I'm trying to upload a file and it's telling me I have the wrong extension.

Now I'm blocking everything but the extension but I'm giving it the right file and it's not allowing it through, why??

The file I am tring to upload is
C:\Users\me\my file.atn

The error I am getting is:
The file you are attempting to upload has the wrong extension.



$userfile = $_FILES['action_id']['name'];
$file_size = $_FILES['action_id']['size'];
$file_temp = $_FILES['action_id']['tmp_name'];
$file_err = $_FILES['action_id']['error'];
$path = '../../downloads/photoshop/temp_actions/';

// Create a new file name
// This is so if other files on the server have the same name, it will be renamed
$randomizer = rand(0000, 9999);
$file_name = $randomizer.$userfile;

// Get the file type
// Using $_FILES to get the file type is sometimes inaccurate, so we are going
// to get the extension ourselves from the name of the file
// This also eliminates having to worry about the MIME type
$file_type = $userfile;
$file_type_length = strlen($file_type) - 3;
$file_type = substr($file_type, $file_type_length);

if(!empty($userfile)) {
echo 'File Uploaded Information
<ul>
<li>File being uploaded: ' .$userfile. '</li>
<li>File Type: .' .$file_type.'</li>
<li>File Size: ' .$file_size. 'KB </li>
<li>File Error: ' . $file_err. '</li>
</ul>';

// limit the size of the file to 20MB
if($file_size > 20971520) {
echo '<font color="#F0B80F"><b>The file you are trying to upload is too large. Please restrict your file to at least 20MB </b></font><BR />';
exit();
}

// Set allowed file types
// Set case of all letters to lower case
$file_type = strtolower($file_type);
$files = array();
$files[] = 'atn';
$files[] = 'aaa';
$files[] = 'bbb';
// Search the array for the allowed file type
$key = array_search($file_type, $files);
if($key) {
echo '<b>The file you are uploading is allowed. </b><br />';
} else {
echo '<font color="#F0B80F"><b>The file you are attempting to upload has the wrong extension. </b></font><br />';
exit();
}

// Check for errors and upload the file
$error_count = count($file_error);
if($error_count > 0) {
for($i = 0; $i <= $error_count; ++$i) {
echo $_FILES['action_id']['error'][$i];
}
} else {
if(move_uploaded_file($file_temp, '../../downloads/photoshop/temp_actions/' .$file_name.'')) {
echo 'Thank you for your contribution. You should see your action on the site within 24 hours.';
} else {
echo '<font color="#F0B80F"><b>Whoops look like there was a mistake during your upload. Please try again.</b></font>';
}
}

} else {
echo '<font color="#F0B80F"><b>No file has been selected.</b></font>';
}

hi...
i think its file name problem...

ur file name having space in the middel of the name...

(or)

where u mentioned ur file extentions.....atn is not the file extention(what i know)...try ro check again..

atn is not the file extention(what i know)

http://www.liutilities.com/products/winbackup/filextlibrary/files/ATN/

So because windows doesn't know the file, php can't process it?

I just tried to change the extensions allowed to a jpg and tried to upload a jpg and I got the same error.
I even tried to


$files[] = 'image/jpg';

still not working

Its jpeg.

If it is jpeg, then you're going to need to restructure your code - at the moment you're taking away 3 from the string to be left with the extension. That's not going to work if you have a file like jpeg which is 4 characters long =/

Well I did jpg as a test just to see if it would allow the file to be uploaded. but it didnt work.

The file I need ends with .atn,

Is there anything wrong with the code?

Try what Nile said, and make it jpeg instead of jpg.

Try what Nile said, and make it jpeg instead of jpg.


No, .jpeg did not work. And yes I changed
strlen($file_type) - 4;

Anything else I could do or try????

If someone else has any ideas I still need help with this.

Below is the output of print_r($files);



Array ( [0] => atn [1] => aaa [2] => bbb )

I can't resist letting you figure this one out from here...

But I will give you a hint. Never use array_search to check the values in a numerically indexed array.

And if you would like to use the code below, feel free.


$allowed_ext = array("txt", "doc", "pdf"); // Allowed file extensions


$allowed_type = array("text/plain", "application/msword", "application/pdf");


$tmp_name = $_FILES['text']['tmp_name'];


$file_name = basename($_FILES['text']['name']); // File name ex: 'theme.doc'

// I think this is the best way to get a files extension:
$ext = substr($file_name, strrpos($file_name, '.') + 1); // File extension ex 'txt'

if ( !in_array($ext, $allowed_ext) ) { // Check for allowed file extension

$errors[] = "<p class='error'>Uploaded text files must have a .txt or .doc extension. Your file's extension is being reported as $ext .</p>";

}

J

Below is the output of print_r($files);



Array ( [0] => atn [1] => aaa [2] => bbb )

I can't resist letting you figure this one out from here...

But I will give you a hint. Never use array_search to check the values in a numerically indexed array.

And if you would like to use the code below, feel free.


$allowed_ext = array("txt", "doc", "pdf"); // Allowed file extensions


$allowed_type = array("text/plain", "application/msword", "application/pdf");


$tmp_name = $_FILES['text']['tmp_name'];


$file_name = basename($_FILES['text']['name']); // File name ex: 'theme.doc'

// I think this is the best way to get a files extension:
$ext = substr($file_name, strrpos($file_name, '.') + 1); // File extension ex 'txt'

if ( !in_array($ext, $allowed_ext) ) { // Check for allowed file extension

$errors[] = "<p class='error'>Uploaded text files must have a .txt or .doc extension. Your file's extension is being reported as $ext .</p>";

}

J



AS much as I would love to work this out on my own I do not know enough yet and FWIW the code above does not work correctly. I can still upload files that I am trying to restrict.

:mad::mad::mad:

I am getting so frustrated with this damn page. Nothing is working. I have tried about 7 different ways to restrict files and nothing is freaking working here.

:mad::mad:

I struggled with file uploads and validation too. Don't get frustrated. You'll get it.

This is your $files array: Array ( [0] => atn [1] => aaa [2] => bbb )

Notice how 'atn', the file extension you want to allow, has a key of zero?

When you are using array_search, it returns the key of the value you are searching for, if the value exists. Your code on the first page works, but when you do:


if($key) { // if ( the key of value 'atn' ) LOOK AT THE FIRST LINE OF
// OF THIS POST. ZERO IS FALSE.

echo '<b>The file you are uploading is allowed. </b><br />';

} else {

echo '<font color="#F0B80F"><b>The file you are attempting to upload has the wrong extension. </b></font><br />';

exit();

}

Look at the code below and run it for an example:



$ext = 'atn';

$files = array('atn', 'bbb', 'ccc');

$key = array_search($ext, $files);

if ( $key )
echo 'Ok to upload';
else
echo 'Cannot upload because ' . $key . ' must evalute to false';

exit;



And FWIW the code I posted works perfectly. Of course it needs to be changed to fit into your script.

There is a book I really liked called PHP 6 and MySQL 5..

http://www.amazon.com/PHP-MySQL-Dynamic-Web-Sites/dp/032152599X

It helped me a lot. It is easy to read and it covers code just like you are trying to write. You should get a copy.

Okay I don't know how or why this is doing this but I am able to restrict the files being uploaded and the ones that are are allowed but it's working backwards...

The extensions that listed are not allowed and they do not upload but the everything else is allowed and is uploaded.

What do I have backwards?



//If no errors registred, print the success message and show the thumbnail image created
if(isset($_POST['Submit']) && !$errors)
{
//This makes sure they did not leave any fields blank
if (!$_POST['uploader_name']) {
die('<font color="#F0B80F"><b>We need your name so we know who uploaded the action.</b></font>');
}
if (!$_POST['uploader_email']) {
die('<font color="#F0B80F"><b>I think you forgot to add your email address. Please go back and try again.</b></font>');
}
if (!$_POST['action_desc']) {
die('<font color="#F0B80F"><b>It looks like you forgot to tell us about your action.</b></font>');
}


//Makes sure the email address is valid
if (!preg_match("/.*@.*..*/", $_POST['uploader_email']) ||
preg_match("/(<|>)/", $_POST['uploader_email'])) {
die('<font color="#F0B80F"><b>The e-mail address you entered is invalid.</b></font>');
}




//grabs the file and uploads it to ../../downloads/photoshop/temp_actions/
//if (move_uploaded_file ($_FILES['action_id']['tmp_name'], "../../downloads/photoshop/temp_actions/{$_FILES['action_id']['name']}")){
// print '<p> Thank you for your contribution to this site.';

# Now we make sure that the file being uploaded is the correct file and it is allowed.

$userfile = $_FILES['action_id']['name'];
$file_size = $_FILES['action_id']['size'];
$file_temp = $_FILES['action_id']['tmp_name'];
$file_err = $_FILES['action_id']['error'];
$path = '../../downloads/photoshop/temp_actions/';

// limit the size of the file to 20MB
if($file_size > 20971520) {
echo '<font color="#F0B80F"><b>The file you are trying to upload is too large. Please restrict your file to at least 20MB </b></font><BR />';
exit();
}

// Create a new file name
// This is so if other files on the server have the same name, it will be renamed
$randomizer = rand(00, 99);
$file_name = $randomizer. '_' .$userfile;

// Get the file type
// Using $_FILES to get the file type is sometimes inaccurate, so we are going
// to get the extension ourselves from the name of the file
// This also eliminates having to worry about the MIME type
$file_type = $userfile;
$file_type_length = strlen($file_type) - 3;
$file_type = substr($file_type, $file_type_length);

if(!empty($userfile)) {
echo 'File Uploaded Information
<ul>
<li>File being uploaded: ' .$userfile. '</li>
<li>File Type: .' .$file_type.'</li>
<li>File Size: ' .$file_size. ' KB </li>
<li>File Error: ' . $file_err. '</li>
</ul>';



// Set allowed file types
// Set case of all letters to lower case
$file_type = strtolower($file_type);
$files = array("txt", "doc", "pdf"); // Allowed file extensions
$allowed_type = array("text/plain", "application/msword", "application/pdf");

// Search the array for the allowed file type
$ext = substr($userfile, strrpos($userfile, '.') + 1); // File extension ex 'txt'

if ( !in_array($ext, $files) ) { // Check for allowed file extension

echo '<b>The file you are uploading is allowed. </b><br />';
} else {
echo '<font color="#F0B80F"><b>The file you are attempting to upload has the wrong extension. </b></font><br />';
exit();
}

// Check for errors and upload the file
$error_count = count($file_error);
if($error_count > 0) {
for($i = 0; $i <= $error_count; ++$i) {
echo $_FILES['action_id']['error'][$i];
}
} else {
if(move_uploaded_file($file_temp, '../../downloads/photoshop/temp_actions/' .$file_name.'')) {
echo 'Thank you for your contribution. You should see your action on the site within 24 hours.';
} else {
echo '<font color="#F0B80F"><b>Whoops look like there was a mistake during your upload. Please try again.</b></font>';
}
}

} else {
echo '<font color="#F0B80F"><b>No file has been selected.</b></font>';
}

Here is a problem:


if ( !in_array($ext, $files) ) { // if NOT in array. See the !

echo '<b>The file you are uploading is allowed. </b><br />';

} else {
echo '<font color="#F0B80F"><b>The file you are attempting to upload has the wrong extension. </b></font><br />';
exit();
}


Try to understand well the code below. If you have any questions about it, let me know.


<?php

$errors = array(); // Initialize an errors array

// Do whatever error checking you want here.
// When you find an error, set a message for it in the $errors array
// $errors[] = 'The error message';

$file_name = 'test.atn'; // This is the name of the uploaded file

$allowed_ext = array('atn', 'aaa', 'bbb'); // Allowed extenstions

$ext = strtolower(substr($file_name, strrpos($file_name, '.') + 1)); // Uploaded extenstion ex 'atn'

if ( !in_array($ext, $allowed_ext) ) {

// The uploaded file's extension is NOT in the allowed extension's array
// So set an error in the $errors array.

$errors[] = "$ext is not allowed";

}

if ( empty($errors) ) { // If the errors array is empty, there are no errors, so upload

// UPLOAD THE FILE
echo ' FILE IS OK';

}

if ( !empty($errors) ) { // Check to see if there were errors and echo them to the user

foreach ( $errors as $error ) {

echo $error . '<br />';

}

}

Check out Page 279 of O'Reilly Head First PHP and MySQL

http://www.amazon.com/Head-First-MySQL-Brain-Friendly-Guide/dp/0596006306

I think the Head First books are really good. If you can get a copy from the library, that would be great.

Check out Page 279 of O'Reilly Head First PHP and MySQL

http://www.amazon.com/Head-First-MySQL-Brain-Friendly-Guide/dp/0596006306

I think the Head First books are really good. If you can get a copy from the library, that would be great.



Are you saying that I'm useless with out you??? hahaha

BTW I have the book.

Okay so I got it to say the correct things with someone uploads a file but requardless of the file name the file still uploads even though it says it is the wrong file type

$userfile = $_FILES['action_id']['name'];
$file_size = $_FILES['action_id']['size'];
$file_temp = $_FILES['action_id']['tmp_name'];
$file_err = $_FILES['action_id']['error'];
$path = '../../downloads/photoshop/temp_actions/';

// limit the size of the file to 20MB
if($file_size > 20971520) {
echo '<font color="#F0B80F"><b>The file you are trying to upload is too large. Please restrict your file to at least 20MB </b></font><BR />';
exit();
}

// Create a new file name
// This is so if other files on the server have the same name, it will be renamed
$randomizer = rand(00, 99);
$file_name = $randomizer. '_' .$userfile;

// Get the file type
// Using $_FILES to get the file type is sometimes inaccurate, so we are going
// to get the extension ourselves from the name of the file
// This also eliminates having to worry about the MIME type
$file_type = $userfile;
$file_type_length = strlen($file_type) - 3;
$file_type = substr($file_type, $file_type_length);

if(!empty($userfile)) {
echo 'File Uploaded Information
<ul>
<li>File being uploaded: ' .$userfile. '</li>
<li>File Type: .' .$file_type.'</li>
<li>File Size: ' .$file_size. ' KB </li>
<li>File Error: ' . $file_err. '</li>
</ul>';


$errors = array(); // Initialize an errors array

// Set allowed file types
// Set case of all letters to lower case
$file_type = strtolower($file_type);
$files = array("atn"); // Allowed file extensions
$allowed_type = array("text/plain", "application/msword", "application/pdf");

// Search the array for the allowed file type
$ext = strtolower(substr($userfile, strrpos($userfile, '.') + 1));

if ( !in_array($ext, $files) ) { // Check for allowed file extension

$errors[] = '<font color="#F0B80F"><b>The file you are trying to upload has the wrong extension.';

}


if ( empty($errors) ) { // If the errors array is empty, there are no errors, so upload

// UPLOAD THE FILE
echo 'Thank you for your contribution. <br>You should see your action on the site within 24 hours.';
}

if ( !empty($errors) ) { // Check to see if there were errors and echo them to the user

foreach ( $errors as $error ) {
echo $error . ' Please choose another file. </b></font><br />';

}

}


# echo '<b>The file you are uploading is allowed. </b><br />';
# } else {
# echo '<font color="#F0B80F"><b>The file you are attempting to upload has the wrong extension. </b></font><br />';
# exit();
#}

// Check for errors and upload the file
$error_count = count($file_error);
if($error_count > 0) {
for($i = 0; $i <= $error_count; ++$i) {
echo $_FILES['action_id']['error'][$i];
}
} else {
if(move_uploaded_file($file_temp, '../../downloads/photoshop/temp_actions/' .$file_name.'')) {
echo '';
} else {
echo '<font color="#F0B80F"><b>Whoops look like there was a mistake during your upload. Please try again.</b></font>';
}
}

} else {
echo '<font color="#F0B80F"><b>No file has been selected.</b></font>';
}

Are you saying that I'm useless with out you??? hahaha

BTW I have the book.

I was just trying to help.

If you have the book, read it. They do exactly what you are trying to do here. Good luck.