Thank you for the suggestions Celauran and McInfo. I am not an expert on this and I really appreciate the help.
I have made the implementations you guys suggested, however, it still defeats my original point which was to check and display multiple errors if they exist.
In other words, once the script checks
Code: Select all
if (!in_array($_FILES['image']['type'][$number], $permitted)) {
$result[] = 'Permitted types are ' . implode(', ', $permitted) . '.';
}
It stops and gives out the error message without checking if the size of the file is also a problem. I want it to give both error messages if both the size and type are wrong but only one correspondent error message if only the size or type is wrong. That's why I did the whole True and False method.
My logic was that I would make them originally both false. Then I would have PHP check the type first, and give me a true or false on that. Then proceed to check the size and give me a true or false on that. If they both turned out True, the operation would go into the move file, if they were false I would do a error message based on the True or False combination:
Code: Select all
// execute only if size and type are TRUE.
if ($sizeOK && $typeOK) {
// execute file upload and give internal errors that will only occur after the file has been sent.
}
// execute only if size remained FALSE but type is TRUE.
elseif (!$sizeOK && $typeOK) {
$result = "Maximum size allowed is $max. The file \"$file\" is too big.";
}
// execute only if type remained FALSE but size is TRUE.
elseif (!$typeOK && $sizeOK) {
$result = "Only file types: gif, jpg, and png are accepted.";
}
// execute only if both type and size remained FALSE.
else {
$result = "The file \"$file\" is too big, the maximum size allowed is $max. <br /> The file also appears to be in a unsupported format, only file types: gif, jpg, and png are accepted.";
}
The problem is sizeOK and typeOK are not behaving like they are suppose to. They will block or submit if the file is completely wrong or completely right, they will not give me any response in between.
Contrary to before, these are the results I am getting:
If size and type are okay, I get:
$sizeOK = True
$typeOK = True
If size is too big, but the type is okay, I get:
$sizeOK = True
$typeOK = False
...makes no sense, the file is being blocked by the wrong operator.
If size is Okay, but the type is wrong, I get:
$sizeOK = True
$typeOK = False
...this one seems to be right.
If both the size and type are wrong, I get:
$sizeOK = True
$typeOK = False
...same as before.
It's almost like the typeOK will only return true if sizeOK is really TRUE. Almost like it knows when sizeOK is lying. lol
Also McInfo, if you know any good articles or tutorials for me to "Make the file name sanitization more robust" please let me know.