Instead of $allowed, I want to create $deny; instead of a whitelist, I want to make a blacklist. Mainly because I want to accept all files, except for exe, com, or whichever I choose.
<?php
// A list of permitted file extensions
$allowed = array('jpg','txt');
if(isset($_FILES['upl']) && $_FILES['upl']['error'] == 0){
$extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION);
if(!in_array(strtolower($extension), $allowed)){
echo '{"status":"error"}';
exit;
}
if(move_uploaded_file($_FILES['upl']['tmp_name'], 'uploads/'.$_FILES['upl']['name'])){
echo '{"status":"success"}';
exit;
}
}
echo '{"status":"error"}';
exit;