PHP Upload - Allow only jpg files

Question

This is what I currently have:

$file_name = $HTTP_POST_FILES[\'uid\'][\'name\'];
$user= \'FILENAME\';
$ext = pathinfo($file_name, PATHINFO_EXTENSION);
$new_f         


        

Answer 1

<?php

$allowedTypes = array('image/jpeg');

$fileType = $HTTP_POST_FILES['uid']['type'];

if(!in_array($fileType, $allowedTypes)) {
    // do whatever you need to say that
    // it is an invalid type eg:
    die('You may only upload jpeg images');
}

?> 

hope this helps. Also why are you using HTTP_POST_FILES instead of $_FILES? Are you working with an older version of PHP?

Answer 2

Never ever ever trust that happening. It's unsafe and could potentially lead to people screwing up with your server. Try this instead http://ar.php.net/imagecreatefromjpeg

<?php
function LoadJpeg($imgname){
    /* Attempt to open */
    $im = @imagecreatefromjpeg($imgname);

    if(!$im){ 
       throw new InvalidArgumentException("$imgname is not a JPEG image");
    }  

    return $im;
}
?>

Using it like so:

$uploadDir = "/path/to/uploads/directory";
$handle = LoadJpeg($_FILES['uid']['tmp_name']);
imagejpeg($handle, $uploadDir.DIRECTORY_SEPARATOR.$_FILES['uid']['name']);