I'm doing a simple website in PHP, and I'm using DropzoneJS for uploading files.
I'm attempting to allow only the following extensions:
pdf, png, jpg, jpeg, bmp and txt
.
Any help please ? Sorry for bad english
Here's my upload.php code
$ds = DIRECTORY_SEPARATOR;
$foldername = "../common/uploads";
if (!empty($_FILES)) {
$fileupload = basename( $_FILES['file']['name']);
$fileType = $_FILES['file']['type'];
$fileSize = $_FILES['file']['size'];
$tempFile = $_FILES['file']['tmp_name'];
$targetPath = dirname( __FILE__ ) . $ds. $foldername . $ds;
$targetFile = $targetPath. $fileupload;
move_uploaded_file($tempFile,$targetFile);
$upload_info = "Filetype : <b>".$fileType."</b> <br>File size : <b>".$fileSize."</b><br>File name : <b> ".$fileupload."</b>";
add_to_log($_SESSION['username'], 'upload', $upload_info);
}
Cheers , MrZ.
First of all, it doesn't matter if its the dropzone sending the file or a file upload input. It eventually is going to end up in the variable $_FILES. Even if restricted by the dropzone, you should keep the validation server side.
So all you needed to search for was,
PHP upload
+ dropzoneJS :
allow only some files extensions
While I am at it, heres how I do it.
$valid_exts = array(// allowed extensions
'gif',
'jpeg',
'jpg',
'JPG',
'png',
);
$valid_types = array(
'image/gif',
'image/jpeg',
'image/jpg',
'image/pjpeg',
'image/x-png',
'image/png',
);
$extension = pathinfo($file['name'], PATHINFO_EXTENSION);
// make sure extension and type are allowed
if (!(in_array($file['type'], $valid_types) && in_array($extension, $valid_exts))) {
echo 'File type not allowed.';
die();
} else {
// Do what ever you wish.
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.