SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    Non-Member I87's Avatar
    Join Date
    Mar 2006
    Location
    UK
    Posts
    378
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    So I made a simple MP3 upload script and I want advice on securing it up and improvin

    g it


    PHP Code:
    <?php
    if(isset($_GET['upload'])){
    $_FILES['mp3']['tmp_name'];

    if(
    $_FILES['mp3']['type']!='audio/mpeg'){
    die(
    'Invalid file type'.$_FILES['mp3']['type']);
    exit;
    }

    $name $_FILES['mp3']['name'];

    if (!
    preg_match("/.mp3/is"$name)){
       die(
    'Invalid file type2'.$_FILES['mp3']['type']);
    exit;
    }

    $name md5($name.time().rand(0,10)).'.mp3';
    $name 'audio/'.$name;

    copy($_FILES['mp3']['tmp_name'],$name) or die('Failed to upload MP3 file...');
    die(
    'done');
    exit;
    }
    else
    {
    echo
    '<form method="post" action="new.php?upload" enctype="multipart/form-data"><input type="file" name="mp3" type="submit" /> <input type="submit" /></form>';
    }
    ?>

    as you can see, it's very very basic
    but it's just a temp thing for now
    but can you php experts recommend how to secure it up, and how to improve the code?

    thanks =]

  2. #2
    is_empty(2); foofoonet's Avatar
    Join Date
    Mar 2006
    Posts
    1,000
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    http://www.devshed.com/c/a/PHP/Uploa...tories-in-PHP/

    thats a recent tutorial, theres loads around, why not compare your code to what others are already doing?
    Upgrading to Mysql 5? Auto-increment fields now strict
    use NULL
    Or zero or leave the field name out completely.

  3. #3
    Non-Member I87's Avatar
    Join Date
    Mar 2006
    Location
    UK
    Posts
    378
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Good idea
    will do
    thanks =]


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •