Solved

Limit PHP Uploaded Files to CSV

Posted on 2008-09-30
2
338 Views
Last Modified: 2013-12-12
How can you limit & verify that an uploaded file is a .csv file using PHP.  Using the code for  
//This Works
if (!($uploaded_type=="image/gif")) {
echo "You may only upload .Gif files.<br>";
$ok=0;
} 
//This is ineffective
if (!($uploaded_type=="text/txt")) {
echo "You may only upload .CSV files.<br>";
$ok=0;
}

Open in new window

0
Comment
Question by:ITApprendista
2 Comments
 
LVL 48

Assisted Solution

by:hernst42
hernst42 earned 100 total points
ID: 22611405
Depending on the install the type might be "text/csv" and "text/comma-separated-values" But the best would be to look into the file, parse the first line and check the content
0
 
LVL 2

Accepted Solution

by:
idealws earned 400 total points
ID: 22611470
The below code will check to make sure the file has the .csv extension only if not it will print a error. If it does then it is uploaded and moved to the directory specified in the $datadir variable. You can then proceed to do what you need after the file is uploaded.
// Directory to upload to
$datadir = "data/";
// Lets get the file name
$uploadfile = $datadir.$_FILES['userfile']['name'];
$ext = strrchr($_FILES['userfile']['name'],'.');
if($ext != ".csv") {
    echo "Only CSV files are allowed to be uploaded";
    $error = 1;
}else{
    // Ad your upload code here
    if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
        // If this file is moved (uploaded do this
    }
}

Open in new window

0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question