swingsatellite
New Member
\[code\]<html><body><form action="upload-file.php" method="post"enctype="multipart/form-data"><label for="file">Filename:</label><input type="file" name="file" id="file"><br><input type="submit" name="submit" value="http://stackoverflow.com/questions/14046957/Submit"></form></body></html> \[/code\]Here is the php code for file upload..I want to use this php code which i got from w3schools..do you think this is a safe code for file upload? this is the simplest code I found which works very great.. I have tried a couple of codes from other sources but I couldn't get them work....any idea?\[code\]<?phpini_set('display_errors', '0');error_reporting(E_ALL | E_STRICT);$allowedExts = array("jpg", "jpeg", "gif", "png");$extension = end(explode(".", $_FILES['file']['name']));if ((($_FILES["file"]["type"] == "image/gif")|| ($_FILES["file"]["type"] == "image/jpeg")|| ($_FILES["file"]["type"] == "image/png")|| ($_FILES["file"]["type"] == "image/pjpeg"))&& ($_FILES["file"]["size"] < 2097152)&& in_array($extension, $allowedExts)){if ($_FILES["file"]["error"] > 0){echo "Return Code: " . $_FILES["file"]["error"] . "<br>";}else{echo "Upload: " . $_FILES["file"]["name"] . "<br>";echo "Type: " . $_FILES["file"]["type"] . "<br>";echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";if (file_exists("images/" . $_FILES["file"]["name"])){echo $_FILES["file"]["name"] . " already exists. ";}if($_FILES['file']['size'] > 2097152 ) //2mbecho 'File over 2MB';else{move_uploaded_file($_FILES["file"]["tmp_name"],"images/" . $_FILES["file"]["name"]);echo "Stored in: " . "images/" . $_FILES["file"]["name"];}}}else{echo "Invalid file";}?> \[/code\]