I'm new to file uploading, and I realize that security is HUGE. Now per testing purposes before I really wanted to dive into the security I wanted to just get a quick test upload going, when I tried the following "security"
<?PHP
$name = $_FILES['file']['name'];
$type = $_FILES['file']['type'];
$tmp_name = $_FILES['file']['tmp_name'];
if(isset($name)) {
if (!empty($name)) {
$location = "ufiles/";
if($_FILES['file']['type'] == "images/jpeg" || $_FILES['file']['type'] == "images/png"){
move_uploaded_file($tmp_name, $location.$name);
}
}
}
?>
This code does not appear to work, and the file will not upload unless I take off the file type check point. So it's obviously my issue. But why does this not work?
also: I realize it's not a very effective way of securing file types, but it seems most simply logical, and I'm just very confused why it doesn't work.
Edit ALWAYS CHECK YOUR SYNTAX. lol
if($_FILES['file']['type'] == "images/jpeg" || $_FILES['file']['type'] == "images/png")
