Freelance Web Designer East Sussex
PHP file upload
<< Renaming file | Limiting file size >>
All my tutorials are completely free of charge. If you found them useful and would like to make a donation towards the new tutorials, please click the button below.
Restricting file types
You may also want to narrow the list of the file types which users can upload to your server through the form – let´s say you want visitors to only be able to upload .gifs, .jpgs, and .pngs and restrict all other types.
$file = strtolower($file); :
// allow MIME file types
$filetype = array('image/gif','image/jpeg','image/pjpeg','image/png');
We have added gif, jpeg and png to our array – which means that only files with these extensions will be allowed to be uploaded.
To ensure that the Internet Explorer will accept jpeg files we had to add image/pjpeg as well – otherwise form would reject all jpeg files submitted via Internet Explorer.
Add the following on the next line:
$ftype = false;
This is assuming that the file type is incorrect by assigning value false to the new variable called $ftype and until our next piece of code will check and approve that the file type is ok, none of the files will be uploaded.
Create new line and type the following foreach loop which validates the file type:
// check if uploaded file type is allowed
foreach($filetype as $type) {
if ($type == $_FILES['frmfile']['type']) {
$ftype = true;
break;
}
}
The foreach() loop takes the values from the $filetype array which stores allowed file types and assigns them to the temporary variable called $type.
The if condition compares the uploaded file extension to the values in our array and if the match has been found the $ftype changes its status to true and the loop is terminated.
Now we need to apply the condition to our move_uploaded_file() function – so that it isn´t executed until we know that the $ftype is set to true.
Change the move_uploaded_file() function to read:
if ($ftype) {
// move file to the 'uploads' folder
move_uploaded_file($_FILES['frmfile']['tmp_name'],UPL_FLD.$file);
} else {
$msg = 'Incorrect file type';
}
The if condition checks if the $ftype is set to true, in which case the move_uploaded_file() function is executed. If the condition is set to false then the new variable called $msg is created and the message informing about the problem is assigned to it.
Now above your form type the following – which will display the message if the file type is incorrect:
<?php if (isset($msg)) { echo '<p class="warning">'.$msg.'</p>'; } ?>
Now try to test your page in the browser. First upload the file with any of the allowed extensions and then upload the file with the different extension. If you upload the file with the file extension which isn´t listed in our array - you should get an error message above your form (Fig. 04).
Fig. 04
In the next section I´m explaining how to restrict the file size of the uploaded file.
Website Design Company | Small Business Web Site Design | Ecommerce Web Site Design | Web Design Tutorials
UK Content Management System | Database Design | Flash Animation | Web Designer Resources | Independent Web Hosting Review
Illustrator Tutorial | Web Design Tutorials | Chichester Restaurants
© Freelance Web Designer - Sebastian Sulinski | Valid CSS | Valid XHTML
