that can be returned by $_FILES['userfile']['type']<br /><br />I'm trying to restrict my upload script to only image files.<br /><br />for example:<br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->if ($file_type != "image/gif") {<br />die ("File is not a image. Try again");<br />}<!--c2--></div><!--ec2--><br /><br />can i use a wildcard so I can just put:<br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->if ($file_type != "image/*") {<br />die ("File is not a image. Try again");<br />}<!--c2--></div><!--ec2--><br /><br />I know that exactly won't work, because I tried it, but is there a way I dont know about to use a wildcard in that?<!--content-->
My php knowlege is sparce to say the least, I'm just now learning more about it but I doubt you could use a wildcard there. That would be more like if you wanted to get every .gif file in the folder.<br /><br />I'd say try listing just all the diffrent image formats you can, or put in a sub title that you only accept a certain type of file, and create a "don't list" if it would be simpler.<br /><br />Hope this helps a little! <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/wink.gif" style="vertical-align:middle" emoid="
" border="0" alt="wink.gif" /><!--content-->
yea i put image files only, but ive already had a couple mp3s and some zips pop up in there. I'm worried about someone uploading a php file and going nutty before I catch it.<!--content-->
Hi,<br /><br />If the gif one works, then you can do multi lists and just list all the image tags. Using a *.* would not work<br /><br />Jim<!--content-->
Hi,<br /><br />I just googled a bit and found this, :<br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->
<!--c2--></div><!--ec2--><br /><br />Should do the trick for you <br /><br />Jim<!--content-->
thanks those are the ones i have in my list now, i was just seeing if anyone knew of any others<!--content-->
this is what I've got anybody see anything wrong, or a better way I could have done something?<br /><br />$superdat is the variable thats the filename they put in to upload<br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->//define allowed file types<br />$allowed = array(<br />"image/bmp",<br />"image/gif",<br />"image/jpeg",<br />"image/pjpeg",<br />"image/png",<br />"image/psd",<br />"image/tiff",<br />"image/iff"<br />);<br /><br />//convert filenames to lowercase<br /><br />$superdat_name = strtolower($superdat_name);<br /><br />//remove spaces from file names and replace them with underscores<br /><br />$superdat_name = str_replace(" ", "_", $superdat_name);<br /><br />//check to see if filetype is allowed<br /><br />if(!in_array($superdat_type, $allowed)) {<br /><br />//if not allowed show error and link back to main page<br /><br />echo "<BR><center><a href = <!-- m --><a class="postlink" href="http://www.totalchoicehosting.com/forums/lofiversion/index.php/'http&">http://www.totalchoicehosting.com/forum ... 'http&</a><!-- m -->#58;//upload.dozure.net'>Try again</a><br><br>";<br />echo "If you believe you got this error mistakenly, contact dozure with the error below<br><br>";<br />die ("ERROR: Files of type <font color = 'red'>$superdat_type</font> are not images.</center>");<br />}<!--c2--></div><!--ec2--><!--content-->
My php knowlege is sparce to say the least, I'm just now learning more about it but I doubt you could use a wildcard there. That would be more like if you wanted to get every .gif file in the folder.<br /><br />I'd say try listing just all the diffrent image formats you can, or put in a sub title that you only accept a certain type of file, and create a "don't list" if it would be simpler.<br /><br />Hope this helps a little! <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/wink.gif" style="vertical-align:middle" emoid="
" border="0" alt="wink.gif" /><!--content-->yea i put image files only, but ive already had a couple mp3s and some zips pop up in there. I'm worried about someone uploading a php file and going nutty before I catch it.<!--content-->
Hi,<br /><br />If the gif one works, then you can do multi lists and just list all the image tags. Using a *.* would not work<br /><br />Jim<!--content-->
Hi,<br /><br />I just googled a bit and found this, :<br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->
PHP:
<br /><?php<br /><br />#############################################<br />// START SETTINGS<br /><br />// Path to save upload (no end slash!!)<br />$GLOBALS['Upload_path'] = "/dir/to/upload";<br /><br />// Allowed types<br />$GLOBALS['allowed_types'] = array(<br />"application/x-gzip-compressed",<br />"application/x-shockwave-flash",<br />"application/x-tar",<br />"application/x-zip-compressed",<br />"image/bmp",<br />"image/gif",<br />"image/jpeg",<br />"image/pjpeg",<br />"image/png",<br />"image/psd",<br />"image/tiff",<br />"image/iff"<br />);<br /><br />// Maximum size of upload allowed (in bytes)<br />$GLOBALS['max_filesize'] = 1000000;<br /><br />// Maximum dimentions for image uploads (in pixels)<br />$GLOBALS['max_image_height'] = 1240;<br />$GLOBALS['max_image_width'] = 1600;<br /><br />// END SETTINGS<br />#############################################<br /><br />// Tells whether the file submitted to be uploaded<br />if(is_uploaded_file($_FILES['userfile'])) {<br /><br />// returns error if file type not in allowed types<br />if(!in_array($_FILES['userfile']['type'], $GLOBALS['allowed_types'])) {<br /><br />echo "File not allowed";<br />exit();<br /><br />}<br /><br />// returns error if file size is bigger than defined file size<br />if($_FILES['userfile']['size'] > $GLOBALS['max_filesize']) {<br /><br />echo "File size too large";<br />exit();<br /><br />}<br /><br />// checks if file is image, if so then checks the width and height against defined settings above<br />if(eregi("image", $_FILES['userfile']['type']) && (in_array($_FILES['userfile']['type'], $GLOBALS['allowed_types']))) {<br /><br />$imagesize = GetImageSize($_FILES['userfile']['tmp_name']);<br /><br />// Checks width<br />if ($imagesize[0] > $GLOBALS['max_image_width']) {<br />echo "Your image should be no wider than " . $GLOBALS['max_image_width'] . " Pixels";<br />exit();<br />}<br /><br />// Checks height<br />if ($imagesize[1] > $GLOBALS['max_image_height']) {<br />echo "Your image should be no higher than " . $GLOBALS['max_image_height'] . " Pixels";<br />exit();<br />}<br /><br />}<br /><br />// if the file is not uploaded correctly, it will return a unsuccessful<br />if(!@copy($_FILES['userfile']['tmp_name'], $GLOBALS['Upload_path'] . "/" . $_FILES['userfile']['name'])) {<br /><br />echo "Upload was not successful";<br />exit();<br /><br />// else it will return successful<br />} else {<br /><br />echo "Upload successful<br>";<br />echo "File: <b>" . $_FILES['userfile']['name'] . "</b><br>";<br />echo "Size: <b>" . $_FILES['userfile']['size'] . "</b><br>";<br />echo "Type: <b>" . $_FILES['userfile']['type'] . "</b><br>";<br />exit();<br /><br />}<br /><br />// shows the form if no file has been submitted<br />} else {<br />?><br /><form action="<?= $_SERVER['PHP_SELF'] ?>" method="post" enctype="multipart/form-data"><br /><input type="file" name="userfile" size="50"><br /><br><br><br /><input type="submit" value="Upload!"><br /></form> <br /><?<br />}<br />?><br />thanks those are the ones i have in my list now, i was just seeing if anyone knew of any others<!--content-->
this is what I've got anybody see anything wrong, or a better way I could have done something?<br /><br />$superdat is the variable thats the filename they put in to upload<br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->//define allowed file types<br />$allowed = array(<br />"image/bmp",<br />"image/gif",<br />"image/jpeg",<br />"image/pjpeg",<br />"image/png",<br />"image/psd",<br />"image/tiff",<br />"image/iff"<br />);<br /><br />//convert filenames to lowercase<br /><br />$superdat_name = strtolower($superdat_name);<br /><br />//remove spaces from file names and replace them with underscores<br /><br />$superdat_name = str_replace(" ", "_", $superdat_name);<br /><br />//check to see if filetype is allowed<br /><br />if(!in_array($superdat_type, $allowed)) {<br /><br />//if not allowed show error and link back to main page<br /><br />echo "<BR><center><a href = <!-- m --><a class="postlink" href="http://www.totalchoicehosting.com/forums/lofiversion/index.php/'http&">http://www.totalchoicehosting.com/forum ... 'http&</a><!-- m -->#58;//upload.dozure.net'>Try again</a><br><br>";<br />echo "If you believe you got this error mistakenly, contact dozure with the error below<br><br>";<br />die ("ERROR: Files of type <font color = 'red'>$superdat_type</font> are not images.</center>");<br />}<!--c2--></div><!--ec2--><!--content-->