currently my processing uploaded files looks like this: however, that ALWAYS returns the error on the type. so i know it doesn't return it as 'image/jpeg' like i expected. does anyone know how it does denote them? [u]i would prefer to know how it denotes them than to have someone fix the code</u> , because by being told how it denotes them i can avoid this problem in the future


internships are for the inexpereinced, yet corproations award them only to those with experience. then corporations complain about the lack of experience in the emerging workforce.

corporations need to get logical.

__________________
internships are for the inexperienced, yet corproations award them only to those with experience. then corporations complain about the lack of experience in the emerging workforce.

corporations need to get logical.

Well that's because there is more than one way the JPEG file type is denoted.

image/pjpeg
image/jpeg
image/jpg

Your guess is as good as mine. I never really found a good source that tells all about this. Another clue for me came from phpinfo() output under the HTTP_ACCEPT line.

And then of course when delveloping you can always echo out the file type to know for certain what it is.

hth
: )
Rich


:::::::::::::::::::::::::::::::::
Smiling Souls
http://www.smilingsouls.net
:::::::::::::::::::::::::::::::::

ick. this is to let people upload photos. it's not working when i use the form in either ie 6.0 or mozilla 1.3.1 (the two i'm using to test) on windows me (i figure the vast majority of users will be on windows using ie 5.5 or 6.0, and that the next largest group will be using mozilla.)

you wouldn't happen to know a way i could parse the begining of the file to check type? i know windows is the only operating system that's too stupid to do that (hence the reliance on extension) and i know some of the less computer savy people i know are stupid enough to think changing the extension from .bmp to .jpg will magically encode to jpeg (hence why i do not want to check by the final extension).

i've also played with some other sites to see how they do it.... facethejury only alows photo.extension and checkd the extention is .jpg (case insensitive) and i've fooled it by changing extensions when idiot testing them to see if i was right on how they check) i noticed ratemybody is slightly better. the look at what's after the last . (so you can have photo.date.extension) and use case insensitive matching for .jpg .jpe and .jpeg...but they also failed the idiot testing. i want to pass the idiot testing... which means parsing the file or using the browser (which the idiots wont know how to adjust what's sent) ... ofcourse that also relies on the browser to try to gueess at it.. umm... would anyone be willing to teach me how to parse the begining of the file for that?

internships are for the inexperienced, yet corproations award them only to those with experience. then corporations complain about the lack of experience in the emerging workforce.

corporations need to get logical.

I don't believe that PHP is capable of doing this. You pretty much have to upload the whole file to check what's in it server-side. You might check into JavaScript.

What you are wanting to look at is the Content-Type: header at the start of the file. Which will contain the image/jpeg or image/pjpeg, etc attribute.

A picture file has this structure:

//headers
//data

Since your images are stored in the PHP Temp directory and are deleted from that directory at the end of a script you should be able to get by fine on uploading the whole file, then checking the file type attribute which is the content-type header I was talking about, this becomes $_FILES["userfile"]["type"] upon upload. Where userfile is the name of the field. And then moving the file elsewhere upon successful authentication. This header information isn't going to be changed if someone just changes the extension on a file.

Otherwise I suggest you check into JavaScript to check that header information client-side. Best to do it on both sides though. Lest you run into security issues.

If your upload isn't working in IE 6, you probably have an HTML error. Post some code.

: )
Rich



:::::::::::::::::::::::::::::::::
Smiling Souls
http://www.smilingsouls.net
:::::::::::::::::::::::::::::::::

I really don't think that JavaScript is even capable of doing this. Because then you would need to be able to open and read a file on a user's machine. Which would be an incredible security risk. So I don't think that would work either. (Brainfart)... Your only solution on this is going to be server-side!~ You can validate the entry in the upload field with JavaScript, to see that it has (at least) the proper extension though. This is probably what you're finding on sites which only check the extension.

: )
Rich

:::::::::::::::::::::::::::::::::
Smiling Souls
http://www.smilingsouls.net
:::::::::::::::::::::::::::::::::

If you want to check if the file that is being uploaded is a jpeg do this:

<?

$fileType = (string) $_FILES[$key]['type'];
if(strchr($fileType,"jpeg") || strchr($fileType,"jpg")) {
         //file is a jpeg file }
else {
         //upload jpges only }



the genuine genius

Okay, been out of town, but better late than never.

Why not use the GD (image processing) library to find out if the file is really an image file or not?

For example:
Another example:
if(FALSE === (exif_imagetype($filename)))
{
  // error, not an image
}
else
{
  // valid image
}

For more info, read:
    http://www.php.net/image
    http://www.php.net/getimagesize
    http://www.php.net/exif_imagetype


Take care,

Nik
http://www.bigaction.org/

Checking $_FILES[file]['type'] isn't fool-proof. Not all browsers will set the mime type of the incoming file.


Take care,

Nik
http://www.bigaction.org/