FAQ  |  Search  |  Register  |  Profile  |  Log in to check your private messages  |  Log in
Block certain file types on PHP upload

 
Post new topic   Reply to topic    Aprelium Forum Index -> PHP
View previous topic :: View next topic  
Author Message
Stefan_D
-


Joined: 21 Aug 2006
Posts: 4
PostPosted: Mon Aug 21, 2006 10:12 am    Post subject: Block certain file types on PHP upload Reply with quote
Hello,

maybe you guys can help me on this problem. I've a section on an internetsite where users can upload files. The directories all have a password and only certain users are allowed to enter the upload section. Everything is working perfect at the moment (users and passwords are created, php.ini has the correct file size limits, etc.) but I have one major problem:
People could possibly upload every file type to these directories (e.g. even .exe. / .php / .html / etc.). How can I block the upload of these file types?? I haven't found an option on the Abyss Webserver (X1) and I'm not really good with PHP. Maybe you can give me a hint - it shouldn't be that difficult - or am I wrong??

If it's not possible to restrict any file types either with the Webserver nor within the PHP script, I've to talk to the Website Programmer, so he can find a solution in his script - although I prefer to find a faster and easier solution (who doesn't). :)

Thanks for your help in advance...

Greetz,
Stefan

PS: The Abyss Webserver ist a great programm and very easy to configure. I really like it a lot. Congratulations!!!
Back to top View user's profile Send private message
aprelium
-


Joined: 22 Mar 2002
Posts: 6800
PostPosted: Mon Aug 21, 2006 11:03 am    Post subject: Re: Block certain file types on PHP upload Reply with quote
Stefan_D,

Thank you for your comments about Abyss Web Server.

Since the upload is done with a PHP script, the only solution is to check (in the script) the file type once uploaded and decide if you want to keep it or delete it.
_________________
Support Team
Aprelium - http://www.aprelium.com
Back to top View user's profile Send private message Send e-mail
Mikor
-


Joined: 21 Aug 2006
Posts: 144
Location: Hull, England
PostPosted: Mon Aug 21, 2006 11:38 am    Post subject: Reply with quote
Code:

$banned = array('.php','.html');
$block = false;

foreach($banned as item){
     if(ereg($item,strtolower($filename)){
          $block = true;
     }
}

if($block == true){
     die('Disallowed File Type');
}else{
     //Rest Of The Script Goes Here
}


To ban a filetype, just add it to the $banned array
_________________
Yarrt.com - Free Arcade
RypNet.co.uk - Online Game
MSN: michael_walker_2004 <at> hotmail <dot> com
Back to top View user's profile Send private message Send e-mail MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> PHP All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group