@NightShift58Feb 13.2007 — #First, in your form, you should use the "accept" with a comma-separated list of the MIME types that you want to accept for upload.[code=php]<input type="file" name="upfile" accept="mime1,mime2, etc">. In your case, the MIME type would be: "image/jpeg".
You shouldn't rely on that only, however. You should check on the received MIME types as you post-process the uploaded file(s). For more on that, see: http://www.webdeveloper.com/forum/showthread.php?t=101466
@popcopauthorFeb 13.2007 — #how do u add that to this code then?
[code=php] <?php //set where you want to store files //in this example we keep file in folder upload //$HTTP_POST_FILES['ufile']['name']; = upload file name //for example upload file name cartoon.gif . $path will be upload/cartoon.gif $path= "upload/".$HTTP_POST_FILES['ufile']['name']; if($ufile !=none) { if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path)) { echo "Successful<BR/>";
//$HTTP_POST_FILES['ufile']['name'] = file name //$HTTP_POST_FILES['ufile']['size'] = file size //$HTTP_POST_FILES['ufile']['type'] = type of file echo "File Name :".$HTTP_POST_FILES['ufile']['name']."<BR/>"; echo "File Size :".$HTTP_POST_FILES['ufile']['size']."<BR/>"; echo "File Type :".$HTTP_POST_FILES['ufile']['type']."<BR/>"; echo "<img src="$path" width="150" height="150">"; } else { echo "Error"; } } ?> [/code]
@NightShift58Feb 13.2007 — #Before you do the copy() part, you need to ask:[code=php]if ($HTTP_POST_FILES['ufile']['type'] == "image/jpeg") { copy(...) } else { echo "You tried to sneak one in..."; }[/code]
@bokehFeb 13.2007 — #To check the mime type of an image use [I]getimagesize()[/I] which checks the file headers. If you are extra paranoid you could even use [I]imagecreatefromjpeg()[/I] to see whether the image can be opened. Do this before considering moving the image.