Uploading - checking if it's an image?

Stu · May 30, 2003

Hi all.

Hopefully you can help me with a problem I am having. I have a script which uploads fine but I wish to make it so that only JPG's and GIFs can be uploaded. I've managed to get the script to check to see if it's JPG and if so, upload it, if not reject it but have not managed to do the same for a GIF. The script doesn't seem to want to know about checking more than once!

Here is the script:

<?
//file_upload.php
$archive_dir = "./uploads";
function upload_form() {
   global $PHP_SELF;
?>
<FORM METHOD="POST" ENCTYPE="MULTIPART/FORM-DATA" 
   ACTION="<? echo $PHP_SELF ?>">
   <INPUT TYPE="HIDDEN" NAME="action" VALUE="upload">
   <center><table border='1' bordercolor=Black width=100%><tr bgcolor='FF3399'><td><center><font face="Arial" size="2" color="FFFFFF">Upload a picture</center></font></td></tr>
   <tr bgcolor="FFFFFF"><td><font face="Arial" size="2">Here you can upload a picture of yourself to the Teen Troubles website.&nbsp; 
   All we ask is that you adhere to the following:</font><p>
   <font face="Arial" size="2">1.&nbsp; Do not upload more 
   than one image without asking us to remove one of them first.<br>2.&nbsp; No 
   adult rated content or anything else similar.</font></p>
   <p>&nbsp;<INPUT TYPE="FILE" NAME="userfile" size="20"> </p>
   <p>
   <INPUT TYPE="submit" NAME="SUBMIT" VALUE="Upload your picture!" style="color: #FFFFFF; background-color: #FF3399"></td></tr></table> </p>
</FORM>
<?
}

function upload_file() {
   global $userfile, $userfile_name, $userfile_size, 
         $userfile_type, $archive_dir, $WINDIR;

   $max_filesize = 150000;
   $type1 = "image/jpeg"; 
   $tpye2 = "image/jpg"; 
   $type3 = "image/gif";

   if(isset($WINDIR)) $userfile = str_replace("\\\\","\\", $userfile);

   $filename = basename($userfile_name);

   if ($userfile_type != $type1) die ("<center><table border='1' bordercolor=Black width=100%><tr bgcolor='FF3399'><td><center><font face=\"Arial\" size=\"2\" color=\"FFFFFF\">An error has occured</center></font></td></tr><tr bgcolor=\"FFFFFF\"><td><font face=arial size=2>Error:  Your file must be in one of the following formats: JPEG, JPG or GIF.  Please correct this and try again.<br><br>Your file is a " . $userfile_type . ".</font></td></tr></table>");

   if($userfile_size <= 0) die ("<center><table border='1' bordercolor=Black width=100%><tr bgcolor='FF3399'><td><center><font face=\"Arial\" size=\"2\" color=\"FFFFFF\">An error has occured</center></font></td></tr><tr bgcolor=\"FFFFFF\"><td><font face=arial size=2>Error:  You have either not selected something to upload or your file is too small.  Please correct this and try again.</font></td></tr></table>");

   if($userfile_size > $max_filesize) die ("<center><table border='1' bordercolor=Black width=100%><tr bgcolor='FF3399'><td><center><font face=\"Arial\" size=\"2\" color=\"FFFFFF\">An error has occured</center></font></td></tr><tr bgcolor=\"FFFFFF\"><td><font face=arial size=2>Error:  Your file is too large. " . number_format($max_filesize) . " bytes is the limit.  Please correct this and try again.</font></td></tr></table>");

   if(!@copy($userfile, "$archive_dir/$filename"))
      die("Can't copy $userfile_name to $filename.");

   if(!isset($WINDIR) && !@unlink($userfile))
      die ("Can't delete the file $userfile_name.");

   else {echo "<center><table border='1' bordercolor=Black width=100%><tr bgcolor='FF3399'><td><center><font face=\"Arial\" size=\"2\" color=\"FFFFFF\">Upload successful</font></center></td></tr><tr bgcolor=\"FFFFFF\"><td><font face=Arial size=2>Thank you for uploading your picture to the Teen Troubles photo gallery.<br><br><a href=\"links.php?id=1\">Click here to return to the main page</a></font></td></tr></table>";}
}
?>
<HTML>
<HEAD><style type="text/css">  

<!--
A:link { text-decoration: none;}
A:visited { text-decoration: none;}
A:hover { text-decoration: underline;}
-->
</style><TITLE>Upload your picture</TITLE></HEAD>
<body bgcolor="#9933FF" link="#FF3399" vlink="#FF3399" alink="#FF3399">
<?
if($action == 'upload') upload_file();
else upload_form();
?>
</BODY>
</HTML>

Thanks for any help you can offer as me and my mate have been pulling our hair out with it this morning and he's even gone to work with a copy to try and work it out!!

Regards
Stu

The_Chancer · May 30, 2003

Why not put the accepted types in an array, and use something like

$allowed_types = array("image/bmp","image/gif","image/pjpeg","image/jpeg");
if (!in_array($userfile_type,$allowed_types)) 
{
echo "Upload not allowed";
exit;
}
else
{
echo "Carry on";
}

One solution anyway....

Stu · May 30, 2003

Thanks for the suggestion but I'm getting an error on the line below:

if_(!in_array($userfile_type, $allowed_types))

Any suggestions?

The_Chancer · May 30, 2003

Try echoing the two values out.. you should get the filetype and ARRAY....

See if it is what you expect first of all...

Stu · May 30, 2003

Surely that won't work if I've got a parse error on one of the lines stopping the script from running?

The_Chancer · May 30, 2003

Thanks for the suggestion but I'm getting an error on the line below:

Is that row a direct copy n paste from your code ?

If so - there is no _ after IF, but a space....

Failing that - let us see some updated code....

To echo the variables, comment out that line "//" and just put echo .....

Uploading - checking if it's an image?

SStu

TThe_Chancer

SStu

TThe_Chancer

SStu

TThe_Chancer