Posted by Arjen on 09/28/63 11:45

Kerry wrote:
> Hi,
>
> I use the simple PHP script below with an html file for my visitors to
> upload files.
>
> I'd like to make it more secure by either allowing or denying certain files.
> I've tried adding more code but I can't get anything to work.
>
> I'm not an expert, but know it's probably only a couple of simple lines of
> code that will do the trick.

This function checks the extention of $_FILES['uploadfile']['name']
against $allowed[ext]. In my case it's only one extention but you could
also use in_array to check against multuple extensions or rewrite the
func to check multiple files.



function checkext($allowed);
{
$upfile_info = pathinfo($_FILES['uploadfile']['name']);

if (strtolower($upfile_info[extension])==$allowed[extension])
{
return true;
}
else
{
return false;
}
}

• Next in forum: Re: how much data can you pump into longblob from textarea?
• Prev in forum: Re: Security solution needed for file uploader code
• Thread view: Re: Security solution needed for file uploader code

[Reply to this message]