Upload img with some validation

[mmarif4u]

Hi guys:
I have a upload script which is just simple but now i want to add some more additional things to it.
1- The script will know that the uploaded content is either png,gif,pdf,doc,jpg.I know that i have to these in array, but how can i validate that.
2- Max file size.
3- Error on empty upload like [ if ($image =='' ){do nothing} ]
4- Make it more secure and validated.

The code i have:

PHP Code:

<?php

   if(isset($_POST['btnupload'])) {
     $filename = $_FILES['uploadfile']['name'];

     if($filename){
      $nruser=$session_nruser;
      $uploaddir = photo_imgdir($nruser);
      set_dir($uploaddir);
      $uploadfile = $uploaddir.$_FILES['uploadfile']['name'];

      print "<pre>";

      if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $uploadfile)){
       $sql="Update m_user set txphoto ='$filename' where nruser=$nruser";
       db_execute($sql);
       echo $cons_msg_success_upload;
      //send_msg($cons_msg_success_upload,"-2");
      }else{
      echo "error".$cons_msg_success_upload;

       //send_msg($cons_msg_file_error,"-2");
      }
      print "</pre>";
    }else{
      send_msg("aaacons_msg_file_error","-2");
      //send_msg($cons_msg_file_error,"-2");
    }
   }
?>

Thanks in advance for any response.

[Raju Gautam]

Here is my simple class to upload images with a few validations:

PHP Code:

class ImageUpload{
    
    var $ArrImageType;
    var $picpath;
    var $thumbpath;
    var $maxwidth;
    var $thumbwidth;
    var $thumbheight;
    
    function __construct($picpath, $maxwidth, $thumbwidth = 100, $thumbheight = 100, $thumbpath = ""){
        $this->maxwidth = $maxwidth;
        $this->thumbwidth = $thumbwidth;
        $this->thumbheight = $thumbheight;
        $this->picpath = $picpath;
        $this->thumbpath = $thumbpath;
        $this->ArrImageType = array('image/gif', 'image/jpeg', 'image/jpg', 'image/pjpeg', 'image/png');
    }
    function Create_ThumbNail($ImageType, $rW, $rH, $imagename, $do="thumbnail"){
        $full_picmain = $this->picpath . "/" . $imagename;
        if($do != "thumbnail")
            $tsrc = $this->picpath . "/$imagename";
        else
            $tsrc = $this->thumbpath . "/$imagename";
        # Starting of GIF thumb nail creation #
        if($ImageType == "image/gif"){
            $im = imagecreatefromgif($full_picmain);
            $width = imagesx($im);                # Original picture width is stored
            $height = imagesy($im);               # Original picture height is stored
            if($width > $rW){$n_width = $rW;}
            else{$n_width = $width;}
            if($height > $rH){$n_height = $rH;}
            else{$n_height = $height;}
            
            $newimage = imagecreatetruecolor($n_width,$n_height);
            imagecopyresized($newimage, $im, 0, 0, 0, 0, $n_width, $n_height, $width,$height);
            if(function_exists("imagegif")) {
                header("Content-type: image/gif");
                imagegif($newimage, $tsrc);
            }
            elseif(function_exists("imagejpeg")) {
                header("Content-type: image/jpeg");
                imagejpeg($newimage, $tsrc);
            }
            chmod("$tsrc", 0777);
        }
        # starting of JPG thumb nail creation #
        if($ImageType == "image/pjpeg" || $ImageType == "image/jpeg" || $ImageType == "image/jpg"){
            $im = imagecreatefromjpeg($full_picmain);
            $width = imagesx($im);              # Original picture width is stored
            $height = imagesy($im);             # Original picture height is stored
            if($width > $rW){$n_width = $rW;}
            else{$n_width = $width;}
            if($height > $rH){$n_height = $rH;}
            else{$n_height = $height;}
        
            $newimage = imagecreatetruecolor($n_width,$n_height);                 
            imagecopyresized($newimage, $im, 0, 0, 0, 0, $n_width, $n_height, $width, $height);
            imagejpeg($newimage, $tsrc);
            chmod("$tsrc", 0777);
        }
        # starting of JPG thumb nail creation #
        if($ImageType == "image/png"){
            $im = imagecreatefrompng($full_picmain); 
            $width = imagesx($im);              # Original picture width is stored
            $height = imagesy($im);             # Original picture height is stored
            if($width > $rW){$n_width = $rW;}
            else{$n_width = $width;}
            if($height > $rH){$n_height = $rH;}
            else{$n_height = $height;}
            $newimage = imagecreatetruecolor($n_width,$n_height);                 
            imagecopyresized($newimage, $im, 0, 0, 0, 0, $n_width, $n_height, $width, $height);
            imagepng($newimage, $tsrc);
            chmod("$tsrc", 0777);
        }        
    }
    function Upload($PicFile){
        if(is_uploaded_file($PicFile['tmp_name'])){
            if($PicFile['size'] < 1048576 && in_array($PicFile['type'], $this->ArrImageType)){ # If must be of less than 1 MB and limited file types
                $imgExt = $this->GetImageExtention($PicFile['type']);
                $PicName = substr(md5(time()), rand(0, 26), 6) . "." . $imgExt;
                $PicFullPathName = $this->picpath . "/" . $PicName;
                if(move_uploaded_file($PicFile['tmp_name'], $PicFullPathName)){
                    $this->Create_ThumbNail($PicFile['type'], 100, 80, $PicName, "thumbnail"); # Create thumbnail image 
                    list($width, $height) = getimagesize($PicFullPathName);
                    if($width > $this->maxwidth){ # default size.
                        $ratio = (($width - $this->maxwidth) * 100) / $width;
                        $newheight = $height - ($ratio * $height / 100);
                        $this->Create_ThumbNail($PicFile['type'], $this->maxwidth, $newheight, $PicName, "resize"); # resizing the image
                    }
                    mysql_query("UPDATE tblproductimages SET ProductImagePath='$PicName' WHERE PictureID='$newpicid'") or die(mysql_error());
                }
            }
        }# is picture uploaded
    }
    # Get image extention #
    function GetImageExtention($type){
        if($type == "image/jpeg" || $type == "image/jpg" || $type == "image/pjpeg")
            return "jpg";
        elseif($type = "image/png")
            return "png";
        elseif($type == "image/gif")
            return "gif";
    }
}
$picpath = './uploads';
$thumbpath = './uploads/thumbnails';
$maxwidth = 600;
$thumbwidth = 100;
$thumbheight = 100;

$obj = new ImageUpload($picpath, $maxwidth, $thumbwidth, $thumbheight, $thumbpath);
$PicFile = $_FILES['PrdImg'];
$obj->Upload($PicFile); 


For your case please add these two elements "'application/msword','application/pdf'" for doc and pdf files respectively in the image type array and you can comment the thumbnail creating resizing the image lines if you dont need more.

[mmarif4u]

It means that i have to just include this class in my code.
Ok thanks, i will try it.

[Raju Gautam]

One thing, this is my own class and i made it as per my requirement but i think the Upload() function may need to be changed for your requirement.

[mmarif4u]

Thanks rajug for sharing it with me.