I´m using this php code to upload images to a folder but I would like to allow pdf files to be uploaded also, so I modified a little the code:
<?php
$target_dir = "extra_images/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
$textFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
//echo "<div class=\"alert alert-success\" role=\"alert\"><strong><span class=\"glyphicon glyphicon-ok\" aria-hidden=\"true\"></span> Correct image type.</strong></div>";
$uploadOk = 1;
} else {
echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>File is not an image.</strong></div>";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>File already exists.</strong></div>";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 3750000) {
echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>Your file is too large.</strong></div>";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" && $textFileType != "pdf" ) {
echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>Only jpg, jpeg, png, gif and pdf (for the Plan Article) files are allowed.</strong></div>";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>The file was not uploaded.</strong></div>";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "<div class=\"alert alert-success\" role=\"alert\">The file <strong>". basename( $_FILES["fileToUpload"]["name"]). "</strong> has been uploaded.</div><br>Please copy this filename: <span class=\"form-inline\"><input type=\"text\" value=\"". basename( $_FILES["fileToUpload"]["name"]). "\" class=\"form-control input-sm\" style=\"width:220px;\" /></span> And paste it in an empty Extra image field above and save the form.";
} else {
echo "<div class=\"alert alert-danger\" role=\"alert\">There was an error uploading your file.</div>";
}
}
echo "</br></br><p><button class=\"btn btn-default pull-right\" style=\"margin-right:5px;\" type=\"submit\" onclick=\"javascript:history.go(-1)\"><span class=\"glyphicon glyphicon-step-backward\" aria-hidden=\"true\"></span> Back</button></p>";
?>
I added this bit:
&& $textFileType != "pdf" and this: $textFileType = pathinfo($target_file,PATHINFO_EXTENSION);
But this changes I made are not working, it still returns the "this is not an image" message.
What part of the code identifies the filetype? is the $imageFileType a special variable that php uses to identify filetypes?
I´m really confused about this. Can anyone help?
The file type for pdfs is application/pdf if you want to check the extension.
However, while you can check file extensions, but that's not a very reliable way of identifying whether a file is a pdf or not (it's easy to change a file extension for just about any file, creating a huge security hole).
While there's nothing in php like getimagesize() for pdfs, you can still check the mime type which is a fairly good step in the process like so:
if (!empty($_FILES['fileToUpload']['tmp_name'])) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $_FILES['fileToUpload']['tmp_name']);
if ($mime != 'application/pdf') {
echo 'this is not a PDF file!';
exit();
}