PHP upload (MIME)

meghatronic

meghatronic

meghatronic

Soldato
Joined
24 Nov 2002
Posts
16,378
Location
38.744281°N 104.846806°W
Below is an extract of the upload code I'm using... I modified it such that it accepts ".rar" and office 2007 files.... but it still doesn't work. I can't seem to find information on the MIME file types for the new xml office files. Any joy?

Code: 
registered_types = array(
    "application/msword"            => ".doc",
    "application/pdf"            => ".pdf",
    "application/vnd.ms-powerpoint"            => ".ppt",
    "application/vnd.openxmlformats"            => ".docx, .pptx, .xlsx",
    "application/vnd.ms-excel"            => ".xls",
    "text/plain"                    => ".txt",
    "image/bmp"         => ".bmp",
    "application/x-zip-compressed"         => ".zip",
    "application/x-rar-compressed"         => ".rar",
    "image/gif"                 => ".gif",
    "image/pjpeg"                => ".jpg, .jpeg",
    "image/jpeg"                => ".jpg, .jpeg",

);

$allowed_types = array("application/msword","application/pdf","application/vnd.openxmlformats","application/vnd.ms-powerpoint","application/vnd.ms-excel","text/plain","image/bmp","image/gif","image/pjpeg","image/jpeg","application/x-zip-compressed","application/x-rar-compressed");
 
try this


change the /files/ and "files" to the dir your using and change the allowed items to suit.

Code: 
<?php
//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
//   You may change maxsize, and allowable upload file types.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
//Mmaximum file size. You may increase or decrease.
$MAX_SIZE = 200000000;
							
//Allowable file ext. names. you may add more extension names.			
$FILE_EXTS  = array('.jpg','.png','.gif','.doc','jpeg','bmp','mp3','wma',); 
//Allow file delete? no, if only allow upload only
$DELETABLE  = false;							   

//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
//   Do not touch the below if you are not confident.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/************************************************************
 *	 Setup variables
 ************************************************************/
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "[url="http://&quot;.$_SERVER"]http://".$_SERVER[/url]['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this =  "[url="http://&quot;.$_SERVER"]http://".$_SERVER[/url]['HTTP_HOST'].$_SERVER['PHP_SELF'];
$upload_dir = "files/";
$upload_url = $url_dir."/files/";
$message ="";
/************************************************************
 *	 Create Upload Directory
 ************************************************************/
if (!is_dir("files")) {
  if (!mkdir($upload_dir))
   die ("upload_files directory doesn't exist and creation failed");
  if (!chmod($upload_dir,0755))
   die ("change permission to 755 failed.");
}
/************************************************************
 *	 Process User's Request
 ************************************************************/
if ($_REQUEST[del] && $DELETABLE)  {
  $resource = fopen("log.txt","a");
  fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n");
  fclose($resource);
  
  if (strpos($_REQUEST[del],"/.")>0);				  //possible hacking
  else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking
  else if (substr($_REQUEST[del],0,6)==$upload_dir) {
	unlink($_REQUEST[del]);
	print "<script>window.location.href='$url_this?message=deleted successfully'</script>";
  }
}
else if ($_FILES['userfile']) {
  $resource = fopen("log.txt","a");
  fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
			.$_FILES['userfile']['name']." "
			.$_FILES['userfile']['type']."\n");
  fclose($resource);
  $file_type = $_FILES['userfile']['type']; 
  $file_name = $_FILES['userfile']['name'];
  $file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
  //File Size Check
  if ( $_FILES['userfile']['size'] > $MAX_SIZE) 
	 $message = "The file size is over 2MB.";
  //File Extension Check
  else if (!in_array($file_ext, $FILE_EXTS))
	 $message = "Sorry, $file_name($file_type) is not allowed to be uploaded.";
  else
	 $message = do_upload($upload_dir, $upload_url);
  
  print "<script>window.location.href='$url_this?message=$message'</script>";
}
else if (!$_FILES['userfile']);
else 
 $message = "Invalid File Specified.";
/************************************************************
 *	 List Files
 ************************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
   if(!is_dir($file) && !is_link($file)) {
	  $filelist .= "<a href='$upload_dir$file'>".$file."</a> - URL: <b>$upload_url$file</b>";
	  if ($DELETABLE)
		
	  $filelist .= " Added at  ".date("d-m H:i", filemtime($upload_dir.$file))
				   ."";
$filelist .= " <a style='text-decoration:none; font-weight:bold'  href='?del=$upload_dir".urlencode($file)."' title='delete'>x</a>";
	  $filelist .="<br>";
   }
}
function do_upload($upload_dir, $upload_url) {
 $temp_name = $_FILES['userfile']['tmp_name'];
 $file_name = $_FILES['userfile']['name']; 
  $file_name = str_replace("<A href="file://\\","",$file_name">\\","",$file_name);
  $file_name = str_replace("'","",$file_name);
 $file_path = $upload_dir.$file_name;
 //File Name Check
  if ( $file_name =="") { 
   $message = "Invalid File Name Specified";
   return $message;
  }
  $result  =  move_uploaded_file($temp_name, $file_path);
  if (!chmod($file_path,0777))
	$message = "change permission to 777 failed.";
  else
	$message = ($result)?"$file_name was uploaded successfully." :
			"Something is wrong with uploading the file.";
  return $message;
}
?>

<html>
<head>
<title>twoblacklines pic hosting </title>
<link rel=stylesheet href=style.css>
</head>
<body>
<br><br>
<center>
   <font color=red><?=$_REQUEST[message]?></font>
   <br>
   <form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
	 Upload File <input type="file" id="userfile" name="userfile">
	 <input type="submit" name="upload" value="Upload">
   </form>
   
   <br><b><u>Uploaded files:</b></u><br><br>
   <?=$filelist?><br>
   <a style="text-decoration:none" href="<A href="http://www.twoblacklines.com">twoblackines</a">http://www.twoblacklines.com">twoblackines</a>
   </sup></small>
</center>
 
You must log in or register to reply here.
Back
Top Bottom