to do that but they had no examples in my books and I was having trouble searching for the right one. Thank you, thank you, thank you.

Glad I could be of service :)

Just so you know, it'd be wiser to check the mimetype of the uploaded file rather than its extension:


if (strpos ($_FILES['image']['type'], 'image/') === 0)
{
// The file is of type image/*, which includes image/jpeg, image/gif, image/png, etc.
}

Oooh, and shorter STILL (with a bug fix: the form didn't display "below" despite them being told they could upload another one below.)

It's two lines longer, but if you collapse the curly brackets it's many lines shorter... I keep them on their own line for legibility reasons. :cool:


<?php
if (is_uploaded_file ($_FILES['image']['tmp_name'])
{
if (strpos ($_FILES['image']['type'], 'image/') === 0)
{
if (@move_uploaded_file ($file, $filepath.$filename))
{
echo '
<p>File has been uploaded successfully! Your image is waiting!</p>
<p>Your image is located at <a href="http://site.com/images/'.$file_path.$file_name.'">http://site.com/images/'.$file_path.$file_name.'</a><br>
Upload another below! Remember your file URL! Records are not kept and the administrator is not responcible for your images!</p>
';
}
else
{
echo '<p>Despite being properly uploaded, the file failed the moving process. Please contact the administrator.</p>';
}
}
else
{
echo '<p>This file is not a valid extention! Please pick an image file.</p>';
}
}
else
{
echo '<p>This file has not been uploaded successfully; Please use a unique file name. (<em>Example:</em> Username_Imagename.ext) If the error continues contact the administrator, Thank you.</p>';
}

echo '
<div align="center">
<form method="post" action="upload.php" enctype="multipart/form-data">
<p><input name="image" type="file" size="20"></p>
<p><input type="submit" name="Submit" value="Upload!" size="20"></p>
</form>
</div>
';
?>


Haha, and without curlies at all (which is allowed when you're only calling one statement after the if ()):


<?php
if (is_uploaded_file ($_FILES['image']['tmp_name'])
if (strpos ($_FILES['image']['type'], 'image/') === 0)
if (@move_uploaded_file ($file, $filepath.$filename))
echo '
<p>File has been uploaded successfully! Your image is waiting!</p>
<p>Your image is located at <a href="http://site.com/images/'.$file_path.$file_name.'">http://site.com/images/'.$file_path.$file_name.'</a><br>
Upload another below! Remember your file URL! Records are not kept and the administrator is not responcible for your images!</p>
';
else
echo '<p>Despite being properly uploaded, the file failed the moving process. Please contact the administrator.</p>';
else
echo '<p>This file is not a valid extention! Please pick an image file.</p>';
else
echo '<p>This file has not been uploaded successfully; Please use a unique file name. (<em>Example:</em> Username_Imagename.ext) If the error continues contact the administrator, Thank you.</p>';

echo '
<div align="center">
<form method="post" action="upload.php" enctype="multipart/form-data">
<p><input name="image" type="file" size="20"></p>
<p><input type="submit" name="Submit" value="Upload!" size="20"></p>
</form>
</div>
';
?>


Sorry. Couldn't resist...

Oooh, and shorter STILL (with a bug fix: the form didn't display "below" despite them being told they could upload another one below.)

It's two lines longer, but if you collapse the curly brackets it's many lines shorter... I keep them on their own line for legibility reasons. :cool:


<?php
if (is_uploaded_file ($_FILES['image']['tmp_name'])
{
if (strpos ($_FILES['image']['type'], 'image/') === 0)
{
if (@move_uploaded_file ($file, $filepath.$filename))
{
echo '
<p>File has been uploaded successfully! Your image is waiting!</p>
<p>Your image is located at <a href="http://site.com/images/'.$file_path.$file_name.'">http://site.com/images/'.$file_path.$file_name.'</a><br>
Upload another below! Remember your file URL! Records are not kept and the administrator is not responcible for your images!</p>
';
}
else
{
echo '<p>Despite being properly uploaded, the file failed the moving process. Please contact the administrator.</p>';
}
}
else
{
echo '<p>This file is not a valid extention! Please pick an image file.</p>';
}
}
else
{
echo '<p>This file has not been uploaded successfully; Please use a unique file name. (<em>Example:</em> Username_Imagename.ext) If the error continues contact the administrator, Thank you.</p>';
}

echo '
<div align="center">
<form method="post" action="upload.php" enctype="multipart/form-data">
<p><input name="image" type="file" size="20"></p>
<p><input type="submit" name="Submit" value="Upload!" size="20"></p>
</form>
</div>
';
?>


Haha, and without curlies at all (which is allowed when you're only calling one statement after the if ()):


<?php
if (is_uploaded_file ($_FILES['image']['tmp_name'])
if (strpos ($_FILES['image']['type'], 'image/') === 0)
if (@move_uploaded_file ($file, $filepath.$filename))
echo '
<p>File has been uploaded successfully! Your image is waiting!</p>
<p>Your image is located at <a href="http://site.com/images/'.$file_path.$file_name.'">http://site.com/images/'.$file_path.$file_name.'</a><br>
Upload another below! Remember your file URL! Records are not kept and the administrator is not responcible for your images!</p>
';
else
echo '<p>Despite being properly uploaded, the file failed the moving process. Please contact the administrator.</p>';
else
echo '<p>This file is not a valid extention! Please pick an image file.</p>';
else
echo '<p>This file has not been uploaded successfully; Please use a unique file name. (<em>Example:</em> Username_Imagename.ext) If the error continues contact the administrator, Thank you.</p>';

echo '
<div align="center">
<form method="post" action="upload.php" enctype="multipart/form-data">
<p><input name="image" type="file" size="20"></p>
<p><input type="submit" name="Submit" value="Upload!" size="20"></p>
</form>
</div>
';
?>


Sorry. Couldn't resist...

Thanks for the offer but the form displays just as defined and I've been using the same script for a year now from its original version. And the point of the script as suggested is to define the specifics of what file types you want used. Not just images. Some forms of images arn't even under the image/ header list.

In missing-score's example, it wouldn't show the form; it's surrounded in an else {}.

And still the mime-type check would be more reliable. I've had clients trying to upload renamed .gif files to forms I've made that accept .jpeg only. It'd just be a matter off creating an array of accepted types, and using in_array () to see if the $_FILES['field']['type'] is in that array.

the thing is though, if they upload the file as a .jpg when its a .gif, the server is going to send a image/jpeg content type header... so it won't displayy properly anyway...

Ah, well that's just dumb PHP behaviour. Use mime_content_type ($_FILES['field']['tmp_name']); and you'll get accurate types. The MIME extension needs to be enabled, but in the event it isn't and you're running on a *nix server, you can use the return value of `file -bi `.$_FILES['field']['tmp_name'];

Ahh i see, thats usefull.. I hadn't actually seen that function before... But if you are looking to write portable scripts then I guess it would still be better to check the extension than rely on something that may not be possible.

But still, thanks anyway, this will come in handy!

Ahem... o.o; *dies* Thanks... if I ever feel like comprehending those opinions going back and fourth I may edit the script again. However it does work just fine for me and I upload images after already uploading one and on the finnished page. The form shows fine how I wanted it to. :thumbsup: Thanks thought.