2

I have written a PHP script to upload files. But when I press the submit button it gives an error message:

Strict Standards: Only variables should be passed by reference in H:\xampp\htdocs\phpTest\upload_file.php on line 4.

line 4 is $extension = end(explode(".", $_FILES["file"]["name"]));

upload_file.php:

<?php

$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000)
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Error: " . $_FILES["file"]["error"] . "<br />";
    }
  else
    {

$target_Path = "images/";
$target_Path = $target_Path.basename( $_FILES['file']['name'] );
move_uploaded_file( $_FILES['file']['tmp_name'], $target_Path );


  echo "Upload: " . $_FILES["file"]["name"] . "<br />";
  echo "Type: " . $_FILES["file"]["type"] . "<br />";
  echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
  echo "Stored in: " . $_FILES["file"]["tmp_name"];
  echo $target_Path;
  }
  }
  else
  {
  echo "Invalid file";
  }
?>
user1559230
  • 2,790
  • 5
  • 26
  • 32
  • i don't know why did somebody downvoted this question....it's all valid and a different problem...explained what can be...provided code...so i up vote this – sandeepKumar Aug 06 '12 at 04:53
  • accept the answer when it works for you..so that we can know what was the actual mistake – sandeepKumar Aug 06 '12 at 04:54
  • Thanks @SandeepKumar. I have accepted the answer but I had to wait 5 minutes to do that. – user1559230 Aug 06 '12 at 04:59
  • thanks to you also bcoz of this question i learned a new thing...that i will not mistake – sandeepKumar Aug 06 '12 at 05:02
  • possible duplicate of [Strict Standards: Only variables should be passed by reference](http://stackoverflow.com/questions/2354609/strict-standards-only-variables-should-be-passed-by-reference) – Lorenz Meyer Jun 21 '14 at 08:36

3 Answers3

6

You're trying to do end() on an array which only exists within the context of that function call. Once that line of code is done, the array will cease to exist. Try this instead:

$bits = explode(".", $_FILES["file"]["name"])
$extension = end($bits);

That being said, this is a poor way to go about extracting a file extension, and is also highly insecure. The filename provided in the $_FILES array is the filename as given by the remote client. It is beyond trivial to forge that filename, allowing the user to upload 'nastyvirus.exe' but send out 'cutekittens.jpg' as the filename.

Do not EVER trust user-side data, particularly for file uploads. Use server-side MIME-type determination via fileinfo

Marc B
  • 356,200
  • 43
  • 426
  • 500
3

According to the manual, http://www.php.net/end

This array is passed by reference because it is modified by the function. This means you must pass it a real variable and not a function returning an array because only actual variables may be passed by reference.

So you should assign the explode result in a variable, and then end() on that one

periklis
  • 10,102
  • 6
  • 60
  • 68
0

If there is problem just because of end function then you can do following to get the extension of file :

$path_parts = pathinfo($fullPath);
$extension = strtolower($path_parts["extension"]);
Atul Rai
  • 242
  • 2
  • 10