Page 1 of 1

Image upload... jpeg check is failing

Posted: Wed Jun 15, 2005 12:02 pm
by jwalsh
Hi,

I'm probably missing something stupid here (isn't that always the case). Just a simple file upload script, takes an image from a file input of a form, checks if it's a jpg and uploads. It's denying all jpg images... and I'm not sure what I'm doing wrong here.

Thanks,

Josh

Code: Select all

if (isset($Submit)) {
	if ($_FILES['imagefile']['type'] == "image/pjpeg"){ 
		copy ($_FILES['imagefile']['tmp_name'], "../gallery/".$_FILES['imagefile']['name'])
		or die ("Could not copy");
	} else {
			die("Please Only Upload JPEG images");
	}
	
		$ar_query="INSERT INTO gallery SET ArticleID ='$article', Title ='$title', Caption ='$caption', Sort ='$sort', Filename = '" .$_FILES['imagefile']['name']. "'";
		$ar_result = mysql_query($ar_query);
		header("Location: gallery.php?article=$article");
}

?>

Posted: Wed Jun 15, 2005 1:36 pm
by jwalsh
Made an update to my code to allow gif and jpegs, and found a couple problems... but it's still not working. Here's the entire file.

Thanks again,

Josh

Code: Select all

<? include("includes/head.php");

CheckIfAdmin($SecurityLvl);

function checkImgType($image_type,$image_name){
if((strcmp($image_type,"image/jpeg")==0)||(strcmp($image_type,"image/gif")==0)||
	(strcmp($image_type,"image/pjpeg")==0)||(strcmp($image_type,"image/jpg")==0))
	{
	switch($image_type){
	case "image/jpg":
	$imageExt=".jpg";
	break;
	case "image/jpeg":
	$imageExt=".jpg";
	break;
	case "image/pjpeg":
	$imageExt=".jpg";
	break;
	case "image/gif":
	$imageExt=".gif";
	break;
	}
	return $imageExt;
	}else
	{
	return 0;
	}
} 

if (isset($Submit)) {
	$checkimg = checkImgType($_FILES['imagefile']['type'] ,$_FILES['imagefile']['name']);
	if ($checkimg <> 0){ 
		copy ($_FILES['imagefile']['tmp_name'], "../gallery/".$_FILES['imagefile']['name'])
		or die ("Could not copy");
	} else {
		die("Please Only Upload JPEG or GIF images");
	}
	
		$ar_query="INSERT INTO gallery SET ArticleID ='$article', Title ='$title', Caption ='$caption', Sort ='$sort', Filename = '" .$_FILES['imagefile']['name']. "'";
		$ar_result = mysql_query($ar_query);
		header("Location: gallery.php?article=$article");
}

?>

	

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<title>Reality Group CMS</title>

<link href="includes/style.css" rel="stylesheet" type="text/css">

</head>



<body>

<? include("includes/navigation.php"); 



// GET ARTICLE DATA

$ar_query = "SELECT * FROM article WHERE ID = $article";

$ar_result = mysql_query($ar_query);

$ar_row = mysql_fetch_assoc($ar_result);

?>

<p class="bodytext">Gallery for <strong><? echo $ar_row['Title']; ?></strong>. </p>
<form action="addgallery.php" method="post" enctype="multipart/form-data" name='newgallery'>
<table width="400" class="bodytext">
	<tr>
		<td width=10><input name="article" type="hidden" class="bodytext" value="<? echo $ar_row['Title']; ?>">
		<input name="sort" type="hidden" class="bodytext" value="0"></td>
		<td width=90>Title:</td>
		<td width=300><input name="title" type="text" class="bodytext" size="60"></td>
	</tr>
	<tr>
		<td width=10></td>
		<td width=90>Image:</td>
		<td width=300><input name="imagefile" type="file" class="bodytext" size="60"></td>
	</tr>
	<tr>
		<td width=10></td>
		<td width=90>Caption:</td>
		<td width=300><input name="caption" type="text" class="bodytext" size="60"></td>
	</tr>
	<tr>
		<td width=10></td>
		<td width=90></td>
		<td width=300><input name="Submit" type="submit" class="bodytext"></td>
	</tr>
</table>
</form>
</body>

</html>

RESOLVED

Posted: Wed Jun 15, 2005 1:51 pm
by jwalsh
Told you it was stupid... I CHMOD'd the wrong directory.

Posted: Wed Jun 15, 2005 1:53 pm
by ol4pr0
try using substr();

example

Code: Select all

if (substr($FILE_NAME, 3) == "jpg") 
do //
else 
do this //
exit();

Posted: Wed Jun 15, 2005 2:12 pm
by jwalsh
Don't you mean...

Code: Select all

if (substr($FILE_NAME, -3) == "jpg")