Upload, file type validation

Question

dnbmadness 0 Newbie Poster

12 Years Ago

Hey guys,

I have a form with fields and a file upload input which saves the uploaded file to a folder (/images), adds some random numbers to the filename and inserts the filename into a mysql DB.

I'm just not sure how to add file type validation into this form.

Could someone please help me?

Here is my code for handling the file upload:

    // Image Upload Script

    $uploadDir = 'images/'; //Image Upload Folder
    if(isset($_POST['submit'])) {

    $fileName = ( rand(1, 999).rand(1000,9999 ).rand(1, 999)."_". $_FILES['photo']['name']);
    $tmpName = $_FILES['photo']['tmp_name'];
    $fileSize = $_FILES['photo']['size'];
    $fileType = $_FILES['photo']['type'];
    $filePath = $uploadDir . $fileName;

    $result = move_uploaded_file($tmpName, $filePath);
    if (!$result) {
    echo "Error uploading file";
    exit;
    }
    if(!get_magic_quotes_gpc())
    {
    $fileName = addslashes($fileName);
    $filePath = addslashes($filePath);
    }
    }

Then insert the filename into the database:

    // Insert data into mysql
    $sql="INSERT INTO $tbl_name(photo)VALUES('$filePath')";
    $result=mysql_query($sql);

Thank you.

php

Edited 12 Years Ago by dnbmadness

2 Contributors
3 Replies
148 Views
3 Hours Discussion Span
Latest Post 12 Years Ago Latest Post by diafol

diafol

12 Years Ago

Get the extension like this:

$fileparts = pathinfo($fileName);
$ext = $fileparts['extension'];

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

dnbmadness 0 Newbie Poster · Answer 1 · 2012-08-24T13:47:00+00:00

Thanks for your reply, so how would I incoorperate file extensions in this? For example, if I only wanted to allow these file formats... jpg, jpeg, png, gif.

Thanks again.

diafol · Answer 2 · 2012-08-24T14:53:47+00:00

Maybe something like this:

$fileparts = pathinfo($fileName);
$ext = strtolower($fileparts['extension']);

$allowed_ext = array("jpg","jpeg","png","gif");
if(in_array($ext,$allowed_ext)){
  //run code
}