function upload(&$model){
if($_SERVER['REQUEST_METHOD'] === 'POST'){
$file = $_FILES['file'];
$file_name = $file['name'];
$file_ext2 = explode('.', $file_name);
$file_extenstion = strtolower(end($file_ext2));
$finfo = finfo_open(FILEINFO_MIME_TYPE);
echo(finfo_file($finfo, $file['tmp_name']));
echo($file['type']);
}
return "superliga_view";
}
Why
echo(finfo_file($finfo, $file['tmp_name']));
prints image/jpeg, but
echo($file['type']);
prints "image/png"?
I try make watemark, but
$image = imagecreatefrompng($target);
sometimes throws errors due to wrong file type. With small files php always reads them as png, but with large files it reads them as jpeg.
Related
Selected file is not notepad file with extension avi, mp4 etc.
I tried this:
$file_allowed = array('gif','png' ,'jpg','avi','mp4','wmv','mov','flv','webm','ogv','mp3','m4a','ogg','oga');
$uploaded_filename = $_FILES['attachment']['name'];
$file_ext = pathinfo($uploaded_filename, PATHINFO_EXTENSION);
if(!in_array($file_ext,$file_allowed) )
{
exit;
}
Try this variable for validation
$_FILES["attachment"]["type"];
Try changing your code like this:
$file_allowed = array('gif','png' ,'jpg','avi','mp4','wmv','mov','flv','webm','ogv','mp3','m4a','ogg','oga');
$uploaded_filename = $_FILES["attachment"]["type"];
$file_ext = pathinfo($uploaded_filename, PATHINFO_EXTENSION);
if(!in_array($file_ext,$file_allowed) ) {
exit;
}
l have used the function below but its allowing even pdf to be uploaded
and its not checking if its an image
function image_allowed($file_extn) {
$allowed = array('jpg','jpeg','gif','png');
$file_name = $_FILES['image']['image_name'];
$file_extn = strtolower(end(explode('.', $file_name)));
$file_temp = $_FILES['image']['tmp_name'];
if (in_array($allowed,$file_extn )=== true){
return true;
}else {
return false;
}
and l checked using the code below and l dont know were lam getting it wrong
if (image_allowed($_POST['image'])=== true) {
$errors[] = ' images only are allowed.';
and l would love to know any checks that l might have ommited here
While comparing extensions might do the trick, it's not very safe as it easy to fake an extension. I would advise to check the mime types of the files.
Option 1 - using finfo
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$file_type = finfo_file($finfo, "image.gif");
finfo_close($finfo);
Output for this case: image/gif
Just remember to change your $allowed array accordingly.
You can see a list of possible mime types for images at wikipedia.
Option 2 - Using exif-imagetype
exif_imagetype('image.gif')
Just notice that in that case your $allowed array should contain constants that represent possible return values. (For further information look at the manual - link above)
You can check your image type using pathinfo (http://php.net/manual/en/function.pathinfo.php):
$path_parts = pathinfo('/your/image/path/');
echo $path_parts['extension']; // Your extension...
In your function code:
function image_allowed($imagePath) {
$allowed = array('jpg','jpeg','gif','png');
$myExtension = pathinfo($imagePath);
if(in_array($myExtension['extension'], $allowed)
return true;
else
return false;
}
You need to use like this:
function image_allowed() {
$allowed = array('jpg','jpeg','gif','png');
$file_name = $_FILES['image']['name'];
$file_extn = strtolower(end(explode('.', $file_name)));
$file_temp = $_FILES['image']['tmp_name'];
if (in_array($file_extn,$allowed)=== true){
return true;
}
return false;
}
if (image_allowed()=== false) {
$errors[] = ' images only are allowed.';
}else{
//save image or something else
}
Here is the file upload code. It works in such a way that it accepts all the image extensions. But it needs to validate the file type (video, word doc etc). I need it to only upload images. For an example what happens now is that when I select a word document and submit my form, it shows a bunch of errors, inserts the record but not the file. What should happen is that, if the file is anything other than an image, it should not let the user insert the record. Should get an error message saying to check the file type when the form is submitted. Please assist me in achieving this.
if( isset($_FILES['img']) )
{
//resizing the image
$image = new SimpleImage();
$image->load($_FILES['img']['tmp_name']);
$image->resizeToHeight(180);
$info = pathinfo($_FILES['img']['name']);
$file = 'uploads/' . basename($_FILES['img']['name'],'.'.$info['extension']) . '.png';
if ($image->save($file))
{
if($fp = fopen($file , 'rb'))
{
$data = fread($fp, filesize($file));
//encoding the the image only to text so can be stored in DB
$data = base64_encode($data);
fclose($fp);
}
}
else
{
$error = '<p id="failed">Invalid Image</p>';
}
You need to check MIME type on the image, something like that:
if (isset($_FILES['img'])) {
$file = $_FILES['img'];
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $file['tmp_name']);
finfo_close($finfo);
if (strpos($mime, 'image') === false) {
die('The submitted file is not an image!');
}
// Uploading code..
}
If mime string has 'image' in it, then it's image. Hope that will help.
In older PHP versions you can use mime_content_type. However if you have PHP > 5.3 you should use the finfo_* functions
You should also check is_uploaded_file() rather than isset()
if( is_uploaded_file( $_FILES['img']['tmp_name'] ) ) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$type = finfo_file( $_FILES['img']['tmp_name'] );
if( $type == 'image/gif' ) { // for example
// do stuff
}
}
How can I make sure that the supplied file - font(TrueType)? File path may be specified with custom extension(non .ttf).
I'm confused.
Check this: finfo
For example:
$fileName = 'file.ext';
$mimeTypes = array('font/ttf','font/truetype');
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $fileName);
if(in_array($mime, $mimeTypes)){
echo 'font file';
}
finfo_close($finfo);
You must check FILEINFO_MIME_TYPE.
I'm hoping this is an easy one, I'm using mySQL and php to upload an image as a BLOB type using this code:
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$fp = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
}
This is all working fine, inserting to the database and everything. I then want to use SimpleImage: http://www.white-hat-web-design.co.uk/blog/resizing-images-with-php/ to perform some resize and compression work on the image before uploading it. I can't see how to combine say:
include('SimpleImage.php');
$image = new SimpleImage();
$image->load($_FILES['userfile']['tmp_name']);
$image->resizeToWidth(150);
$image->output();
With my existing code, I think what I want to do is get $content to become $image, but I've tried for a while and can't find a way of doing it. Any help much appreciated.
Happy Christmases to those who like Christmas and TIA to all.
You are outputting the resized image to the browser (::output()) but you're not saving it. If you want to store it inside the database, you need to change the temporary file first, e.g. by using the ::save() function of SimpleImage.
Next to that, you write you want to resize the picture in the browser before uploading. That can not be done with PHP, but only with javascript and browsers who support that. Additionally the upload handling on the PHP side might differ then. But I'm not really sure if you really meant it that the image is resized before uploading.
Another Idea I had is using an output buffer:
if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$image = new SimpleImage();
$image->load($_FILES['userfile']['tmp_name']);
$image->resizeToWidth(150);
ob_start();
$image->output();
$content = ob_get_clean();
$content = addslashes($content);
...