Check $photo size and extension not working

Ok, here's my code. Can't get it to check file extension properly or file
size...had it working before but not sure why it's buggy now.

} elseif ($photo) {

$ext = strtolower(substr($photo, -3));

if ($ext == "peg") { $ext = "jpg"; }

if ($ext != "gif" || $ext != "jpg" || $ext != "jpeg" || $ext !="bmp" )
{

$focus = "photo";
$msg = "Please provide a valid gif, jpeg, or bmp photo";

} else {

$photo_size = getimagesize($photo);

if ($photo_size > 25000) {

$msg = "Photo must be smaller than 25k.";

}}} elseif { etc, etc. } else { dbqueries...

re: Check $photo size and extension not working

Philip D Heady wrote:[color=blue]
>
> Ok, here's my code. Can't get it to check file extension properly or file
> size...had it working before but not sure why it's buggy now.
>
> } elseif ($photo) {
>
> $ext = strtolower(substr($photo, -3));
>
> if ($ext == "peg") { $ext = "jpg"; }
>
> if ($ext != "gif" || $ext != "jpg" || $ext != "jpeg" || $ext !="bmp" )
> {
>
> $focus = "photo";
> $msg = "Please provide a valid gif, jpeg, or bmp photo";
>
> } else {
>
> $photo_size = getimagesize($photo);
>
> if ($photo_size > 25000) {
>
> $msg = "Photo must be smaller than 25k.";
>
> }}} elseif { etc, etc. } else { dbqueries...[/color]

This is likely your problem:

if ($ext != "gif" || $ext != "jpg" || $ext != "jpeg" || $ext !="bmp" )

This line will always return true. You want to change the ORs to ANDs.

Shawn
--
Shawn Wilson
shawn@glassgiant.com
http://www.glassgiant.com

re: Check $photo size and extension not working

Shawn Wilson <shawn@glassgiant.com> wrote in message news:<401E6FF8.765C5E7E@glassgiant.com>...
[color=blue]
>
> This is likely your problem:
>
> if ($ext != "gif" || $ext != "jpg" || $ext != "jpeg" || $ext !="bmp" )
>
> This line will always return true. You want to change the ORs to ANDs.
>
> Shawn[/color]

if $ext does not equal gif jpg jpeg or bmp then display message
"Please provide a valid gif, jpeg, or bmp photo"

when i attach any of those file type extensions it does not bypass
that message, still asks me to provide a valid gif, etc..

Philip D. Heady
http://www.ignission.com

re: Check $photo size and extension not working

Philip D Heady wrote:[color=blue]
>
> Shawn Wilson <shawn@glassgiant.com> wrote in message news:<401E6FF8.765C5E7E@glassgiant.com>...
>[color=green]
> >
> > This is likely your problem:
> >
> > if ($ext != "gif" || $ext != "jpg" || $ext != "jpeg" || $ext !="bmp" )
> >
> > This line will always return true. You want to change the ORs to ANDs.
> >
> > Shawn[/color]
>
> if $ext does not equal gif jpg jpeg or bmp then display message
> "Please provide a valid gif, jpeg, or bmp photo"
>
> when i attach any of those file type extensions it does not bypass
> that message, still asks me to provide a valid gif, etc..[/color]

Say you have a file, image.jpg. Look at the first part of your if statement.
$ext is "jpg". So you're saying:

if ("jpg" != "gif" OR blah blah blah)
write error statement;

And "jpg" is not the same as "gif", and with OR statements, only one part needs
to be true for the whole thing to be true, so it writes the error.

You want:

if ($ext != "gif" && $ext != "jpg" && $ext != "jpeg" && $ext !="bmp" )
write error statment;

Shawn
--
Shawn Wilson
shawn@glassgiant.com
http://www.glassgiant.com

re: Check $photo size and extension not working

Tried && approach, didn't work. What gives?


} elseif ($password != $password2) {
$focus = "password2";
$msg = "Passwords do not match.";

} elseif ($photo) {

$ext = strtolower(substr($photo_name, -3));

if ($ext == "peg") { $ext = "jpg";

} if ($ext != "gif" && $ext != "jpg" && $ext != "jpeg" && $ext
!="bmp" ) {

$focus = "photo";
$msg2 = "Please provide a valid gif, jpeg, or bmp photo";

} else {


$photo_size = getimagesize($photo);

if ($photo_size > 25000) {

$msg2 = "Photo must be smaller than 25k.";

}}} elseif ($username) {

$q = "SELECT id FROM account WHERE username='". apos($username) ."'";
$res = mysql_query($q);
$num = mysql_num_rows($res);

if ($num > 0) {
$focus = "username";
$msg = "This username is taken, please choose a different one.";

}} else {

$q = "INSERT INTO account (";

re: Check $photo size and extension not working

Philip D Heady wrote:[color=blue]
>
> Tried && approach, didn't work. What gives?
>
> } elseif ($password != $password2) {
> $focus = "password2";
> $msg = "Passwords do not match.";
>
> } elseif ($photo) {
>
> $ext = strtolower(substr($photo_name, -3));
>
> if ($ext == "peg") { $ext = "jpg";
>
> } if ($ext != "gif" && $ext != "jpg" && $ext != "jpeg" && $ext
> !="bmp" ) {
>
> $focus = "photo";
> $msg2 = "Please provide a valid gif, jpeg, or bmp photo";
>
> } else {
>
> $photo_size = getimagesize($photo);
>
> if ($photo_size > 25000) {
>
> $msg2 = "Photo must be smaller than 25k.";
>
> }}} elseif ($username) {
>
> $q = "SELECT id FROM account WHERE username='". apos($username) ."'";
> $res = mysql_query($q);
> $num = mysql_num_rows($res);
>
> if ($num > 0) {
> $focus = "username";
> $msg = "This username is taken, please choose a different one.";
>
> }} else {
>
> $q = "INSERT INTO account (";[/color]

You mean you're still getting the same error message? If so, print out the
extension and name:

$msg2 = "Please provide a valid gif, jpeg, or bmp photo. Extension: $ext . Name:
$photo_name";

That should give you an idea why it's not matching. My guess is $photo_name is
not what you think it is. If so, try the $_FILES['filename']['name'] format.

And you might want to go with a regex for the IF statement. It's a bit
cleaner. I'm not sure if it'd be faster or not.

if (!preg_match("/(gif|jpeg|jpg|bmp)$/", $foo)) //<--UNTESTED

Shawn
--
Shawn Wilson
shawn@glassgiant.com
http://www.glassgiant.com