|
|
Posted by Jack Jackson on 09/28/54 11:19
Tom Rogers wrote:
> Hi,
>
> Friday, June 24, 2005, 12:42:33 AM, you wrote:
> JJ> Hi,
> JJ> I checked at
> JJ> http://www.php.net/manual/en/features.file-upload.php and
> JJ> all the user notes, and also the PEAR solution for uploading files and I
> JJ> still have a couple of questions.
>
> JJ> I need to create a form to allow users to upload (and later to delete)
> JJ> MS word, excel and jpg files. Through your help I was able to validate
> JJ> image files using getimagesize() and have made a nice script to upload
> JJ> and rename images.
>
> JJ> I cannot see a way to validate or examine Word or Excel files for
> JJ> validity (and assume that older word files would validate differently
> JJ> from newer ones).
>
> JJ> The PEAR http upload script mentioned twice in the user notes at that
> JJ> manual page does not *seem* to validate other than denying certain
> JJ> extensions like php, php3, etc. I could be wrong of course.
>
> JJ> Also, it seems that directories must be blown wide open (777) to allow
> JJ> the script to copy the file over from /tmp. My ISP won't allow
> JJ> directories to be set to 777 under public_html/ -- but we need to access
> JJ> the files via web browser which is the whole point.
>
>
> JJ> So my questions:
> JJ> 1. How do you validate Word and Excel files before upload?
>
> JJ> 2. How can I make a passthrough from a file above public_html to one
> JJ> below it so that people can surf in with a browser and download files
> JJ> which have been uploaded by the script?
>
> JJ> Thanks in advance,
> JJ> JJ
>
> The first 8 bytes of an ole2 file (exel and word are ole2 files I
> think) should have the following hex sequence:
>
> "\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1"
>
> So do an fopen and read in the first 8 bytes and compare it to that
> string should give some indication.
>
Cooool. Thank you Tom and all those who replied. I always learn so much
here!
JJ
Navigation:
[Reply to this message]
|