What is the difference between $_FILES[file][type] and end(explode(., $_FILES[file][name]))
You're absolutely correct. The MIME type is provided by the client and you cannot guarantee it is correct. For that matter, so is the file extension. If you need to be completely sure, you need to look at the file contents.
exploding a file name to separate the name and extension won't work in PHP?
You're forcing your resulting array to have 1 element, which causes it to have the entire filename.
explode( '.', $ext, 1 )
should instead be
explode( '.', $ext );
Proof: http://codepad.org/01DLpo6H
How to get a file's extension in PHP?
People from other scripting languages always think theirs is better because they have a built-in function to do that and not PHP (I am looking at Pythonistas right now :-)).
In fact, it does exist, but few people know it. Meet pathinfo():
$ext = pathinfo($filename, PATHINFO_EXTENSION);
This is fast and built-in. pathinfo() can give you other information, such as canonical path, depending on the constant you pass to it.
Remember that if you want to be able to deal with non ASCII characters, you need to set the locale first. E.G:
setlocale(LC_ALL,'en_US.UTF-8');
Also, note this doesn't take into consideration the file content or mime-type, you only get the extension. But it's what you asked for.
Lastly, note that this works only for a file path, not a URL resources path, which is covered using PARSE_URL.
Enjoy
PHP - What is the best method to check a file extension, as well as determine the true file type?
This is the correct way to read an extension:
$ext = pathinfo($name, PATHINFO_EXTENSION);
The correct way to check if something is an image is to try and read it with an image tool, such as imagemagick or GD. GD is easier, but imagemagick is better at handling big images, such as one uploaded from a 12 megapixel camera.
If you're worried a jpg is really an exe, the only way to safely process it is to read it as a jpg and try to create a new jpg (typically resizing it at the same time). Gmail does this with image attachments.
Also beware a real jpeg might have some kind of exploit, so even if it is an image it is not safe to just pass it onto the user anyway. You really should resize it to create a new "safe" jpeg and then give that to the user. You could make a new jpg the same size if you want, but passing the original data on to other users is dangerous.
I wouldn't even allow an admin user for your website to access a jpg uploaded by a random internet user. It could be used to hack into the admin's PC.
MAMP on Windows gives empty $_FILES on basic file upload
I tried it with a different .mov file and the upload now recognizes the file. I'm not sure what the difference between those two files are that would cause one to not be recognized/uploaded at all while the other works, but when I find out I will update this answer.
UPDATE:
Turns out there are two settings in php.ini that need to be tweaked that affect the allowed file size. One being the specific one of upload_max_filesize and the other being general to the size of the entire post request itself: post_max_size.
The post_max_size setting doesn't show an error on the page with error_reporting(E_ALL); ini_set('display_errors', 1);, but will put it in the php error log. It will actually be a warning and look something like this:
PHP Warning: POST Content-Length of 8708224 bytes exceeds the limit of 8388608 bytes in Unknown on line 0
I believe the default size is 8M for that setting.
File upload not working for all files
For that file "Holidays.docx'" it seems to me that file exceeds upload_max_filesize. At least that is what the var_dump said about $_FILES['file']['error'] which is equal to 1 (UPLOAD_ERR_INI_SIZE)
You should chech php.ini settings upload_max_filesize and post_max_size because that is the actual limit of how large file can be uploaded to server. By default upload_max_filesize = 2M so your 5MB limit means nothing.
Also you can use ini_get('upload_max_filesize'); to get runtime setting.
If you are unsure where is your php.ini configuration file located use phpinfo().
Also to know about is that PHP will return $_FILES['file']['size'] equal to 0 if file exceeds file size limit - which is exactly what happened.
So IMO everything is working as it should be. You should post more var_dump() infos for other files that don't upload.
Also to note, you don't check file extensions in case-insensitive manner so files with extensions like .DOCX will not be accepted by your script.
PHP: filename without file extension- best way?
PHP has a handy pathinfo() function that does the legwork for you here:
foreach ($allowed_files as $filename) {
echo pathinfo($filename, PATHINFO_FILENAME);
}
Example:
$files = array(
'somefile.txt',
'anotherfile.pdf',
'/with/path/hello.properties',
);
foreach ($files as $file) {
$name = pathinfo($file, PATHINFO_FILENAME);
echo "$file => $name\n";
}
Output:
somefile.txt => somefile
anotherfile.pdf => anotherfile
/with/path/hello.properties => hello
Related Topics
I Want a Pagination to My Options Page of Wordpress Plugin
Routes in Codeigniter - Automatically
Upload Xls or Xlsx Files with Codeigniter, Mime-Type Error
Retrieving Get and Post Data Inside Laravel Controller
What Do \R and \N Mean in PHP (And Other Languages)
Reply-To Address in PHP Contact Form
Timestamps of Start and End of Month
Counting Values in Multidimensional Array
Convert a Big Integer to a Full String in PHP
Tinymce & Fancybox - Editor Won't Work on Second View
Codeigniter Redirect -- the Uri You Submitted Has Disallowed Characters
Iterating Through a Stdclass Object in PHP
Hide Added to Cart Message in Woocommerce
How to Disable PHP Magic Quotes at Runtime
Extract Dom-Elements from String, in PHP
Ssl Error Can Not Change to Tls