Upload Form Problem

[gold2040]

Hey everyone

I stuck a validation script for an upload form so that you can only upload images. It works when you try to upload a file which is not an image but when you upload a image it says

Possible file upload attack! Here's some debugging info:
Array
(
[uploadfile] => Array
(
[name] => abandongame button.gif
[type] => image/gif
[tmp_name] => /tmp/phpGEtdHo
[error] => 0
[size] => 1062
)

)

Here's the code for the upload form

HTML Code:

<form enctype="multipart/form-data" action="upload.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="1048576" />
<input type=file name=uploadfile>
<input type=button name="Submit" value="Submit" onclick="LimitAttach(this.form, this.form.uploadfile.value)">
</form>

The Upload File

PHP Code:

<?php
$uploadDir = '/home/abandonw/public_html/submit/screenshots/boxcovers/';
$uploadFile = $uploadDir . $_FILES['userfile']['name'];
print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadFile))
{
    print "The box cover was succesfully uploaded. ";
    print "Here's some more debugging info:\n";
    print_r($_FILES);
}
else
{
    print "Possible file upload attack!  Here's some debugging info:\n";
    print_r($_FILES);
}
print "</pre>";
?>

and here's the actual script from the Javascript Source

HTML Code:

<SCRIPT LANGUAGE="JavaScript">
<!-- Original:  ArjoGod, Shauna Merritt -->
<!-- Modified By:  Ronnie T. Moore, Editor -->

<!-- This script and many more are available free online at -->
<!-- The JavaScript Source!! http://javascript.internet.com -->

<!-- Begin
extArray = new Array(".gif", ".jpg", ".png");
function LimitAttach(form, file) {
allowSubmit = false;
if (!file) return;
while (file.indexOf("\\") != -1)
file = file.slice(file.indexOf("\\") + 1);
ext = file.slice(file.indexOf(".")).toLowerCase();
for (var i = 0; i < extArray.length; i++) {
if (extArray[i] == ext) { allowSubmit = true; break; }
}
if (allowSubmit) form.submit();
else
alert("Please only upload files that end in types:  " 
+ (extArray.join("  ")) + "\nPlease select a new "
+ "file to upload and submit again.");
}
//  End -->
</script>

any help apprechiated

Tom Evans

[Twey]

Using that there Javascript to validate it is a bad idea. Try checking if the image type starts with "image/" in the PHP code. This is also more reliable than checking by extension.

[gold2040]

Hi

Sorry but as i'm a bit of a newbie to PHP where would I specify the image type in the PHP code

Cheers

Tom Evans

[Twey]

You don't specify the image type, you check the image type.

PHP Code:

<?php
if(strpos($_FILES['userfile']['type'], "image/") === 0) {
  // It's an image.  Handle the rest of the upload process.
} else {
  // It isn't an image.  Die with an error.
}
?>