i search the net for upload picture secure code
i fuond this code, and affter i changed it abit it looks like that :
Expand|Select|Wrap|Line Numbers
- <?php
- class image_upload
- {
- var $tmp_image;
- var $max_file_size = 5120;
- var $max_width = 200;
- var $max_height = 200;
- var $allow_types = array('image/jpeg','image/gif');
- var $errors;
- var $good;
- function is_image()
- {
- if(exif_imagetype($this->tmp_image['tmp_name'])=="IMAGETYPE_GIF" && exif_imagetype($this->tmp_image['tmp_name']) == "IMAGETYPE_JPEG")
- {
- $this->good[] = 'check ex_if';
- $this->errors[] = 'Uploaded file is not image';
- return true;
- }
- else
- {
- $this->errors[] = 'Uploaded file is not image';
- return false;
- }
- }
- function is_type()
- {
- if (in_array($this->tmp_image['type'],$this->allow_types))
- {
- $this->good[] ='check image [type]';
- return true;
- }
- else
- {
- $this->errors[] = 'Image type is not acceptable';
- return false;
- }
- }
- function is_size()
- {
- if ($this->tmp_image['size'] <= $this->max_file_size)
- {
- $this->good[2] ='check image [size]';
- return true;
- }
- else
- {
- $this->errors[] = 'Image file size is too big';
- return false;
- }
- }
- function is_dimensions()
- {
- $size = getimagesize($this->tmp_image['tmp_name']);
- $width = $size[0];
- $height = $size[1];
- if ($width <= $this->max_width && $height <= $this->max_height)
- {
- $this->good[] ='check image [demenation]';
- return true;
- }
- else
- {
- $this->errors[] = 'Image is too height or too width';
- return false;
- }
- }
- function upload_image ($dest, $safe=false)
- {
- if ($safe)
- {
- $status = true;
- $status = $this->is_image();
- $status = $this->is_type();
- $status = $this->is_size();
- $status = $this->is_dimensions();
- return ($status)?move_uploaded_file($this->tmp_image['tmp_name'], $dest):false;
- }
- else
- {
- return move_uploaded_file($this->tmp_image['tmp_name'], $dest);
- }
- }
- }
- ?>
Expand|Select|Wrap|Line Numbers
- <?php
- include('upload.class.php');
- $IM = new image_upload();
- if ($_FILES['photo'])
- {
- $IM->tmp_image = $_FILES['photo'];
- if ($IM->upload_image($_SERVER['DOCUMENT_ROOT'].'/tnimg/'.$IM->tmp_image['name'], true))
- {
- foreach ($IM-> good as $res)
- {
- $pic=$res."<br>";
- }
- }
- else
- {
- foreach ($IM->errors as $error)
- {
- $pic = $error.'<br />';
- }
- }
- }
- ?>
its not going into the first 2 methods (i try to check useing the $good array) but nothing is showing. (exccept the dimantion part)
i went throuh the syntax over and over agian
maybe i better mind and new eyes can tell me why it dosnt check what it shouled check
BTW its uploading the files but not checking them thats the thing.
here is the site that i leeched it from
thanks