i have written a php script which checks the image file for its extension.. such as JPG, JPEG, PNG, GIF uploaded thru an HTML form .
Now comes my problem which is, any 1 may upload any kind of file by giving it an extension of JPG, JPEG, PNG, GIF.
Can any one help me so that, one should strictly be able to upload only an image file and not any other file which carries just extension of Image file.
I tried hard .. but failed...Here is my php script which i have written
<?php
$target_dir = "images/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
$target_file = $target_dir . date('YmdHis') . '.' . $imageFileType;
if (file_exists($target_file)) {
echo "<h2>File with same name already exists. Try renaming your file and Uploading again.</h2>";
$uploadOk = 0;
}
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) {
echo "<h2>Only JPG, JPEG, PNG & GIF files are allowed.</h2>";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "<h2><mark>ERROR</mark> :Sorry, your file was not uploaded.</h2>";
echo "<a href='submitdesign.html'><h3>Click Here to TRY AGAIN.</h3></a>";
exit;
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "<h3>The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.</h3>";
} else {
echo "<h2><mark>ERROR</mark> : Maximum File Size Allowed is upto 2MB. Please Optimize your Image Size</h2>";
echo "<a href='submitdesign.html'><h3>Click Here to TRY AGAIN</h3></a>";
exit;
}
}
?>