stackoom
  简体   繁体   中英

Validation upload image file PHP

 原文  2018-02-09 08:16:27       php/ mysql/ image/ validation/ file-upload

Question

I have problem when i want to upload file, the script have a validation for types image file like jpg, png, When I upload the image file successful process, but when I try to upload different file types like doc, pdf etc. appear notification/alert if the file type is wrong but the data file still managed to get into the database and folder, the script working just for announce the types file is wrong but still save the data...

This my Script 

$image=$_FILES['upload']['name'];
$typeGambar = array('image/bmp', 'image/gif', 'image/jpg', 'image/jpeg', 'image/png');
if(!in_array($_FILES['upload']['type'][$i],$typeGambar)){ 
            echo"<meta http-equiv='refresh' content='0; url=home.php?p=product'>";
            }
$sql = mysql_query("INSERT INTO `t_product` (`id_product`,`product`,`category`,`material`,`ink`,`price`,`status`,`date`) VALUES ('$idproduct','$product','$category','$material','$ink','$price','$status',NOW());");

if ($sql) {
    $last_id = mysql_insert_id();
    foreach ($_POST['size'] as $select){
        $sql2 = mysql_query("INSERT INTO `t_productsize` (`id_product`,`id_size`) VALUES ('$last_id','$select');");
    }
    $total = count($_FILES['upload']['name']);

    // Loop through each file
    for($i=0; $i<$total; $i++) {
      //Get the temp file path
      $tmpFilePath = $_FILES['upload']['tmp_name'][$i];
      $fileError = $_FILES['upload']['error'][$i];    
      $typeGambar = array('image/bmp', 'image/gif', 'image/jpg', 'image/jpeg', 'image/png');
      if(!in_array($_FILES['upload']['type'][$i],$typeGambar)){ 
        echo'<script>
            alert("Failed insert data!!");
            </script>';
        }
        elseif($fileSize=$_FILES['gambar']['size']< 20000 || $fileError < 20000){
      //Make sure we have a filepath
      if ($tmpFilePath != ""){
        $newfilename= date('dmYHis').str_replace(" ", "", basename($_FILES["upload"]["name"]));
        //Setup our new file path
        $newFilePath = "images_product/".$newfilename . $_FILES['upload']['name'][$i];
        $nameImage = $newfilename . $_FILES['upload']['name'][$i];


        //Upload the file into the temp dir
        if(move_uploaded_file($tmpFilePath, $newFilePath)) {

          //Handle other code here
        $sql3 = mysql_query("INSERT INTO `t_productimage` (`id_product`,`image`) VALUES ('$last_id','$nameImage');");
        }
      }
    }
    }
    echo '<script>
        window.location="home.php?p=product";
        </script>';}

    else {
        echo'<script>
            alert("Failed insert data!!");
            </script>';
    }

Big Thanks for responsed

1 answers

solution1
 0  2018-02-09 08:26:08

Try this 

$image=$_FILES['upload']['name'];
$typeGambar = array('image/bmp', 'image/gif', 'image/jpg', 'image/jpeg', 'image/png');
if(!in_array($_FILES['upload']['type'][$i],$typeGambar)){
            echo"<meta http-equiv='refresh' content='0; url=home.php?p=product'>"; }
else {
$sql = mysql_query("INSERT INTO `t_product` (`id_product`,`product`,`category`,`material`,`ink`,`price`,`status`,`date`) VALUES ('$idproduct','$product','$category','$material','$ink','$price','$status',NOW());");

if ($sql) {

$last_id = mysql_insert_id();
foreach ($_POST['size'] as $select){
    $sql2 = mysql_query("INSERT INTO `t_productsize` (`id_product`,`id_size`) VALUES ('$last_id','$select');");
}
$total = count($_FILES['upload']['name']);

// Loop through each file
for($i=0; $i<$total; $i++) {
  //Get the temp file path
  $tmpFilePath = $_FILES['upload']['tmp_name'][$i];
  $fileError = $_FILES['upload']['error'][$i];    
  $typeGambar = array('image/bmp', 'image/gif', 'image/jpg', 'image/jpeg', 'image/png');
  if(!in_array($_FILES['upload']['type'][$i],$typeGambar)){ 
    echo'<script>
        alert("Failed insert data!!");
        </script>';
    }
    elseif($fileSize=$_FILES['gambar']['size']< 20000 || $fileError < 20000){
  //Make sure we have a filepath
  }
  else {
  if ($tmpFilePath != ""){
    $newfilename= date('dmYHis').str_replace(" ", "", basename($_FILES["upload"]["name"]));
    //Setup our new file path
    $newFilePath = "images_product/".$newfilename . $_FILES['upload']['name'][$i];
    $nameImage = $newfilename . $_FILES['upload']['name'][$i];


    //Upload the file into the temp dir
    if(move_uploaded_file($tmpFilePath, $newFilePath)) {

      //Handle other code here
    $sql3 = mysql_query("INSERT INTO `t_productimage` (`id_product`,`image`) VALUES ('$last_id','$nameImage');");
    }}
  }
}
}
echo '<script>
    window.location="home.php?p=product";
    </script>';}

else {
    echo'<script>
        alert("Failed insert data!!");
        </script>';
}}
  • NOTE : You just wrong in your logic.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP file upload validation File upload validation in PHP PHP Upload File Validation validation for file upload in php Image upload file type validation using php - pdf and jpeg AJAX File Upload with PHP Validation php file upload with validation type PHP File Upload + Form Validation Image/file upload in php Image upload in php - validation returning false result
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM