Page 1 of 1

How to add image file upload restrictions - Solved

Posted: Mon Aug 25, 2008 5:52 pm
by kmedia
Hello all.
I've been trying for a few days to get file size and file type restrictions to work with the following Swift code:

Code: Select all

//Check if an attachment was uploaded
$file_path = false;
$file_name = false;
$file_type = false;
if (!empty($_FILES["attachment"]["tmp_name"]))
{
    if ($_FILES["attachment"]["error"])
    {
        //Redirect if the upload has failed
        header("Location: ./form.php?error=upload_failed");
        exit();
    }
    $file_path = $_FILES["attachment"]["tmp_name"];
    $file_name = $_FILES["attachment"]["name"];
    $file_type = $_FILES["attachment"]["type"];
}
//Everything looks ok, we can start Swift
 
Here's some code I found on the web that I'd like to include (or something similar). I think I've been close, but can't get it to work. I either get errors or it lets invalid files go through.

Code: Select all

if (($_FILES["attachment"]["type"] == "image/gif")
  || ($_FILES["attachment"]["type"] == "image/jpeg")
  || ($_FILES["attachment"]["type"] == "image/png" )
  && ($_FILES["attachment"]["size"] < 10000))
For reference, the entire form code is here:
http://www.swiftmailer.org/wikidocs/v3/ ... /form2mail

I'm not very proficient with PHP and it would be great if anyone has better ideas of how to accomplish this. Any help would be greatly appreciated.

Thanks!
Kevin

Re: How to add image file upload restrictions

Posted: Mon Aug 25, 2008 6:32 pm
by marcth
php.net has all the answers to your PHP form questions. Read http://ca.php.net/manual/en/features.file-upload.php (Look for MAX_FILE_SIZE).

Hope this helps!

Re: How to add image file upload restrictions

Posted: Mon Aug 25, 2008 7:01 pm
by kmedia
marcth wrote:php.net has all the answers to your PHP form questions. Read http://ca.php.net/manual/en/features.file-upload.php (Look for MAX_FILE_SIZE).
Hope this helps!
Thanks Marc, but that's one of the many, many links I've looked at over the past couple of days.
My problem is, I don't know where to insert the code, and format it correctly to get it to work... example:

The file validation code needs to fall somewhere between these 2 areas of the present code:

Code: Select all

$file_path = false;
$file_name = false;
$file_type = false;
if (!empty($_FILES["attachment"]["tmp_name"]))
{
    if ($_FILES["attachment"]["error"])
    {
        //Redirect if the upload has failed
        header("Location: ./form.php?error=upload_failed");
        exit();
<file validation code>

Code: Select all

$file_path = $_FILES["attachment"]["tmp_name"];
    $file_name = $_FILES["attachment"]["name"];
    $file_type = $_FILES["attachment"]["type"];
I can't get everything to peacefully co-exist.. and ummm... work. The if statements are giving me trouble.. I think I know just enough to know what needs to be done, I just don't know how to get it to work. :|

Thanks again, Kevin

Also..

Here's what I presently have and I'd think it would work, but it still lets JPGs go through:

Code: Select all

//Check if an attachment was uploaded
$file_path = false;
$file_name = false;
$file_type = false;
if (!empty($_FILES["attachment"]["tmp_name"]))
{
    if ($_FILES["attachment"]["error"])
    {
        //Redirect if the upload has failed
        header("Location: ./form.php?error=upload_failed");
        exit();
    }
if (($_FILES["attachment"]["type"] == "image/gif")
  || ($_FILES["attachment"]["type"] == "image/tif")
  || ($_FILES["attachment"]["type"] == "image/png" )
  && ($_FILES["attachment"]["size"] < 2621440))
    {
     if ($_FILES["attachment"]["error"] > 0)
        {    //Redirect if the upload has failed
        header("Location: ./form.php?error=invalid_file");
        exit();
        }
    }
    $file_path = $_FILES["attachment"]["tmp_name"];
    $file_name = $_FILES["attachment"]["name"];
    $file_type = $_FILES["attachment"]["type"];
}
//Everything looks ok, we can start Swift
I got the file restriction code from: http://www.w3schools.com/PHP/php_file_upload.asp

Re: How to add image file upload restrictions

Posted: Mon Aug 25, 2008 8:52 pm
by marcth
I apologize for my earlier post...I misunderstood the problem completely. I don't think any help I can offer will be useful. Maybe, instead of looking at the MIME type, why not check the file extension? There's a PHP function called pathinfo() that'll return an associative array of the file parts:

Code: Select all

 
print '<pre>';
print_r(pathinfo($_FILES['attachment']);
print '</pre>';
 
I'm hope this helps. Good luck!

Re: How to add image file upload restrictions - solved

Posted: Mon Aug 25, 2008 10:08 pm
by kmedia
Woohoo!
I finally have it... May not be pretty to those who know PHP, but it's a thing of beauty to me because it's working.. I ended up having to keep the file type/size verification separate from checking for the file upload script.. and placed it further down in the document.

For what it's worth, and if anyone cares.. here's my solution (if anyone knows a more efficient way, please share):

Code: Select all

//Begin file upload restrictions
//Check if file has been uploaded
if((!empty($_FILES['attachment'])) 
&& ($_FILES['attachment']['error'] == 0)) 
{
//Check for file size
if ($_FILES['attachment']['size'] < 2650000) 
      {
   } else {
      //redirect back to form
       header('Location: ./form.php?error=invalid_size'); //This should really be an absolute URL if you know it
      exit();
  }
  //Check for file type
  $filename = basename($_FILES['attachment']['name']);
  $ext = substr($filename, strrpos($filename, '.') + 1);
    if (($ext == 'pdf' || $ext == 'tif' || $ext == 'tiff'
       || $ext == 'gif' || $ext == 'jpg' || $ext == 'jpeg'  || $ext == 'jpe')
    && ($_FILES['attachment']['type'] == 'application/pdf') 
    || ($_FILES['attachment']['type'] == 'application/x-pdf')
    || ($_FILES['attachment']['type'] == 'image/gif')
    || ($_FILES['attachment']['type'] == 'image/jpg')
    || ($_FILES['attachment']['type'] == 'image/jpeg')
    || ($_FILES['attachment']['type'] == 'image/pjpeg')
    || ($_FILES['attachment']['type'] == 'image/tif')
    || ($_FILES['attachment']['type'] == 'image/tiff'))
       {
    } else {
       //redirect back to form
       header('Location: ./form.php?error=invalid_file');
      exit();
   }
 } 
   else {
   }
//End file upload restrictions
 
Thanks for your efforts Marc..
Kevin

Re: How to add image file upload restrictions - Solved

Posted: Fri Aug 29, 2008 3:15 am
by walkout
To check for file Extension you can use - substr($filename, strrpos($filename, ".") + 1); it will return file name extension

To check for File type and File size this might help

if((!emptyempty($_FILES["image"])) && ($_FILES["image"]["error"] == 0))
{
if (($file_ext!="jpg") && ($userfile_size > $max_file))
{
$error= "ONLY jpeg images under 1MB are accepted for upload";
}
}
else
{
$error= "Select a jpeg image for upload";
}
And one more thing don't forget to initialize $_FILES super global for name , tmp and size to a variable.

Hope it help's
Baldaris