mattyvx Posted November 28, 2010 Share Posted November 28, 2010 Hi all, I've been struggling to develop a robust image upload validation script. I have an area on my site where users can upload a profile picture into a directory so, to keep it clean and safe here is what I want: 1) Script must work in IE and Firefox 2) Script must only allow image files to be uploaded 3) Images shouldn't be unreasonable in size say 4mb max. Currently i'm using this if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 40000)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { if (file_exists("profiles/images/$filegif")) { unlink("profiles/images/$filegif"); } if (file_exists("profiles/images/$filejpeg")) { unlink("profiles/images/$filejpeg"); } move_uploaded_file($_FILES["file"]["tmp_name"], "profiles/images/" .$name); } //.... send me email to let me view picture ....// } else { echo "Invalid file - Only Gif or Jpeg files may be uploaded."; ///... send me error message to let me know user having problems .../// } } Some users upload fine (is this browser compatability?), mostly I get alot or error messages though and have to upload manually. Thanks in advance! Quote Link to comment Share on other sites More sharing options...
requinix Posted November 28, 2010 Share Posted November 28, 2010 You can't rely on the "type" in $_FILES. You should be determining it yourself, either by looking at the extension or by using a function like (the poorly named) getimagesize. As for more specific help, it depends what those error messages say. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.