I have the following code that am using as an upload script
$allowed_filetypes = array('.jpg', '.jpeg', '.gif', '.bmp', '.png');
$max_filesize = 262144;
$upload_normal_path = '../uploads/normal/';
$upload_thumb_path = '../uploads/thumbnail/';
if(isset($_POST['Submit']))
{
$filename = $_FILES['image']['name'];
$filesize = $_FILES['image']['size'];
$fileext = substr($filename, strpos($filename,'.'), strlen($filename)-1);
if(!in_array($fileext, $allowed_filetypes)){
$upload_status = "The file you attempted to upload is not allowed.";
}
if($filesize > $max_filesize){
$upload_status = "The file you attempted to upload is too large.";
}
$image_name = time().$fileext;
$newname = $image_name;
$moved = move_uploaded_file($_FILES['image']['tmp_name'],$upload_normal_path . $newname);
if(!$moved){
$upload_status = 'There was an error during the file upload. Please try again.';
} else {
$upload_status = 'Your file upload was successful, view the file <a href="' . $upload_normal_path . $newname . '" title="Your File">here</a>';
}
}
The script itself seems to work sometimes, but it seems to be skipping some of the situational IFs and ELSEs. For example, if the file size is greater than $filesize, i don't get the correct $upload_status which should say "The file you attempted to upload is too large", instead it seems to skip all the way to "There was an error during the file upload. Please try again". Also, sometime i can upload some MP3 or HTML files through, which means it's skipping the whole (!in_array($fileext, $allowed_filetypes)).
Any idea what could be causing these issues, and how to solve it. Best Regards
[RESOLVED] Thank you all for your time and answers, they are much appreciated. After taking a look at your answers, i did some code clearing until i get it to do exactly what i needed it to do.
So here is a copy for my current code, hoping that it will help any fellow developer that might encounter such issue.
Best Regards
Current Working Code:
function make_thumb($img_name,$filename,$new_w,$new_h)
{
$ext=getExtension($img_name);
if(!strcmp("jpg",$ext) || !strcmp("jpeg",$ext))
$src_img=imagecreatefromjpeg($img_name);
if(!strcmp("png",$ext))
$src_img=imagecreatefrompng($img_name);
$old_x=imageSX($src_img);
$old_y=imageSY($src_img);
$ratio1=$old_x/$new_w;
$ratio2=$old_y/$new_h;
if($ratio1>$ratio2) {
$thumb_w=$new_w;
$thumb_h=$old_y/$ratio1;
}
else {
$thumb_h=$new_h;
$thumb_w=$old_x/$ratio2;
}
$dst_img=ImageCreateTrueColor($thumb_w,$thumb_h);
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
if(!strcmp("png",$ext))
imagepng($dst_img,$filename);
else
imagejpeg($dst_img,$filename);
imagedestroy($dst_img);
imagedestroy($src_img);
}
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
$upload_status = "";
$max_filesize = 2097152;
$error = 0;
$allowed_filetypes = array('jpg', 'jpeg', 'png', 'JPG', 'JPEG', 'PNG');
if(isset($_POST['Submit']))
{
$image = $_FILES['image']['name'];
if ($image)
{
$filename = stripslashes($_FILES['image']['name']);
$sizekb = filesize($_FILES['image']['tmp_name']);
$extension = getExtension($filename);
$extension = strtolower($extension);
if(!in_array($extension, $allowed_filetypes)){
$upload_status = "<div id='file-upload'><div class='upload-bar-error'><span class='upload-error'>The file extension is not supported.</span></div></div>";
$error = 1;
}
if(isset($_SERVER['CONTENT_LENGTH']) && $_SERVER['CONTENT_LENGTH']> $max_filesize){
$upload_status = "<div id='file-upload'><div class='upload-bar-error'><span class='upload-error'>The file size has extended the size limit.</span></div></div>";
$error = 1;
}
if($error == 0){
$image_name=time().'.'.$extension;
$newname="../uploads/normal/".$image_name;
$newname_db = "uploads/normal/".$image_name;
copy($_FILES['image']['tmp_name'], $newname);
$thumb_name='../uploads/thumbnail/thumb_'.$image_name;
$thumb_name_db = 'uploads/thumbnail/thumb_'.$image_name;
$thumb = make_thumb($newname,$thumb_name,$thumb_width,$thumb_height);
$upload_status = "<div id='file-upload'><div class='upload-bar-success'><span class='upload-success'>The file has been uploaded successfully.</span></div></div>";
}
}
}