[Resolved] Upload file help

guest

i downloaded an uploading script and i want to add function that doesnt allow uploading anytype of php file, could you guys help 🙂

heres some snippets of the parts i think the function would go in, its not all the script

function display_upload_form() {
	global $MAX_FILE_SIZE, $_SERVER;
	// display upload html

echo "<br /><table cellspacing=5 align=\"center\"><tr><td>\n
<h1>Upload File: (Under $MAX_FILE_SIZE Bytes)</h1>\n
<FORM ENCTYPE=\"multipart/form-data\" ACTION=\"$_SERVER[PHP_SELF]?action=upload\" METHOD=POST>\n
<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"$MAX_FILE_SIZE\" />
<INPUT NAME=\"userfile\" TYPE=\"file\" class=\"input\" size=\"50\"><BR>\n
<INPUT TYPE=\"submit\" VALUE=\"Send File\" class=\"bottombutton\"> <span class=\"othertext\"><input name=\"overwrite_me\" value=\"yes\" type=\"checkbox\"> Overwrite old file? <a href=\"$_SERVER[PHP_SELF]?action=uploadmulti\">Upload multiple files at once</a></span>\n
</FORM>\n
</td></tr></table>\n";


} // end of function display_upload_form

function error_checking($file_name, $file_tmp_name, $file_error) {
	global $MAX_FILE_SIZE, $userpath, $httppath;
	if($file_error == 1) {
		print_error("Error", "The uploaded file <b>$file_nam</b> exceeds the upload_max_filesize directive in php.ini.");
		return false;
	} elseif($file_error == 2) {
		print_error("Error", "The file <b>$file_nam</b> you are uploading is bigger than the maximum size allowed: $MAX_FILE_SIZE bytes.");
		return false;
	} elseif($file_error == 3) {
		print_error("Error", "The uploaded file <b>$file_nam</b> was only partially uploaded.");
		return false;
	} elseif($file_error == 3) {
		print_error("Error", "No file <b>$file_nam</b> was uploaded.");
		return false;
	} else {
		return true;

}

} // end of function error_checking

function upload_file($file_name, $file_tmp_name, $file_overwrite) {
	global $MAX_FILE_SIZE, $userpath, $httppath;
	if(is_file($userpath."/".$file_name) && !$file_overwrite) {
		// figure out a new name
		$file_name1 = figure_new_name($file_name);
	} else {
		$file_name1 = $file_name;
	}

move_uploaded_file($file_tmp_name, $userpath."/".$file_name1) or die ("Could not copy");
$ans = "Your file <b>$file_name</b> is uploaded to <a href=\"$httppath/$file_name1\" target=\"_blank\">$httppath/$file_name1</a>";
return $ans;
} // end of function upload_file





// Note:
// I skiped the other functions in the middle cause its to big





if($action == "upload") {

$file_name = $_FILES['userfile'][name];
$file_error = $_FILES['userfile'][error];
$file_tmp_name = $_FILES['userfile']['tmp_name'];
$file_overwrite = $overwrite_me;

if(empty($file_name)) {
	print_error("Error", "No file selected.", "Back Home", $_SERVER['PHP_SELF']);
} else {
	if(error_checking($file_name, $file_tmp_name, $file_error)) {
		$msg = upload_file($file_name, $file_tmp_name, $file_overwrite);
		print_error("Success", $msg, "Back Home", $_SERVER['PHP_SELF']);
		display_upload_form();
	}
}

} // end of upload

Kudose

function error_checking($file_name, $file_tmp_name, $file_error) {
    global $MAX_FILE_SIZE, $userpath, $httppath;
    $type = str_replace('.','',strstr($file_name, '.'));
    if($type == "PHP" || $type == "php"){
    	print_error("Error, PHP files are not permitted to upload.");
    	return false;
    }
    if($file_error == 1) {
        print_error("Error", "The uploaded file <b>$file_nam</b> exceeds the upload_max_filesize directive in php.ini.");
        return false;
    } elseif($file_error == 2) {
        print_error("Error", "The file <b>$file_nam</b> you are uploading is bigger than the maximum size allowed: $MAX_FILE_SIZE bytes.");
        return false;
    } elseif($file_error == 3) {
        print_error("Error", "The uploaded file <b>$file_nam</b> was only partially uploaded.");
        return false;
    } elseif($file_error == 3) {
        print_error("Error", "No file <b>$file_nam</b> was uploaded.");
        return false;
    } else {
        return true;

}

} // end of function error_checking