0

I'm writing a PHP code that allows the user to select and upload an image. In the code, I specified the required image formats. Here's the situation...all formats are able to be uploaded except .jpg formats which I specifically included in the code

here's the code

<?php

echo <<<_END

<html>

    <head><title>PHP Form Upload</title></head>

    <body>

        <form method='post' action='upload.php' enctype='multipart/form-data'>

            Select PNG GIF TIF JPG File: <input type='file' name='filename' size='10'>
                    <br>
                <input type='submit' value='Upload'>

        </form>

_END;

if ($_FILES)
{

    $name = $_FILES['filename']['name'];

    switch ($_FILES['filename']['type']) {
        case 'image/jpg': $ext = 'jpg';
            break;
        case 'image/gif': $ext = 'gif';
            break;
        case 'image/png': $ext = 'png';
            break;  
        case 'image/tif': $ext = 'tif';
            break;  
        default:          $ext = '';
            break;
    }



    if ($ext) {
        $n = 'image.$ext';
        move_uploaded_file($_FILES['filename']['tmp_name'], $n);
        echo "Uploaded image '$name' as '$n': <br>";
        echo "<img src = $n > ";
    }

        else echo "'$name' is an Unaccepted file";

}
        else echo "No image Uploaded";


    echo "</body></html>";

?>
Clement Tino
  • 9
  • 2
  • 1
    https://stackoverflow.com/questions/33692835/is-the-mime-type-image-jpg-the-same-as-image-jpeg – u_mulder Jun 15 '20 at 14:20
  • 1
    Additionally you need to correct the condition. `if ($ext !== 'jpg') { doStuff(); } else { notAllowed(); }` – Markus Zeller Jun 15 '20 at 14:31
  • 1
    Also you can specify which filetypes the [browser should accept](https://stackoverflow.com/questions/5796537/input-type-file-limit-selectable-files-by-extensions). – Markus Zeller Jun 15 '20 at 14:34
  • 1
    `var_dump($_FILES)` and debug a little more. Also note that this doesn't prevent the user in any way from uploading something completely different; the `$_FILES` MIME type is voluntary information provided by the browser and can be spoofed any which way. – deceze Jun 15 '20 at 14:43

0 Answers0