Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New Coder
    Join Date
    Jun 2007
    Location
    Chico, CA
    Posts
    40
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Question Limiting file type uploads help!

    Hey guys I'm kinda diving into my first php file uploader and I need some of your almighty direction. I only know how to limit individual file types, but writing a section to block every other filetype in the world is going to make this thing huge.

    My goal: only allow people to upload these video filetypes:

    .AVI, .MOV, .MPG, .MPEG, .MPEG2, .WMV

    If any of you guys could possibly help me out, that would mean the world to me! Seriously.

    Here's my current upload.php file:
    PHP Code:
    <?php
    $target 
    "upload/";
    $target $target basename$_FILES['uploaded']['name']) ;
    $ok=1;

    //Size condition
    if ($uploaded_size 350000)
    {
    echo 
    "Your file is too large.<br>";
    $ok=0;
    }

    //Limit file type condition
    if ($uploaded_type =="text/php")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }
    if (
    $uploaded_type =="text/cgi")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }
    if (
    $uploaded_type =="text/html")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }
    if (
    $uploaded_type =="text/asp")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }
    if (
    $uploaded_type =="text/pl")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }
    if (
    $uploaded_type =="image/gif")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }
    if (
    $uploaded_type =="image/jpg")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }
    if (
    $uploaded_type =="image/png")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }
    if (
    $uploaded_type =="image/tif")
    {
    echo 
    "Not an approved file type.<br>";
    $ok=0;
    }

    //Check that $ok was not set to 0 by an error
    if ($ok==0)
    {
    Echo 
    "Sorry your file was not uploaded";
    }

    //If everything is ok
    else
    {
    if(
    move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
    {
    echo 
    "The file ".
    basename$_FILES['uploadedfile']['name']). " has been uploaded";
    }
    else
    {
    echo 
    "Sorry, there was a problem uploading your file.";
    }
    }
    ?>
    Thanks in advance for any help you can provide.

  • #2
    Senior Coder
    Join Date
    Apr 2007
    Location
    Quakertown PA USA
    Posts
    1,028
    Thanks
    1
    Thanked 125 Times in 123 Posts
    Instead of trying to block a list of file types, only allow those you want.

    So instead of checking if a file type is whatever, check if it is not one of the types you wish to allow.

  • #3
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,011
    Thanks
    2
    Thanked 312 Times in 304 Posts
    Also, if you put the allowed types into an array, you can use the in_array() function http://php.net/in_array to test for an accepted type instead of using a long list of conditional logic to test each possible value.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #4
    New Coder
    Join Date
    Jun 2007
    Location
    Chico, CA
    Posts
    40
    Thanks
    9
    Thanked 0 Times in 0 Posts
    This is probably terribly wrong, but does this make sense?

    (edited:3:58pm)
    PHP Code:
    //This is our limit file type condition

    $videofiles = array("video/avi""video/mov""video/mpg""video/mpeg""video/mpeg2");
    if (!(
    $uploaded_type==(in_array($videofiles)))){
    echo 
    "You may only upload .AVI, .MOV, .MPG, .MPEG, or .MPEG2 files.<br>";
    $ok=0;

    I'm pretty new to php, so sorry for bothering you guys..
    Last edited by dancrew32; 07-20-2007 at 12:19 AM. Reason: wrong code

  • #5
    Regular Coder
    Join Date
    May 2006
    Location
    Wales
    Posts
    820
    Thanks
    1
    Thanked 82 Times in 79 Posts
    PHP Code:
    //This is our limit file type condition

    $videofiles = array("video/avi""video/mov""video/mpg""video/mpeg""video/mpeg2");
    if (!
    in_array($uploaded_type$videofiles)){
        echo 
    "You may only upload .AVI, .MOV, .MPG, .MPEG, or .MPEG2 files.<br>";
        
    $ok=0;


  • #6
    New Coder
    Join Date
    Jun 2007
    Location
    Chico, CA
    Posts
    40
    Thanks
    9
    Thanked 0 Times in 0 Posts
    That is successful at blocking other MIME types, but it seems to be blocking everything now.

    Everytime I upload a proper video file it's echoing You may only upload .AVI, .MOV, .MPG, .MPEG, or .MPEG2 files.

    Here is my current code:

    PHP Code:
    <?php
    $target 
    "upload/";
    $target $target basename$_FILES['uploaded']['name']) ;
    $videofiles = array("video/x-msvideo""video/quicktime""video/mpeg""video/mpeg2");
    $ok=1;

    //This is our size condition. limited to a gig
    if ($uploaded_size 1000000000)
    {
    echo 
    "Your file is too large. Make it less than 1 GB.<br>";
    $ok=0;
    }

    //This is our limit file type condition

    if (!in_array($uploaded_type$videofiles)){
    echo 
    "You may only upload .AVI, .MOV, .MPG, .MPEG, or .MPEG2 files.<br>";
    $ok=0;
    }

    //Here we check that $ok was not set to 0 by an error
    if ($ok==0)
    {
    Echo 
    "Sorry your file was not uploaded";
    }

    //If everything is ok we try to upload it
    else
    {
    if(
    move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
    {
    echo 
    "The file ".
    basename$_FILES['uploadedfile']['name']). " has been uploaded";
    }
    else
    {
    echo 
    "Sorry, there was a problem uploading your file.";
    }
    }
    ?>
    Last edited by dancrew32; 07-20-2007 at 01:20 AM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •