#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2003
    Location
    denmark
    Posts
    30
    Rep Power
    15

    file upload - image files ONLY


    Hello ppl.

    I have created a system for uploading files. You can upload whatever you want, but as I am going to use the system for uploading files to an image gallery, you should be restricted to upload in the following formats: jpeg, jpg, gif, png.

    How excactly do I execute this? Feel free to take a look at my source code:
    PHP Code:
    <?php
    // include og sådan nogen ting
    ob_start();
    session_start();
    include(
    "db.inc.php");

    ?>
    Code:
    <html>
    <head>
    <title>Jaguar.dk</title>
    <link href="jaguar.css" rel="stylesheet" type="text/css">
     <script>
    	function submitForm() {
    		if (window.event.keyCode == 13) {
    			document.add.submit();
    		}
    	}
    </script>
    </head>
    <body bgcolor="a0bbd0">
    <table width="750" height="100%" border="0" cellpadding="0" cellspacing="0">
      <tr>
        <td width="160" valign="top" class="text1">
    PHP Code:
    <?php
    $res 
    mysql_query("SELECT * from users where username = '$username'");
              
    session_register("user"); $user mysql_fetch_array($res);
              if(
    $_SESSION['user']['level'] >= 1) {
                  include(
    "loggedin.php");
              } else {
        include(
    "login.php");
    }
    ?>
    Code:
    </td>
        <td valign="top" class="text1">
    	<form action="addbil.php" method="post" name="add" id="add" enctype="multipart/form-data">
      <table width="590" border="0" cellspacing="0" cellpadding="0" class="text1">
        <tr>
          <td width="174">Navn:</td>
          <td width="416"><input name="navn" type="text" class="login" id="navn"></td>
        </tr>
        <tr>
          <td>Motor:</td>
          <td><input name="motor" type="text" class="login" id="motor"></td>
        </tr>
        <tr>
          <td>Topfart:</td>
          <td><input name="topfart" type="text" class="login" id="topfart"></td>
        </tr>
        <tr>
          <td>Pris:</td>
          <td><input name="pris" type="text" class="login"></td>
        </tr>
        <tr>
          <td>Acceleration:</td>
          <td><input name="Acceleration" type="text" class="login" id="acceleration"></td>
        </tr>
        <tr>
          <td>Gear:</td>
          <td><input name="gear" type="text" class="login" id="gear"></td>
        </tr>
        <tr>
          <td>Billede 1: </td>
          <td><input name="billed" type="file" class="login" id="billed"></td>
        </tr>
        <tr>
          <td>Billede 2: </td>
          <td><input name="billed2" type="file" class="login" id="billed2"></td>
        </tr>
        <tr>
          <td>Billede 3: </td>
          <td><input name="billed3" type="file" class="login" id="billed3"></td>
        </tr>
        <tr>
          <td colspan="2"><a href="javascript:document.add.submit();" class="midt">Add bil</a></td>
        </tr>
      </table>
      <input type="hidden" name="MAX_FILE_SIZE" value="30000">
    </form>
    PHP Code:
    <?php
    function billed()
    {
        global 
    $_FILES;
        global 
    $file;
        global 
    $filtyper;

    $dir "Biler/";
    $file $dir$_FILES['billed']['name'];

    $filtyper = array("jpeg""jpg""gif""png");

    $extension end(explode('.'$_FILES['billed']['name']));

    if (!
    in_array($extension$filtyper))
    {
    echo 
    "fejl i opload";
    }
    else
    {
    move_uploaded_file($_FILES['billed']['tmp_name'], $file);
    }
    };

    function 
    billed2()
    {
        global 
    $_FILES;
        global 
    $file2;
        global 
    $filtyper2;

    $dir2 "Biler/";
    $file2 $dir2$_FILES['billed']['name'];

    $filtyper2 = array("jpeg""jpg""gif""png");

    $extension2 end(explode('.'$_FILES['billed']['name']));

    if (!
    in_array($extension2$filtyper2))
    {
    echo 
    "fejl i opload";
    }
    else
    {
    move_uploaded_file($_FILES['billed2']['tmp_name'], $file2);
    }
    };

    function 
    billed3()
    {
        global 
    $_FILES;
        global 
    $file3;
        global 
    $filtype3r;

    $dir3 "Biler/";
    $file3 $dir$_FILES['billed']['name'];

    $filtyper3 = array("jpeg""jpg""gif""png");

    $extension3 end(explode('.'$_FILES['billed']['name']));

    if (!
    in_array($extension3$filtyper3))
    {
    echo 
    "fejl i opload";
    }
    else
    {
    move_uploaded_file($_FILES['billed']['tmp_name'], $file3);
    }
    };


    if (
    $_SERVER["REQUEST_METHOD"] == "POST") {
        
    billed();
        
    billed2();
        
    billed3();
        
    mysql_query("insert into modeller (modelnavn) values ('$_POST[navn]')") or die (mysql_error());
        
    $modelnr mysql_query("select modelnr from modeller order by modelnr desc") or die (mysql_error());
        
    $r mysql_fetch_array($modelnr);
        
    mysql_query("INSERT INTO biler (modelnr, billed, billed2, billed3, navn, pris, gear, topfart, motor, Acceleration) values ('$r[modelnr]', '$file', '$file2', '$file3', '$_POST[navn]', '$_POST[pris]', '$_POST[gear]', '$_POST[topfart]', '$_POST[motor]', '$_POST[Acceleration]')") or die (mysql_error());
        
    header("location: index.php");
    }
    ?>
    Code:
    	</td>
      </tr>
    </table>
    thanks in advance
    visit zyxep.dk
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2003
    Posts
    24
    Rep Power
    0
    I didn't read your code but have somewhat of a solution.

    Use the php function strpos find out where the last decimal (.) is in the filename being uploaded. Substr the rest of it to get the file extension and make sure it ends with the formats you wish to allow. If it is a gif, jpg, jpeg then you are likely in business.

    Love to know if you think that will suffice.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2003
    Location
    denmark
    Posts
    30
    Rep Power
    15
    ok ill try that thx
  6. #4
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2003
    Posts
    24
    Rep Power
    0
    It actually looks like your code has some type of screening/filter built in, not sure if if works the way you wish however.

    $filtyper2 = array("jpeg", "jpg", "gif", "png");

    $extension2 = end(explode('.', $_FILES['billed']['name']));

    if (!in_array($extension2, $filtyper2))

IMN logo majestic logo threadwatch logo seochat tools logo