Details; - Needs to perform exactly as shown below, do not take away anything all that is needed is for you to limit the files uploaded. The ONLY files that should be allowed to be uploaded are; wmv mpg mpeg avi mov *ALL OTHER FILE TYPES SHOULD NOT BE UPLOADED AND AN ERORR MESSAGE (invalid file type) SHOULD BE GIVEN.* $15 paypal to the first person to do so and it works fine. Thanks! <?php include("global.inc.php"); $errors=0; $error="The following errors occured while processing your form input.<ul>"; pt_register('POST','ip'); pt_register('POST','date'); pt_register('POST','Title'); pt_register('POST','category'); $File=$HTTP_POST_FILES['File']; pt_register('POST','Description'); $Description=preg_replace("/(\015\012)|(\015)|(\012)/"," <br />", $Description);if($Title=="" || $File=="" ){ $errors=1; $error.="<li>You did not enter one or more of the required fields. Please go back and try again."; } if(!is_uploaded_file($HTTP_POST_FILES['File']['tmp_name'])){ $error.="<li>The file, ".$HTTP_POST_FILES['File']['name'].", was not uploaded!"; $errors=1; } $ip = $HTTP_SERVER_VARS["REMOTE_ADDR"]; $date = date("l jS of F Y h:i:s A"); if($errors==1) echo $error; else{ $image_part = date("h_i_s")."_".$HTTP_POST_FILES['File']['name']; $image_list[4] = $image_part; copy($HTTP_POST_FILES['File']['tmp_name'], "files/".$image_part); $where_form_is="http".($HTTP_SERVER_VARS["HTTPS"]=="on"?"s":"")."://".$SERVER_NAME.strrev(strstr(strrev($PHP_SELF),"/")); $message="ip: ".$ip." date: ".$date." Title: ".$Title." File: ".$where_form_is."files/".$image_list[4]." Description: ".$Description." "; $message = stripslashes($message); mail("$Owner_Email","New Video uploaded",$message,"From: Your Website"); $link = mysql_connect("$DB_Host","$DB_User","$DB_Pass"); mysql_select_db("$DB_Name",$link); $query="insert into upls (ip,date,Title,File,Description,cat) values ('".$ip."','".$date."','".$Title."','".$where_form_is."files/".$image_list[4]."','".$Description."','".$category."')"; mysql_query($query); ?> </table> <!-- Do not change anything below this line --> <?php } ?></p> Code (markup):
Just a hint. <?php if ((($_FILES["file"]["name"] == "image/gif") || ($_FILES["file"]["name"] == "image/jpeg") || ($_FILES["file"]["name"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000)) { if ($_FILES["file"]["error"] > 0) { echo "Error: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["name"] . "<br />"; echo "Stored in: " . $_FILES["file"]["tmp_name"]; } } else { echo "Invalid file"; } PHP:
Still looking for the full working script to do the exact same as the code i posted but limit file types as specified.
Not working, replied to your PM but its not limiting anything/giving error messages, i can upload any file ( for example, .php ) just fine. If it isnt wmv/mpg/mpeg/avi/mov etc, it should give an error message and NOT upload the file. Thanks Anyone?!?!
Rephrased the first post, it should be simple to more advanced PHP coders... I just cant get it for some reason. Thanks!
<?php include("global.inc.php"); $errors=0; $error="The following errors occured while processing your form input.<ul>"; pt_register('POST','ip'); pt_register('POST','date'); pt_register('POST','Title'); pt_register('POST','category'); $File=$HTTP_POST_FILES['File']; pt_register('POST','Description'); $Description=preg_replace("/(\015\012)|(\015)|(\012)/"," <br />", $Description);if($Title=="" || $File=="" ){ $errors=1; $error.="<li>You did not enter one or more of the required fields. Please go back and try again."; } if(!is_uploaded_file($HTTP_POST_FILES['File']['tmp_name'])){ $error.="<li>The file, ".$HTTP_POST_FILES['File']['name'].", was not uploaded!"; $errors=1; } $ip = $HTTP_SERVER_VARS["REMOTE_ADDR"]; $date = date("l jS of F Y h:i:s A"); if($errors==1) echo $error; else{ $pathinfo = pathinfo($HTTP_POST_FILES['File']['name'], PATHINFO_EXTENSION); if(!in_array(strtolower($pathinfo['extension']), array('wmv','mpg','mpeg','avi','mov'))) { die('Invalid File Type'); } $image_part = date("h_i_s")."_".$HTTP_POST_FILES['File']['name']; $image_list[4] = $image_part; copy($HTTP_POST_FILES['File']['tmp_name'], "files/".$image_part); $where_form_is="http".($HTTP_SERVER_VARS["HTTPS"]=="on"?"s":"")."://".$SERVER_NAME.strrev(strstr(strrev($PHP_SELF),"/")); $message="ip: ".$ip." date: ".$date." Title: ".$Title." File: ".$where_form_is."files/".$image_list[4]." Description: ".$Description." "; $message = stripslashes($message); mail("$Owner_Email","New Video uploaded",$message,"From: Your Website"); $link = mysql_connect("$DB_Host","$DB_User","$DB_Pass"); mysql_select_db("$DB_Name",$link); $query="insert into upls (ip,date,Title,File,Description,cat) values ('".$ip."','".$date."','".$Title."','".$where_form_is."files/".$image_list[4]."','".$Description."','".$category."')"; mysql_query($query); ?> </table> <!-- Do not change anything below this line --> <?php } ?></p> PHP: Keep in mind that this is based on checking the file extension. If you want to check the actual content of the file, you'll need to use something like ffmpeg.
I just tried upload an image file, got Invalid file type - Thats good and what i want. I then tried uploading a .wmv video, and also got invalid file type. Hopefully it is an easy fix Thanks
Whoops, here you go. <?php include("global.inc.php"); $errors=0; $error="The following errors occured while processing your form input.<ul>"; pt_register('POST','ip'); pt_register('POST','date'); pt_register('POST','Title'); pt_register('POST','category'); $File=$HTTP_POST_FILES['File']; pt_register('POST','Description'); $Description=preg_replace("/(\015\012)|(\015)|(\012)/"," <br />", $Description);if($Title=="" || $File=="" ){ $errors=1; $error.="<li>You did not enter one or more of the required fields. Please go back and try again."; } if(!is_uploaded_file($HTTP_POST_FILES['File']['tmp_name'])){ $error.="<li>The file, ".$HTTP_POST_FILES['File']['name'].", was not uploaded!"; $errors=1; } $ip = $HTTP_SERVER_VARS["REMOTE_ADDR"]; $date = date("l jS of F Y h:i:s A"); if($errors==1) echo $error; else{ $pathinfo = pathinfo($HTTP_POST_FILES['File']['name'], PATHINFO_EXTENSION); if(!in_array(strtolower($pathinfo), array('wmv','mpg','mpeg','avi','mov'))) { die('Invalid File Type'); } $image_part = date("h_i_s")."_".$HTTP_POST_FILES['File']['name']; $image_list[4] = $image_part; copy($HTTP_POST_FILES['File']['tmp_name'], "files/".$image_part); $where_form_is="http".($HTTP_SERVER_VARS["HTTPS"]=="on"?"s":"")."://".$SERVER_NAME.strrev(strstr(strrev($PHP_SELF),"/")); $message="ip: ".$ip." date: ".$date." Title: ".$Title." File: ".$where_form_is."files/".$image_list[4]." Description: ".$Description." "; $message = stripslashes($message); mail("$Owner_Email","New Video uploaded",$message,"From: Your Website"); $link = mysql_connect("$DB_Host","$DB_User","$DB_Pass"); mysql_select_db("$DB_Name",$link); $query="insert into upls (ip,date,Title,File,Description,cat) values ('".$ip."','".$date."','".$Title."','".$where_form_is."files/".$image_list[4]."','".$Description."','".$category."')"; mysql_query($query); ?> </table> <!-- Do not change anything below this line --> <?php } ?></p> PHP:
For what it's worth --- Dynamic form, with preview list and JavaScript validation: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title> Upload Images </title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <script type="text/javascript"> var maxVideos = 3; /* **** Do not edit below this line **** */ /* Copyright 2007, Michael J. Hill. All rights reserved. Used with permission. www.javascript-demos.com */ /* Free use of the code, so long as both copyright notices are kept intact */ var root = ""; var nInput = ""; var listCollection = []; var valid = false; function insertInput(){ if (!valid) { return false; } if (nInput.length > Number(maxVideos)+Number(2)) { alert('Maximum '+maxVideos + ' videos'); return false; } var nextUpload = document.createElement('input'); nextUpload.type = "file"; nextUpload.name = "userVideo[]"; nextUpload.size = "25"; nextUpload.className = 'fInput'; nextUpload.onchange = function(){buildList()} var lastUpload = root.getElementsByTagName('input'); lastUpload = lastUpload[lastUpload.length-3]; root.insertBefore(nextUpload,lastUpload); valid = false; } function removeInput(){ if (nInput.length > 4) { root.removeChild(nInput[nInput.length-4]); } if (nInput[0].value != "" && listCollection[0] != "Invalid") { buildList(); } } function buildList(){ var nContainer = document.getElementById('nameList'); while (nContainer.lastChild) { nContainer.removeChild(nContainer.lastChild); } listCollection.length = 0; for (i=0; i<nInput.length; i++) { if (nInput[i].type == "file") { valid = true; var longName = nInput[i].value; var fullName = longName.match(/[^\/\\]+$/); var splitName = fullName[0].split("."); var fileType = splitName[1]; if (!fileType) { return false; } fileType = fileType.toLowerCase(); fileName = splitName[0]; if (fileType != 'wmv' && fileType != 'mpg' && fileType != 'mpeg' && fileType != 'avi' && fileType != 'mov') { alert('Invalid file type'); valid = false; } if (/[^\w ]/.test(fileName) || splitName.length > 2) { alert('A file name must not contain any special characters\nlike an apostrophe, period or hyphen'); valid = false; } if (valid) { listCollection[i] = fullName; } else { listCollection[i] = "Invalid"; } } } for (i=0; i<listCollection.length; i++) { var nUpload = nInput[i].value; var newItem = document.createElement('li'); newItem.appendChild(document.createTextNode(i+1 + ": " + listCollection[i])); nContainer.appendChild(newItem); } var nBox = document.getElementById('listBox'); if (nBox.scrollHeight > 0) { nBox.scrollTop = nBox.scrollHeight; } } function validate(nForm){ var fileName = ""; var nForm = document.getElementsByTagName('fieldset')[0].getElementsByTagName('input'); for (i=0; i<nForm.length; i++) { if (nForm[i].name == "userVideo[]" && nForm[i].value == "") { alert('Complete all fields'); return false; } if (nForm[i].name == "userVideo[]") { fileName = nForm[i].value.match(/[^\/\\]+$/); fileName = fileName[0].split("."); fileName[1] = fileName[1].toLowerCase(); if (/[^\w ]/.test(fileName[0]) || fileName.length > 2) { alert('A file name must not contain any special characters\nlike an apostrophe, period or hyphen'); return false; } if (fileName[1] != 'wmv' && fileName[1] != 'mpg' && fileName[1] != 'mpeg' && fileName[1] != 'avi' && fileName[1] != 'mov') { alert('Invalid file type'); return false; } } } alert('Thank you for your submission'); return true; } function init(){ root = document.getElementsByTagName('fieldset')[0]; nInput = root.getElementsByTagName('input'); } onload=init; </script> <style type="text/css"> body {margin-top: 60px; background-color: #eae3c6;} form {width: 283px; margin: auto;} fieldset {padding-left: 5px; padding-right: 5px; padding-bottom: 8px; padding-top: 0px; background-color: #f0fff0; border: 1px solid #87ceeb;} legend {font-family: times; font-size: 12pt; color: #00008b; background-color: #87ceeb; padding-left: 3px; padding-right: 3px; margin-bottom: 5px;} label {font-size: 12pt; color: #00008B; padding: 5px;} ul {margin-top: 0px; list-style-type: none;} li {margin-left: 0px; margin-top: 8px; margin-bottom: 8px;} .nList {display: block; margin-left:auto; margin-right: auto; border: 1px solid #87ceeb; font-family: tahoma; font-size: 10pt; color: #00008b; width: 425px; height: 175px; overflow: auto; background-color: #ffffe0; padding: 3px;} .fInput {font-family: times; font-size: 10pt; margin-bottom: 3px; margin-left: 8px;} </style> </head> <body> <h3 align='center'> Upload Your Videos </h3> <div id='listBox' class='nList'> <p align='center' style="margin-top: 0px"> Review Your Choices </p> <ul id='nameList'></ul> </div> <form method="post" action="" enctype="multipart/form-data" onsubmit="return validate(this)"> <fieldset> <legend> Video Upload </legend> <input type='file' name='userVideo[]' size='25' class='fInput' onchange="buildList()"> <input type='button' value="Next" id='insertBtn' style='font-family:times;font-size:10pt;margin-left:44px;margin-top:5px' onclick="insertInput()"> <input type='submit' value="Submit" style='font-family:times;font-size:10pt;margin-top:5px'> <input type='button' value="Remove" style='font-family:times;font-size:10pt;margin-top:5px' onclick="removeInput()"> </fieldset> </form> <div style="text-align: center; font-size: 8pt; padding: 3px; margin:auto;"> © Copyright 2007, Michael J. Hill. All rights reserved. Used with permission. www.javascript-demos.com</div> </body> </html> Code (markup):
Hi, Try the below (I have not tested it). <?php include("global.inc.php"); $errors=0; $error="The following errors occured while processing your form input.<ul>"; pt_register('POST','ip'); pt_register('POST','date'); pt_register('POST','Title'); pt_register('POST','category'); $File=$HTTP_POST_FILES['File']; pt_register('POST','Description'); $Description=preg_replace("/(\015\012)|(\015)|(\012)/"," <br />", $Description); if($Title=="" || $File=="" ) { $errors=1; $error.="<li>You did not enter one or more of the required fields. Please go back and try again."; } if(!is_uploaded_file($HTTP_POST_FILES['File']['tmp_name'])) { $error.="<li>The file, ".$HTTP_POST_FILES['File']['name'].", was not uploaded!"; $errors=1; } $ip = $HTTP_SERVER_VARS["REMOTE_ADDR"]; $date = date("l jS of F Y h:i:s A"); if ($errors==1) { echo $error; } else { $image_part = date("h_i_s")."_".$HTTP_POST_FILES['File']['name']; $image_list[4] = $image_part; $str = strtolower($_FILES['File']['name']); $list = explode('.', $str); $ext = $list[count($list) - 1]; if($ext === 'wmv' || $ext === 'mpeg' || $ext === 'mpg' || $ext === 'avi' || $ext === 'mov') { copy($HTTP_POST_FILES['File']['tmp_name'], "files/".$image_part); $where_form_is="http".($HTTP_SERVER_VARS["HTTPS"]=="on"?"s":"")."://".$SERVER_NAME.strrev(strstr(strrev($PHP_SELF),"/")); $message="ip: ".$ip." date: ".$date." Title: ".$Title." File: ".$where_form_is."files/".$image_list[4]." Description: ".$Description." "; $message = stripslashes($message); mail("$Owner_Email","New Video uploaded",$message,"From: Your Website"); $link = mysql_connect("$DB_Host","$DB_User","$DB_Pass"); mysql_select_db("$DB_Name",$link); $query="insert into upls (ip,date,Title,File,Description,cat) values ('".$ip."','".$date."','".$Title."','".$where_form_is."files/".$image_list[4]."','".$Description."','".$category."')"; mysql_query($query); } else { echo '<li>Please upload a correct file type.'; } ?> </table> <?php } ?> </p> PHP:
This works For Me. <? if(isset($_FILES['userfile'])) { function findexts ($filename) { $filename = strtolower($filename) ; $exts = split("[/\\.]", $filename) ; $n = count($exts)-1; $exts = $exts[$n]; return $exts; } //This applies the function to our file $ext = findexts ($_FILES['userfile']['name']) ; if ($ext=="mpg" or $ext=="wmv" or $ext=="avi" or ext=="mp3") { //Upload copy($_FILES['userfile']['name'], "dir/" . $filename); } ?> PHP: