How to check for valid extension [imagefiles], for a webuploading script that uploads mutliple files?

Hey all

Ok first off, I have searched the net and found several scripts, that im trying to combine, [credits will be given to the authors eventually, no worries] the following is the script, that gives the option to upload files. It works great, but any kind of file can be uploaded, and that is a risk i think. I have no idea to loop through the files firstly to show the result of each one, and then secondly to see if they are valid extensions [jpg/gif imagefiles]

I have the working version at my server, which is http://www.superliegebeest.nl/eva/upl/test.php


the startpage
=========================
test.php
=========================
<form name="form1" method="post" action="test.php">
  <p><font face="Verdana">Hoeveel bestanden wil je uploaden? Max = 9.</font></p>
  <p>
<input type="checkbox" name="ch" value="1" onClick="dodo(this)">1
<input type="checkbox" name="ch" value="2" onClick="dodo(this)">2
<input type="checkbox" name="ch" value="3" onClick="dodo(this)">3
<input type="checkbox" name="ch" value="4" onClick="dodo(this)">4
<input type="checkbox" name="ch" value="5" onClick="dodo(this)">5
<input type="checkbox" name="ch" value="6" onClick="dodo(this)">6
<input type="checkbox" name="ch" value="7" onClick="dodo(this)">7
<input type="checkbox" name="ch" value="8" onClick="dodo(this)">8
<input type="checkbox" name="ch" value="9" onClick="dodo(this)">9
</p>
  <p><input type="hidden" name="go" value="go">
    <input type="submit" name="Verzenden" value="Verzenden" class="button">
  </p>
</form>
<br>
<form name="form2" enctype="multipart/form-data" method="post" action="upload3.php">
<p>
<?
  $uploadNeed = $_POST['ch'];
  if ($uploadNeed <= 9){
  for($x=0;$x<$uploadNeed;$x++){
 ?>
            <input class="button" name="uploadFile<? echo $x;?>" type="file" id="uploadFile<? echo $x;?>">
            </p>
<?
  }
  }
?>

<input type="hidden" name="go2" value="go2">
<p><input name="uploadNeed" type="hidden" value="<? echo $uploadNeed;?>">
   <input type="submit" name="Verzenden2" value="Verzenden" class="button">
 </p>
</form>
==========================
end of test.php
==========================


==========================
upload3.php
==========================
<?php

/* stuff to autmatically get the url to the file*/
$url = $_SERVER["SERVER_URL"];
list ($url, $query_string)
  = explode ('?', $_SERVER ['REQUEST_URI'], 2);
$urldir = dirname ($url . 'x');
/* end stuff for url */

/* start processing files*/
$uploadNeed = $_POST['uploadNeed'];
  for($x=0;$x<$uploadNeed;$x++)
{
$file_name = $_FILES['uploadFile'. $x]['name'];
$file_name = stripslashes($file_name);
$file_name = str_replace("'","",$file_name);
$copy = copy($_FILES['uploadFile'. $x]['tmp_name'],$file_name);

if ($copy)
{
echo "$file_name | geupload!<br>Gebruik de volgende link om er naar te linken<br>http://$HTTP_HOST$urldir/$file_name<br>";
echo "<img src='http://$HTTP_HOST$urldir/$file_name' width='100px' height='100px'><br>";
echo "<textarea rows=1 cols=100 wrap='off'><img src='http://$HTTP_HOST$urldir/$file_name'></textarea><br>";
 }

else
{
 echo "$file_name | NIET geupload!<br>";

 }

}
?>
=============================
end of upload3.php
=============================


The following is such a filetype checking scriptcode, but i cannot place it anywhere, so that is works

$allowed_ext = "jpg";
$extension = pathinfo($_FILES['uploadFile'. $x]['name']);
$extension = $extension[extension];
$trueextension =   strtolower($extension);
 if ($allowed_ext == "$trueextension"){
   
if valid, it should continue with the script, but also check the next file, if not valid it should not continue with the script for this file but still continue to the next file

Can anyone help me with this?
LVL 1
fdehellAsked:
Who is Participating?
 
babuno5Connect With a Mentor Commented:
try this it should help
==========================
upload3.php
==========================
<?php

/* stuff to autmatically get the url to the file*/
$url = $_SERVER["SERVER_URL"];
list ($url, $query_string)
  = explode ('?', $_SERVER ['REQUEST_URI'], 2);
$urldir = dirname ($url . 'x');
/* end stuff for url */

/* start processing files*/
$uploadNeed = $_POST['uploadNeed'];
  for($x=0;$x<$uploadNeed;$x++)
{
$file_name = $_FILES['uploadFile'. $x]['name'];
$file_name = stripslashes($file_name);
$allowed_ext = "jpg";
$extension = pathinfo($_FILES['uploadFile'. $x]['name']);
$extension = $extension[extension];
$trueextension =   strtolower($extension);
 if ($allowed_ext != "$trueextension"){
continue;
}
$file_name = str_replace("'","",$file_name);
$copy = copy($_FILES['uploadFile'. $x]['tmp_name'],$file_name);

if ($copy)
{
echo "$file_name | geupload!<br>Gebruik de volgende link om er naar te linken<br>http://$HTTP_HOST$urldir/$file_name<br>";
echo "<img src='http://$HTTP_HOST$urldir/$file_name' width='100px' height='100px'><br>";
echo "<textarea rows=1 cols=100 wrap='off'><img src='http://$HTTP_HOST$urldir/$file_name'></textarea><br>";
 }

else
{
 echo "$file_name | NIET geupload!<br>";

 }

}
?>
=============================
end of upload3.php
=============================
0
 
TeRReFCommented:
I think something like this. By the way:
Your code is hard to read because of your indentation. I suggest a different approach (I know, who am I to tell you what to do :) )
I mean, it is fine if you like it like this, but if other people have to work with the same code, an other way to indent could help...

/* start processing files*/
$uploadNeed = $_POST['uploadNeed'];
  for($x=0;$x<$uploadNeed;$x++) {
    $file_name = $_FILES['uploadFile'. $x]['name'];
    $allowed_ext = "jpg";
    $extension = pathinfo($filename);
    $extension = $extension[extension];
    $trueextension =   strtolower($extension);
    if ($allowed_ext == "$trueextension"){
      $file_name = stripslashes($file_name);
      $file_name = str_replace("'","",$file_name);
      $copy = copy($_FILES['uploadFile'. $x]['tmp_name'],$file_name);
      if ($copy) {
        echo "$file_name | geupload!<br>Gebruik de volgende link om er naar te linken<br>http://$HTTP_HOST$urldir/$file_name<br>";
        echo "<img src='http://$HTTP_HOST$urldir/$file_name' width='100px' height='100px'><br>";
        echo "<textarea rows=1 cols=100 wrap='off'><img src='http://$HTTP_HOST$urldir/$file_name'></textarea><br>";
     }
  } else {
     echo "$file_name | NIET geupload!<br>";
  }

tot later :)
0
 
fdehellAuthor Commented:
Hey Terref!

Actually I have been going nuts from my way of writing the code, i dont know the proper way, please tell me since i really dont know how i can make it readable, thx voor je antwoord alvast!
0
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

 
fdehellAuthor Commented:
Hey both of you,

Babonu5 fixed it , many thx, I tested yours Terref, but yours did not upload it unfortunately, therefore the points will go to Babonu5, but appreciation to the both of you for very fast answers and the help itself thx soo much!

With respect

Fdehell
0
 
TeRReFCommented:
Well, the way I submitted my code is an example. But instead of 2 spaces, you should use a tab.
Here's another short example (the example itself doesn't make sense at all, it's about the identation :) ):
<?php

      function myFunction() {
            $myVar = array();
            for ($i = 0; $i < 5; $i++) {
                  $myVar[] = $i;      
            }
      }
     
      $myArray = myFunction();
      print_r($myArray);
      echo "<br>Einde van dit rare script";

?>
0
 
fdehellAuthor Commented:
Thank you very much Terref
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.