Multiple Upload Script - Restricted extension/file size

Hi, I recently made an upload script, which uploads an image in first field(with 2mb limit), an audio file in 2nd field(with 60mb limit) and a text file in 3rd field(with 1mb limit).
The images upload properly and goes to the specific folder, but the audio and text files don’t, the script instead proceeds till else statement and echos the error message.

Form code:

<html>
<body>
<div id="header">
</div>
<div id="body" align="center">
    <br>
    <br>
    <br>
    <br>
    <table width="500" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
        <tr>
            <form action="multiple_upload_ac.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
                <td>
                <table width="100%" align="center" border="0" cellpadding="10" cellspacing="6" bgcolor="#FFFFFF">
                    <tr>
                    
                    <div align="center"><font size="5px"><strong>File Upload</strong></font></div>
                    
                    </tr>
                    <td>
                    <tr>
                        <td>
                        </td>
                    </tr>
                    <tr>
                    <td>
                    </td>
                    </tr>
                    <tr>
                        <td>
                            <br>Choose Album Art<br>
                            <input name="ufile[0]" type="file" id="ufile[0]" size="50" /><br>
                        </td>
                    </tr>
                    <tr>
                        <td>
                            <br>Choose Music Track<br>
                            <input name="ufile[1]" type="file" id="ufile[1]" size="50" /><br>
                        </td>
                    </tr>
                    <tr>
                        <td>
                            <br>Choose Lyrics<br>
                            <input name="ufile[2]" type="file" id="ufile[2]" size="50" /><br>
                        </td>
                    </tr>
        <tr>
        <td>
            <br>Your/Band Name:
        <br>
            <input name="band_name" type="text" id="band_name" size="50"><br>
        </td> 
    </tr> 
        <tr> 
        <td>
            <br>Track Title:
        <br>
        <input name="track_title" type="text" id="track_title" size="50"><br>
        </td> 
    </tr> 
    <tr> 
        <td>
            <br>Album Name:
        <br>
        <input name="album_name" type="text" id="album_name" size="50"><br>
        </td> 
    </tr> 
    <tr> 
        <td>
            <br>Email:
        <br>
        <input name="customer_mail" type="text" id="customer_mail" size="50"><br>
        </td> 


        </tr>
                    <tr>
                        <td>
                            <div align="right">
                            <font size="2px" color=#000000">
                            <br>
                            By clicking submit button you agree to our <a href="#">terms</a>&nbsp;&nbsp;
                            </font>
                            </div>
                        </td>
                        <td>
                            <br>
                            <input type="submit" id="upload" name="Submit" value="Upload" />
                        </td>
                        <td>
                    </tr>
                 </table>
                        </td>
                    </form>
                </tr>
            </table>
</div>
<div id="footer">
<div align="center">
<font size="4px">
<br>&#169; 2013 to My Site. All rights reserved.
</font>
</div>
</div>
</body>
</html>

And this is the php code:

[php]

<?php $path1= "upload/artwork/".$HTTP_POST_FILES['ufile']['name'][0]; $path2= "upload/track/".$HTTP_POST_FILES['ufile']['name'][1]; $path3= "upload/lyrics/".$HTTP_POST_FILES['ufile']['name'][2]; $filesize1=$HTTP_POST_FILES['ufile']['size'][0]; $filesize2=$HTTP_POST_FILES['ufile']['size'][1]; $filesize3=$HTTP_POST_FILES['ufile']['size'][2]; $filetype1=$HTTP_POST_FILES['ufile']['type'][0]; $filetype2=$HTTP_POST_FILES['ufile']['type'][1]; $filetype3=$HTTP_POST_FILES['ufile']['type'][2]; $name="$band_name"; $subject="upload"; $message="$track_title,$album_name"; $mail_from="$customer_mail"; $header="from: $name <$mail_from>"; $to ='[email protected]'; if (($filesize1 < 2097152) && (($filetype1 == "image/png") || ($filetype1 == "image/jpg") || ($filetype1 == "image/jpeg"))) { copy($HTTP_POST_FILES['ufile']['tmp_name'][0], $path1); echo "File Name :".$HTTP_POST_FILES['ufile']['name'][0]."
"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][0]."
"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][0]."
"; echo ""; echo "

"; } else { echo "Error while uploading album art"; } if (($filesize2 < 62914560) && (($filetype2 == "audio/mp3") || ($filetype2 == "audio/flac"))) { copy($HTTP_POST_FILES['ufile']['tmp_name'][1], $path2); echo "File Name :".$HTTP_POST_FILES['ufile']['name'][1]."
"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][1]."
"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][1]."
"; echo "

"; } else { echo "
Error while uploading track"; } if (($filesize3 < 1048576) && (($filetype3 == "text/txt") || ($filetype3 == "text/rtf"))) { copy($HTTP_POST_FILES['ufile']['tmp_name'][2], $path3); echo "File Name :".$HTTP_POST_FILES['ufile']['name'][2]."
"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][2]."
"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][2]."
"; echo "

"; } else { echo "
Error while uploading lyrics"; } if (($filesize1 > 0) && ($filesize2 > 0) && ($send_contact)) { global $to,$subject,$message,$header,$name; $send_contact=mail($to,$subject,$message,$header,$name); echo "
Successfully Uploaded Files Have Been Received"; } else { echo "
Error.."; } ?>

[/php]

First off: avoid using $HTTP_POST_FILES[‘ufile’][‘name’][0] directly. This variable can be spoofed to …/file.php, for instance, which would put the file one level above where you want it to go.

To check for extensions, this is the easiest and fastest way to do so:

[php]$ext = substr($HTTP_POST_FILES[‘ufile’][‘name’][0], strrpos($HTTP_POST_FILES[‘ufile’][‘name’][0], “.”)+1);
if ($ext === “blah”) {
}[/php]

substr takes a substring of what you give it, delimited by integer indices. strrpos finds the last occurence of a string (here, the “.” character). Taking that+1 rules out the dot, which leaves php for .php, for example.

I did something like this:
[php]
$ext = substr($HTTP_POST_FILES[‘ufile’][‘name’][0], strrpos($HTTP_POST_FILES[‘ufile’][‘name’][0], “.”)+1);
if (
($ext === “png”)
|| ($ext === “jpg”)
|| ($ext === “jpeg”)
&& ($filesize1 < 2097152))
{
copy($HTTP_POST_FILES[‘ufile’][‘tmp_name’][0], $path1);
echo “File Name :”.$HTTP_POST_FILES[‘ufile’][‘name’][0]."
";
echo “File Size :”.$HTTP_POST_FILES[‘ufile’][‘size’][0]."
";
echo “File Type :”.$HTTP_POST_FILES[‘ufile’][‘type’][0]."
";
echo “<img src=”$path1" width=“150” height=“150”>";
echo “

”;
}
else
{
echo “Error while uploading album art”;
}

$ext1 = substr($HTTP_POST_FILES[‘ufile’][‘name’][1], strrpos($HTTP_POST_FILES[‘ufile’][‘name’][0], “.”)+1);
if (
($ext1 === “mp3”)
|| ($ext === “flac”)
&& ($filesize2 < 62914560))
{
copy($HTTP_POST_FILES[‘ufile’][‘tmp_name’][1], $path2);
echo “File Name :”.$HTTP_POST_FILES[‘ufile’][‘name’][1]."
";
echo “File Size :”.$HTTP_POST_FILES[‘ufile’][‘size’][1]."
";
echo “File Type :”.$HTTP_POST_FILES[‘ufile’][‘type’][1]."
";
echo “

”;
}
else
{
echo “
Error while uploading track”;
}

$ext2 = substr($HTTP_POST_FILES[‘ufile’][‘name’][2], strrpos($HTTP_POST_FILES[‘ufile’][‘name’][0], “.”)+1);
if (
($ext === “txt”)
|| ($ext === “rtf”)
&& ($filesize3 < 1048576))
{
copy($HTTP_POST_FILES[‘ufile’][‘tmp_name’][2], $path3);
echo “File Name :”.$HTTP_POST_FILES[‘ufile’][‘name’][2]."
";
echo “File Size :”.$HTTP_POST_FILES[‘ufile’][‘size’][2]."
";
echo “File Type :”.$HTTP_POST_FILES[‘ufile’][‘type’][2]."
";
echo “

”;
}
else
{
echo “
Error while uploading lyrics”;
}
[/php]
Still only images upload properly…

Sponsor our Newsletter | Privacy Policy | Terms of Service