Catherine Madsen wrote:
> Hi!
>
> I have created a form following the PHP manual to upload files and need
> to restrict the upload to only PDF. How do I check the file type
> ($_FILES['userfile']['type']?) and where: on the form page or on the
> validation page? I want to be able to tell the users that their file
> doesn't have the right format. Thank you very much for your help!
>
> My form is :
>
> <?php
> session_start();
> $_SESSION['new_name'] = $_POST['new_name'];
> ?>
> <form enctype="multipart/form-data" action="upload_file.php" method="POST">
> <input type="hidden" name="MAX_FILE_SIZE" value="1000000" />
> Upload this file: <input name="userfile" size="50" type="file" />
> <input type="submit" value="Upload File" />
> </form>
>
> The validation:
>
> <?php
> session_start();
> $dirname = $_SESSION['new_name'];
> $uploaddir = 'my_path'. $dirname. '/';
> if (!(is_dir($uploaddir)))
> {
> if (!mkdir($uploaddir,0775))
> print "error: " . $uploaddir . "\n";
> exit;
> }
>
> $uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
> if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
> header('Location: my_page');
> } else {
> header('Location: my_error_page');
> }
>
> ?>
> Catherine
>
Check here
http://www.w3schools.com/TAGS/att_form_accept.asp
You should also verify the extension on the processing page. Someone could post
the data to your processing script without using your form.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
