473,320 Members | 1,922 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Adding file type validation to php upload script

I have a script that I have modified to upload image to mysql but I am concerned about the security risk envovled with allowing user to upload files to a mysql..

I've been trying to modify the php to include validation for a jpg and gif but to not avail could someone point me in the direction I need to move with a visual sample

Thank's as all way!
[PHP]
if(isset($_POST['upload']) && $_FILES['userfile']['size']> 0)
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];

$fp = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
}
include '../../config.php';
include '../../opendb.php';

$query = "INSERT audio SET name='$fileName', size='$fileSize', type='$fileType', content='$content' WHERE username='$username'";

mysql_query($query) or die(your upload could be done file already exist');
include '../../closedb.php';

echo "<br>File $fileName uploaded";
}
[/PHP]
Apr 9 '08 #1
3 3057
Markus
6,050 Expert 4TB
Check out w3schools upload script (with validation)

Regards
Apr 9 '08 #2
Check out w3schools upload script (with validation)

Regards
This is some really good info I'll will check later and post back tonight!
Apr 9 '08 #3
This is some really good info I'll will check later and post back tonight!
Sorry it took so long but the the advice worked perfectly and I now know how to validate file upload

Thanks You So Much.

I will post another validation for different query later today though.
Apr 14 '08 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

2
by: DA | last post by:
Hello, I'm hoping someone can help me here. I've got a form that when placed on a server running HTTPS, I get an "access denied" error in IE 6 (non-SP2 and SP-2) when a user tries to upload an...
5
by: Codeman II | last post by:
Hi there, I am building a form where the user must upload a picture and fill in his details. Now I have a problem as all of this is on the same form. How will I be able to have the Browse...
6
by: tshad | last post by:
I have an upload file input as: <input id="MyFile" style="width:300px" type="File" runat="Server"> This works fine, but I find that if my page doesn't pass validation during postback, the page...
2
by: hotflash | last post by:
Hi All, I found the best pure ASP code to upload a file to either server and/or MS Access Database. It works fine for me however, there is one thing that I don't like and have tried to fix but...
3
by: pozze | last post by:
Hi, I've just made the change from ASP to .net. I have a file (code below) that saves a user submitted file to a MS SQL 2005 database. It collects the file name, file size, file type, and lastly...
9
hsriat
by: hsriat | last post by:
How can I add my validation script to this file upload code? Validation Script:function validate(frm) { if (!/(\.(gif|jpg|jpeg|png))$/i.test(frm.file.value)){ alert('Invalid file...
1
by: chrisj | last post by:
I'm using freeASPupload and got some assistance integrating to a Member script. It works successfully. In this modified version there are two groups that use this upload script. Members of one...
6
Jacotheron
by: Jacotheron | last post by:
I need a PHP script that can upload music files (mp3). The script is for a home project I have started a while ago. I have a MySQL database of all the music that I have. Other computers on the...
1
KevinADC
by: KevinADC | last post by:
Note: You may skip to the end of the article if all you want is the perl code. Introduction Many websites have a form or a link you can use to download a file. You click a form button or click...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.