This topic is locked

Uploaded files control : restricting type and size.

11/22/2006 11:50:39 PM
PHPRunner General questions
D
dsaunier author

Hi

Could not seem to find the option within PHPRunner nor an answer anywhere on this forum I guess it must be a common issue ?

For obvious security reasons I'd like to check that files uploaded through PHPRunner in my "image" section are positively a JPG, JPEG or PNG type, and possibly that they have a max size of 2 Mb for example.

The file type control is the most crucial obviously, to prevent unvoluntary errors...or worse.
How can that simple check be implemented for an upload field ?
Thank you.

Alexey admin 11/27/2006

Hi,
you can put this checking into generated include\commonfunctions.php file.

Find this line there:

$file_move = array($file['tmp_name'],GetUploadFolder($field).$value);



and put your checking just after.

Here is the sample code:

if($file["size"]>2048*1024)

return false;

$ext = substr($file["name"], strlen($file["name"])-4);

$ext=strtoupper($ext);

if($ext!=".JPG" && $ext!="JPEG" && $ext!=".GIF" && $ext!=".PNG")

return false;

D
dsaunier author 12/8/2006

Thanks, will try that code, however if I may suggest that would be a really needed improvement in a future version :

checking boxes or entering a few infos to determine the type of file and their max size that can be uploaded through phprunner-generated interfaces...
Best regards.

Alexey admin 12/11/2006

Hi,
thank you for sharing your idea.

We'll add it to our suggestion list.