Hmm, that’s weird. You should have that class because finfo() was introduced in PHP 5.3.0, you probably have a later version of PHP 5.3 which makes no sense why it isn’t working. I am not sure if this will work either because if the OOP version doesn’t work, I highly doubt the Procedural version will work. But here’s a shot.
<?php
// TESTED ONLY WITH PHP 7!!!!
// THIS SNIPPET MAY NOT WORK WITH OTHER VERSIONS OF PHP
// The proper way of checking if the form was submitted through POST
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$dir = 'uploads/'; // The directory the files should be stored in
// Create an array of desired mime types.
// Generally, mime types start with the category the file belongs in.
// Then followed by either the extension or the actual type of file it is.
// Here is a complete list of mime types if you are not familiar with them.
// https://sitepoint.com/web-foundations/mime-types-complete-list/
$array = array(
'image/png',
'image/jpg',
'image/jpeg',
'image/gif',
'video/mp4',
'video/webm',
'video/avi',
'video/mpeg',
);
// These are just the generic mime types for images and videos. If you want to allow other image formats and video formats, you'll need to add them into the array yourself.
$name = $_FILES['fileToUpload']['name']; // Create the $name variable and append the name field to it.
$tmp = $_FILES['fileToUpload']['tmp_name']; // Create the $tmp variable and append the tmp_name field to it.
$size = $_FILES['fileToUpload']['size']; // Create the $size variable and append the size field to it.
// Check the mime type of the file
// Remember, mime_content_type won't work if the file is larger than the expected file size within your php.ini file.
// mime_content_type will also not work if you are not running on PHP 7.
// It was marked as deprecated and would complain when you used it.
// An alternative is to use finfo_file()
// The example usage can be found at http://php.net/manual/en/function.finfo-file.php
// $mime = mime_content_type($tmp); <-- Only for PHP 7
// OOP style
// $finfo = new finfo(FILEINFO_MIME_TYPE);
// $mime = $finfo->file($tmp);
// unset($finfo);
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $tmp);
finfo_close($finfo);
// Take the mime type of the temp file and check it against the array we created above.
// We DO NOT want to take the "type" field from the default $_FILES[...]['type'] field,
// Because this is not reliable and only contains the current mime type of the file extension.
// It does not contain the original mime type that the file was created from.
if(in_array($mime, $array)) {
// In this if/else statement, we are checking to see if the file is an image or not.
// Apparently, you are asking for less of a file size for images than for video files.
// So we check to see if the image is larger than 5,000,000 bytes.
// If the file is, tell the user that the file is too big.
// If the file is not, proceed to uploading the file.
// Again, this is just a few generic mime types for images.
// If you want to allow other image formats, you'll have to add them in yourself.
$imageType = array(
'image/png',
'image/jpg',
'image/jpeg',
'image/gif'
);
// Check for the very last period. This generally is the file extension.
// We are doing this because we want to know the file extension of the file.
// If the file has made it this far, we will assume that the file is either an image or a video.
// So it's safe to use the file's old extension.
// Normally, you wouldn't want to use the user's file extension and you would append your own.
// But this is just a snippet to demonstrate that we can do this.
$ext = substr(strrchr($name, '.'), 1);
// Generate a hash using the current timestamp in Unix along with sha256.
// You can generate the file name any way you'd like.
// It doesn't have to be exactly like how everyone wants you to do it.
$name = hash('sha256', time());
// Combine the 3 variables ($dir, $name, $ext) together and append a period before the extension.
// This will give you a random file name along with the original file extension. Like so.
// 91f56c7596fdfaa1d0b64a0e9461eff5314dcca1cb51d2c8c89b830388d053f8.jpg
// Or
// c3e7d43db3d7be99d77112d8283cd3fff8f720ee6d8a2283b69c706493cbd003.mp4
$file = $dir . $name . '.' . $ext;
// Check to see if the mime content type of the temp file is an image.
if(in_array($mime, $imageType)) {
// Check to see if the image is larger than 5,000,000 bytes.
if($size > 5000000) {
print('Sorry, your file is too large.'); // Tell the user that their image size is too big.
} else {
// The image is just perfect so move the image to the upload directory along with
// the new file name.
if(move_uploaded_file($tmp, $file)) {
print('Good'); // A successful upload 'twas is.
} else {
print('Bad upload'); // Hmm, looks like the upload was a failure.
// Check to make sure that the directory has the right permissions for you to
// Upload files to.
// Also, make sure that the directory you specified exists.
}
}
} else {
// The file was not an image based on the mime type.
// We will assume it is a video if it gets this far.
// Check to see if the video is larger than 5,000,000,000 bytes.
if($size > 5000000000) {
print('Sorry, your file is too large.');// Tell the user that their video size is too big.
} else {
// The video is just perfect so move the video to the upload directory along with
// the new file name.
if(move_uploaded_file($tmp, $file)) {
print('Good'); // A successful upload 'twas is.
} else {
print('Bad upload'); // Hmm, looks like the upload was a failure.
// Check to make sure that the directory has the right permissions for you to
// Upload files to.
// Also, make sure that the directory you specified exists.
}
}
}
} else {
print('Bad'); // It looks like the original mime type of the file does not meet our standards.
}
} else {
header('Location: /'); // Redirect the user back to whatever page they came from.
// I would suggest changing this line if this current PHP file is located some where else
// Or if the file used to target this current PHP file is named something different.
}
If this one doesn’t work as well, then I highly suggest you upgrade your PHP version. It is obsolete at this point. I highly suggest switching to a hosting provider that supports PHP 7. If you are using a localhost of some sort, I highly highly recommend un-installing your current localhost whether it’s XAMPP, WAMP, MAMP, or whatever and install PHP 7 the way I have demonstrated in this topic.