Hi again,
I am trying to filter an upload so ONLY Mp3 files are allowed. My eyes are now bleeding since I have read soooo many posts and tutorials and I am just at a point to cry for help! What am I doing wrong???? The code was mostly generated by PhPFormGenerator. The code below is from the "process.php" file.
<?php
include("global.inc.php");
$errors=0;
$error="The following errors occured while processing your entry.<ul>";
pt_register('POST','band');
pt_register('POST','contact');
pt_register('POST','phone');
pt_register('POST','address');
pt_register('POST','city');
pt_register('POST','state');
pt_register('POST','zip');
pt_register('POST','email');
pt_register('POST','website');
pt_register('POST','bio');
$bio=preg_replace("/(\015\012)|(\015)|(\012)/"," <br />", $bio);$entry=$HTTP_POST_FILES['entry'];
$image=$HTTP_POST_FILES['image'];
pt_register('POST','genre');
if($band=="" || $contact=="" || $phone=="" || $address=="" || $city=="" || $state=="" || $zip=="" || $email=="" || $entry=="" || $genre=="" ){
$errors=1;
$error.="<li>You did not enter one or more of the required fields. All fields marked with an asterisk are required. Please go back and try again.";
}
//right here is where I am going wrong, somewhere!
function filecheck($entry)
{
$ext = strrchr($entry,'.');
$FileType = array (".mp3");
if ( in_array ($ext, $FileType) )
return TRUE;
else
return FALSE;
}
if (filecheck($entry) == FALSE )
$error.="<li>The music file that you tried to upload is not a valid format. File must be in Mp3 format";
//I can upload any type of file, regardless of the statement
if(!is_uploaded_file($HTTP_POST_FILES['entry']['tmp_name'])){
$error.="<li>The Mp3 file, ".$HTTP_POST_FILES['entry']['name'].", was not uploaded!";
$errors=1;
}
if($HTTP_POST_FILES['image']['tmp_name']==""){ }
else if(!is_uploaded_file($HTTP_POST_FILES['image']['tmp_name'])){
$error.="<li>The file, ".$HTTP_POST_FILES['image']['name'].", was not uploaded!";
$errors=1;
}
if(!eregi("[a-z0-9]+([\.-][a-z0-9]+)" ."@"."([a-z0-9]+([.-][a-z0-9]+))+"."\.[a-z]{2,}"."$",$email)){
$error.="<li>Invalid email address entered";
$errors=1;
}
if($errors==1) echo $error;
else{
$image_part = date("h_i_s")."".$HTTP_POST_FILES['entry']['name'];
$image_list[10] = $image_part;
copy($HTTP_POST_FILES['entry']['tmp_name'], "files/".$image_part);
$image_part = date("h_i_s")."_".$HTTP_POST_FILES['image']['name'];
$image_list[11] = $image_part;
copy($HTTP_POST_FILES['image']['tmp_name'], "files/".$image_part);
$where_form_is="http://www.XXX.com/phpform/use/bb2005/";
//$where_form_is="http".($HTTP_SERVER_VARS["HTTPS"]=="on"?"s":"")."://".$SERVER_NAME.strrev(strstr(strrev($PHP_SELF),"/"));
$message="band: ".$band."
contact: ".$contact."
phone: ".$phone."
address: ".$address."
city: ".$city."
state: ".$state."
zip: ".$zip."
email: ".$email."
website: ".$website."
bio: ".$bio."
entry: ".$where_form_is."files/".$image_list[10]."
image: ".$where_form_is."files/".$image_list[11]."
genre: ".$genre."
";
$message = stripslashes($message);
mail("X@X.com","X...",$message,"From: X");
$link = mysql_connect("SERVER","TABLE","P/W");
mysql_select_db("battle2",$link);
$query="insert into tbb2005 (band,contact,phone,address,city,state,zip,email,website,bio,entry,image,genre) values ('".$band."','".$contact."','".$phone."','".$address."','".$city."','".$state."','".$zip."','".$email."','".$website."','".$bio."','".$where_form_is."files/".$image_list[10]."','".$where_form_is."files/".$image_list[11]."','".$genre."')";
mysql_query($query);
?>
