finding extension of the file being uploaded using php

Question

I am using PHP for a website. I have to get users upload their pics. Now, the pics can be in jpeg or png or gif format. My problem is that i identify a user by a unique userid, so I want to save the pics as: userid.jpg or userid.png etc. Now, how do i find out the extension of the file selected by the user using php?

Answer 1

I wouldn't rely on the file extension provided by the visitor. Instead, ask the file itself what it is (this can still be spoofed, but its less likely; also you don't have to wonder if the extension is 3 or 4 characters (jpeg, jpg for example)). Try:

if ($_FILES['avatar']['type'] == "image/gif")
if ($_FILES['avatar']['type'] == "image/jpeg")
if ($_FILES['avatar']['type'] == "image/png")

They're much more reliable.

Answer 2

Instead of relying on the extension sent by the client, you can also determine the type of the file, using fileinfo (PHP >= 5.3), or if you're using an older version of PHP, something like mime_content_type

Once you have the mime-type of the file, it's just a matter of mapping (like 'image/png' => 'png')

(Should actually be better for security reasons; if I remember correctly, $_FILES['...']['type'] is sent by the client, and can be faked)

Answer 3

If you're running a nicely updated server with PHP 5.3, you should look into the new File Information extension. It'll look at the files themselves and try to determine the mime type, from which you can get the extension. This is more reliable than looking at the extension or mime type as provided by the browser, as both of these can be faked.

An ideal solution could use a combination of all of these methods for maximum effectiveness.

Answer 4

$filename = "harbl.jpg";
$fileinfo = pathinfo($filename);
echo($fileinfo['extension']);           // prints "jpg"

Answer 5

Assuming you have

<input type="file" name="foo">

You can do

$info = pathinfo($_FILES['foo']['name']);
$extension = $info['extension'];

Answer 6

array_pop(explode(".", $_FILES["image"]["name"]))

or

pathinfo($_FILES["image"]["name"], PATHINFO_EXTENSION)

Answer 7

I've used Array in application that I've build recently. And it works very well.

$file_type = array('image/gif'   => 'gif', 
                   'image/jpeg'  => 'jpg',
                   'image/pjpeg' => 'jpg',
                   'image/bmp'   => 'jpg',
                   'image/png'   => 'png');

if(array_key_exists(($_FILES['file_upload']['type']), $file_type){
    Your Function

}

Answer 8

$extension = end(explode(".",$_FILES['foo']['name']));

Answer 9

Hai

          You can check the image type easily in php.For example, you may have

          <input type="file" name="image">


          $img_name=$_FILES["image"]["name"];                 //name of the image
          $img_tmpname=$_FILES["image"]["tmp_name"];         //temporary name

          $len=strlen($img_name);                           //length of image name
          $dot=strpos($img_name,".");                      //finding position of .
          $type=substr($img_name,$dot,$len);      //finding string from . to end of string.

          Then use if statement and check the file

if($type=='.gif'||$type=='.jpg'||$type=='.jpeg'||$type=='.png'||$type=='.GIF'||$type=='.JPG'||$type=='.PNG'||$type=='.JPEG') {

//your code............. }

Answer 10

There is also a simple way that worked out for me to get the file extension the user uploaded.
This code looks if the extension is allowed and changes the name of the file:
HTML:

 <form method='post' enctype='multipart/form-data'> <input type='file' class='f' name='fileToUpload' value='' id='fileToUpload'><br> <input type='submit' name='submit' class='button' value='Senden'> </form>

PHP:

$target_dir = "files/";
$target_filee = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$imageFileType = strtolower(pathinfo($target_filee,PATHINFO_EXTENSION));
$user = $_SESSION['user_id'] # Here you have to put the user id
$target_file = $target_dir . $user . "." . $imageFileType;

if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "gif") {
   if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file) {
       echo "The file has been uploaded!";
   }else{
       echo "Ohhh, it didn't work";
   }
}