[Resolved] [PHP] Need Help with Restricting Filetype on Upload

[deleted984054565403]

 Need Help with Restricting Filetype on Upload[/b]

:hi:

I own a small site that uses a PHP script called Encode Explorer. I use it to display folders and uploaded files; it's a file sharing site for very small (~3 KB) car setup files for the game NASCAR Racing 2003 Season. I allow members to navigate to the proper track folders and upload their small .SIM (setup) file to that folder. Recently, though, I've run into some vandalism problems on my website. It's kind of expected, though, since the uploading script/folder browser I use doesn't restrict the filetype when uploading. If possible, I'd only like .SIM files uploaded. I've had problems with people uploading JPGs and other images, as well as a suspicious-looking PHP script that I don't want in there.

The problem is, though, the script is written in half English and half Estonian. If someone knows PHP well enough, I'm pretty sure you could figure out what's going on and how to restrict filetype to .sim. Or, perhaps, only allow .sim files to be selected and visible when the browse button is clicked. Whatever is easier.

I'll pay $5 Paypal for the solution to this problem. :tu:

Source is in here: [url]http://luvender.com/sswap/[/url]
Live site: [url]http://setupswap.com/[/url]

Any help is appreciated! :gl:
Steve

 

[Dotmainer]

Hi Steve,

could you please rename that source to something like .php_sav ,
if we should view source (if there isnt secret stuff in ! ).

Because its .php its everytime excuted by server, so its not possible to view source.


Zoran
-

 

[deleted984054565403]

Hi Steve,

could you please rename that source to something like .php_sav ,
if we should view source (if there isnt secret stuff in ! ).

Because its .php its everytime excuted by server, so its not possible to view source.


Zoran
-

I knew that :red:

Should be .TXT now.

 

[Dotmainer]

Hi Steve,

you can download it here:

http://www.webtulum.com/000/

Its a quick solution, so maybe someone else should look over that too,
four eyes are better than two

Changes that i made are marked by word zoki.

-->

$lang_en = array
...
"wrong_file_type" => "Wrong file type"

Added error message when wrong file name.

//$FILE_EXTS = array('.zip','.jpg','.png','.gif');
$FILE_EXTS = array('.sim');

First is commented out, but leaved it to be example of allowed types.

// zoki
$file_name = $_FILES['userfile']['name'];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
if(!in_array($file_ext, $FILE_EXTS))
{
$veateade = $lang["wrong_file_type"];

Gets filename, then extension from that, and if not in that array ($FILE_EXTS) then sets $veateade (seems for me like errorvariable) to definded errormessage.

Thats it.



-

 

[deleted984054565403]

Hi Steve,

you can download it here:

http://www.webtulum.com/000/

Its a quick solution, so maybe someone else should look over that too,
four eyes are better than two

Changes that i made are marked by word zoki.


-

Perfect!

Thanks, Zoran! Please PM me your Paypal email.

 

[Dotmainer]

Have edited my previous post, so you have some explanation there.

... can i send you 50NP$ ... so you can buy one (more) of that qumks ribbons ?
or if you need NP$ send that directly to him .... lets do something good for him and us


Zoran
-

 

[deleted984054565403]

Have edited my previous post, so you have some explanation there.

... can i send you 50NP$ ... so you can buy one (more) of that qumks ribbons ?
or if you need NP$ send that directly to him .... lets do something good for him and us


Zoran
-

Good idea! Hold on to your $50 NP.

Thanks for all your help (+rep... looks like it got you another green square :hehe