(I'm aware of sql injections this is just a test file, I will fix that issue later on.)
I'm working on a website that allows users to post content. They have the option of uploading photos or videos. I have an if statement that checks to see if the file extension matches an array of allowed extensions before posting it within a specific folder. The only problem is that the if statement is detecting some sort of issue with with the variables included. Does anyone have an explanation or a theory to help?
I've searched all through this website with similar titles but I've found nothing to actually solve my specific issue.
This is the specific if statement that is returning false.
if (in_array($fileActualExt, $allowed)) {
I believe this is all of the relevant code, let me know if you need something other than this.
<?php
function setUploads($conn) {
if (isset($_POST['uploadSubmit'])) {
$file = $_FILES['file'];
$fileName = $file['name'];
$fileTmpName = $file['tmp_name'];
$fileSize = $file['size'];
$fileError = $file['error'];
$fileType = $file['type'];
$fileExt = explode('.', $fileName);
$fileActualExt = strtolower(end($fileExt));
$allowed = array('jpg', 'jpeg', 'png', 'pdf', 'gif', 'mp4', 'mov', 'avi', 'mpeg4');
$pictureExt = array('jpg', 'jpeg', 'png', 'gif');
$videoExt = array('mp4', 'mov', 'avi', 'mpeg4');
if (in_array($fileActualExt, $allowed)) {
if ($fileError === 0) {
if ($fileSize < 5000000) { }
else {
$fileid = 0;
// I removed irrelevant code here
}
}
else {
header("Location: index.php?error1");
exit();
}
}
else {
header("Location: index.php?error2");
exit();
}
}
else {
header("Location: index.php?error3");
exit();
}
?>