Link to home
Start Free TrialLog in
Avatar of taynet29
taynet29

asked on

Pear (HTTP_Upload) - Exceptable File Types

How can I have this Pear (HTTP_Upload) library only allow image files (ex. jpegs, gifs, bitmap, ect.)?  Please use the snippet to demonstrate.  Thanks in advance for your help.
<?php
require 'HTTP/Upload.php';
//$lang = "en";
$upload = new HTTP_Upload("en");
$files = $upload->getFiles();
$_SESSION['path'] = "../uploads/";
foreach($files as $file){
    if (PEAR::isError($file)) {
        echo $file->getMessage();
    }
    if ($file->isValid()) {
        $file->setName("uniq");
        $dest_name = $file->moveTo("../uploads/");
        if (PEAR::isError($dest_name)) {
            echo $dest_name->getMessage();
        }
        $real = $file->getProp("real");
        $name = $file->getProp("name");
    } elseif ($file->isMissing()) {
        //echo "No file was provided.";
    } elseif ($file->isError()) {
        echo $file->errorMsg();
    }
    if (!empty($real)) {
          $_SESSION['fid'][] = insert_files($name, $real);
          $_SESSION['name'][] = $name;
          $_SESSION['real'][] = $real;
        echo "<br />";
        print_r($_SESSION);
    }
}
?>

Open in new window

Avatar of wildzero
wildzero
http://www.scanit.be/uploads/php-file-upload.pdf
Have a look at that.
Just checking the file extension is not enough, have a read of that pdf - it provides examples and reasons why.

Avatar of Joe Wu
Joe Wu
Flag of Australia image
I am not sure exactly how your script works, however the below script is a simple extension filtering script which (at the moment) does nothing apart from echoing out the filtered files. Maybe you can implement and make use of it in your script?
Remember you have to change your extensions allwed and the file path accordingly.
Sorry I do not remember who wrote the script originally, but I did modify parts of it to suite my needs.
<?php
$image_file_path = 'images/'; // Directory of your Images
$regpattern = '.jpg$|.jpeg$|.png$|.tif$|.gif$'; // Extensions allowed
$d = dir($image_file_path) or die("Wrong path: $image_file_path");
 
while (false !== ($entry = $d->read())) 
{
	if($entry != '.' && $entry != '..' && !is_dir($dir.$entry) && ereg($regpattern,$entry))
	{
		$Images[] = $entry;
	}
}
$d->close();
$i=0;
 
while($i<count($Images))
{
	echo "<div><img src=\"" . $image_file_path . $Images[$i] . "\"/></div>"; // Outputs all the images into the webpage betwee DIV tags.
	$i++;
}
 
?>

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of wildzero
wildzero
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial