Reputation: 2284
How to limit file upload type file size in PHP?
I have an upload form and am checking the file size and file type to limit the uploaded file to 2 megabytes and either .pdf, .jpg, .gif or .png file types. My goal is to have an alert message displayed to the user if they violate one of these rules.
There are four scenarios:
- Correct Size / Correct Type (working)
- Correct Size / INCORRECT Type (working)
- INCORRECT Size / Correct Type (not working)
- INCORRECT Size / INCORRECT Type (not working)
With my current code, it always displays the incorrect "type" message when the file size is greater than 2 megabytes (#4), even if the file type is correct (#3).
Any ideas why?
if (isset ( $_FILES['uploaded_file'] ) ) {
$file_size = $_FILES['uploaded_file']['size'];
$file_type = $_FILES['uploaded_file']['type'];
if (($file_size > 2097152)){
$message = 'File too large. File must be less than 2 megabytes.';
echo '<script type="text/javascript">alert("'.$message.'");</script>';
}
elseif (
($file_type != "application/pdf") &&
($file_type != "image/jpeg") &&
($file_type != "image/jpg") &&
($file_type != "image/gif") &&
($file_type != "image/png")
){
$message = 'Invalid file type. Only PDF, JPG, GIF and PNG types are accepted.';
echo '<script type="text/javascript">alert("'.$message.'");</script>';
}
else {
store_uploaded_file($id);
}
}
Upvotes: 26
Views: 163648
Answers (5)
Reputation: 15903
Something that your code doesn't account for is displaying multiple errors. As you have noted above it is possible for the user to upload a file >2MB of the wrong type, but your code can only report one of the issues. Try something like:
if(isset($_FILES['uploaded_file'])) {
$errors = array();
$maxsize = 2097152;
$acceptable = array(
'application/pdf',
'image/jpeg',
'image/jpg',
'image/gif',
'image/png'
);
if(($_FILES['uploaded_file']['size'] >= $maxsize) || ($_FILES["uploaded_file"]["size"] == 0)) {
$errors[] = 'File too large. File must be less than 2 megabytes.';
}
if((!in_array($_FILES['uploaded_file']['type'], $acceptable)) && (!empty($_FILES["uploaded_file"]["type"]))) {
$errors[] = 'Invalid file type. Only PDF, JPG, GIF and PNG types are accepted.';
}
if(count($errors) === 0) {
move_uploaded_file($_FILES['uploaded_file']['tmpname'], '/store/to/location.file');
} else {
foreach($errors as $error) {
echo '<script>alert("'.$error.'");</script>';
}
die(); //Ensure no more processing is done
}
}
Look into the docs for move_uploaded_file() (it's called move not store) for more.
Upvotes: 48
Reputation: 21
Hope This useful...
form:
<form action="check.php" method="post" enctype="multipart/form-data">
<label>Upload An Image</label>
<input type="file" name="file_upload" />
<input type="submit" name="upload"/>
</form>
check.php:
<?php
if(isset($_POST['upload'])){
$maxsize=2097152;
$format=array('image/jpeg');
if($_FILES['file_upload']['size']>=$maxsize){
$error_1='File Size too large';
echo '<script>alert("'.$error_1.'")</script>';
}
elseif($_FILES['file_upload']['size']==0){
$error_2='Invalid File';
echo '<script>alert("'.$error_2.'")</script>';
}
elseif(!in_array($_FILES['file_upload']['type'],$format)){
$error_3='Format Not Supported.Only .jpeg files are accepted';
echo '<script>alert("'.$error_3.'")</script>';
}
else{
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["file_upload"]["name"]);
if(move_uploaded_file($_FILES["file_upload"]["tmp_name"], $target_file)){
echo "The file ". basename($_FILES["file_upload"]["name"]). " has been uploaded.";
}
else{
echo "sorry";
}
}
}
?>
Upvotes: 1
Reputation: 3172
var sizef = document.getElementById('input-file-id').files[0].size;
if(sizef > 210000){
alert('sorry error');
}else {
//action
}
Upvotes: 0
Reputation: 526
Hope this helps :-)
if(isset($_POST['submit'])){
ini_set("post_max_size", "30M");
ini_set("upload_max_filesize", "30M");
ini_set("memory_limit", "20000M");
$fileName='product_demo.png';
if($_FILES['imgproduct']['size'] > 0 &&
(($_FILES["imgproduct"]["type"] == "image/gif") ||
($_FILES["imgproduct"]["type"] == "image/jpeg")||
($_FILES["imgproduct"]["type"] == "image/pjpeg") ||
($_FILES["imgproduct"]["type"] == "image/png") &&
($_FILES["imgproduct"]["size"] < 2097152))){
if ($_FILES["imgproduct"]["error"] > 0){
echo "Return Code: " . $_FILES["imgproduct"]["error"] . "<br />";
} else {
$rnd=rand(100,999);
$rnd=$rnd."_";
$fileName = $rnd.trim($_FILES['imgproduct']['name']);
$tmpName = $_FILES['imgproduct']['tmp_name'];
$fileSize = $_FILES['imgproduct']['size'];
$fileType = $_FILES['imgproduct']['type'];
$target = "upload/";
echo $target = $target .$rnd. basename( $_FILES['imgproduct']['name']) ;
move_uploaded_file($_FILES['imgproduct']['tmp_name'], $target);
}
} else {
echo "Sorry, there was a problem uploading your file.";
}
}
Upvotes: 6
Reputation: 4728
If you are looking for a hard limit across all uploads on the site, you can limit these in php.ini by setting the following:
`upload_max_filesize = 2M` `post_max_size = 2M`
that will set the maximum upload limit to 2 MB
Upvotes: 2
Related Questions
- How To Change The Maximum File Size Upload?
- Can I limit upload size in PHP but still receive truncated files?
- PHP change the maximum upload file size in php
- How to limit Upload file size php
- restricting the uploading files size in php
- Restrict image upload file size
- How to limit file upload size in PHP?
- How to restrict filesize for uploads?
- Restrict File Type and size in PHP form upload
- How to set max file upload size and allow only certain file types on PHP upload?