Hi,
Tried to do some file uploading through a form.
The file uploading part works fine, but the file type and file size checking does not!! I'm a newbie to PHP and I need help.
I've tried a few different approaches to the if-statements regarding file type and size, but none of them has worked.
What the form does right now is that it uploads the selected file to the directory i've chosen, but all types and sizes goes, no restrictions! I want to check the file if it is a gif, jpg or png and I want the file size to be less than 20K.
Anyone got any ideas??
Here comes the code:
<html>
<head>
<title>Upload logotype to a server and log company info and logotype filename in a MySQL database </title>
</head>
<body>
<?php
//********************************
//Absolute path to Upload directory
$uploadpath = "bilder/upload";
//*****************************
//Define Functions
function upload($co_name, $co_address, $co_zipcode, $co_town, $co_phone, $co_fax, $co_cell, $co_contact, $co_email, $co_website, $co_logotype, $co_logotype_name, $uploadpath, $date)
{
//*****************************
//MySQL Information
//Database name
$dbname= "test_db";
//MySQL Login information
$dbhost= "localhost";
$dbusername = "test";
$dbpassword = "testing";
//Database table name
$dbtable = "co_test";
//********************************
//** Shouldn't edit anything below this point... ha! ;)
if (copy($co_logotype,$uploadpath."/".$co_name.$co_logotype_name))
{
echo "$co_name$co_logotype_name";
echo "<p>Has been Uploaded!</p>";
//Change "index.php" to whatever you call this page
echo "<br><a href=\"upload_file_test.php\">Upload another file?</a>";
// Insert stuff into the database
$database = mysql_connect($dbhost, $dbusername, $dbpassword) or die ("ERROR Cant connect to MySQL");
mysql_select_db($dbname, $database) or die("ERROR Cant connect to database");
$query = "INSERT INTO " . $dbtable . " (id, co_name, co_address, co_zipcode, co_town, co_phone, co_fax, co_cell, co_contact, co_email, co_website, co_logotype, reg_date, modified_date) VALUES (NULL,'$co_name','$co_address','$co_zipcode','$co_town','$co_phone','$co_fax','$co_cell','$co_contact','$co_email','$co_website','$co_name.$co_logotype_name','$date',NULL)";
mysql_query($query);
mysql_close($database);
}
else
{
echo "The file has not been uploaded correctly. Please go back and try again.<br>
<a href=\"javascript:history.back(-1)><<Back</a>";
}
}
//****************************************************
//Form function, change the style of this if you need to!
function form(){?>
<form name= "form1" form method="post"action="<?=$_SERVER['PHP_SELF']?>"enctype="multipart/form-data">
<table width="500">
<tr>
<td><b>Company name</b></td>
<td><input type="text" size="70" name="co_name"></td>
</tr>
<tr>
<td><b>Address</b></td>
<td><input type="text" size="70" name="co_address"></td>
</tr>
<tr>
<td><b>Zip code</b></td>
<td><input type="text" size="10" name="co_zipcode"></td>
</tr>
<tr>
<td><b>Town</b></td>
<td><input type="text" size="40" name="co_town"></td>
</tr>
<tr>
<td><b>Phone</b></td>
<td><input type="text" size="30" name="co_phone"></td>
</tr>
<tr>
<td><b>Fax</b></td>
<td><input type="text" size="30" name="co_fax"></td>
</tr>
<tr>
<td><b>Cellphone</b></td>
<td><input type="text" size="30" name="co_cell"></td>
</tr>
<tr>
<td><b>Company contact</b></td>
<td><input type="text" size="50" name="co_contact"></td>
</tr>
<tr>
<td><b>Company e-mail</b></td>
<td><input type="text" size="70" name="co_email"></td>
</tr>
<tr>
<td><b>Company website</b></td>
<td><input type="text" size="70" name="co_website"></td>
</tr>
<tr>
<td><b>Company Logotype</b></td>
<td><input type="file" size="70" name="co_logotype"></td>
</tr>
<tr><input type="hidden" name="MAX_FILE_SIZE" value="20000">
<td></td>
<td><input name="Submit" type="submit" id="Submit" value="Upload">
<input type="hidden" name="formaction" value="uploadNow">
<input type="hidden" name="date" value="<?php echo date("Y-m-d");?>">
<input name="reset" type="reset" id="reset" value="Clear"></td>
</form><?php }
//****************************************************
//End Functions
switch ($formaction){
default:
form();
break;
case "uploadNow":
if ($co_logotype == "none")
{echo("*** No logotype chosen ***<br><a href=\"javascript:history.back(-1)\"><<Back</a><br>");
//#### Check the File Type ##############
$type1 = "image/jpeg"; //jpg
$type2 = "image/png"; //png
$type3 = "image/gif"; //gif
$type4 = "image/pjpeg"; //other jpg-format
;
if ($HTTP_POST_FILES[$co_logotype]['type'] != $type1 OR $HTTP_POST_FILES[$co_logotype]['type'] != $type2 OR $HTTP_POST_FILES[$co_logotype]['type'] != $type3 OR $HTTP_POST_FILES[$co_logotype]['type'] != $type4)
{echo("Wrong file type. Only gif, jpg or png are allowed<br><a href=\"javascript:history.back(-1)\"><<Back</a><br>");}
//#####################
//######## Check the file size ################
if ($HTTP_POST_FILES[$co_logotype]['size'] > $MAX_FILE_SIZE)
{echo("The file is too big. Max file size is $MAX_FILE_SIZE.<br><a href=\"javascript:history.back(-1)\"><<Back</a><br>");}
//#############################################################################
}
else {
upload($co_name, $co_address, $co_zipcode, $co_town, $co_phone, $co_fax, $co_cell, $co_contact, $co_email, $co_website, $co_logotype, $co_logotype_name, $uploadpath, $date);
break;}
break;}
//End of upload script
?>
<!-- PHP code End -->
</body>
</html>
