Php File Upload help

Hi everyone, please help me in php file upload! As I only want to upload Pdf and MS word file. I have done coding but its uploading every file in the database. I want to upload only pdf and ms word file.

here is my coding:

<?php # Check if a file has been uploaded if(isset($_FILES['uploaded_file'])) # Make sure the file was sent without errors if($_FILES['uploaded_file']['error'] == 0) { # Connect to the database $dbLink = mysql_connect("localhost", "root") or die (mysql_error()); mysql_select_db("webproject", $dbLink) or die(mysql_error()); /*if(mysql_connect()) { die("MySQL connection failed: ". mysql_error()); }*/ # Gather all required data $filename = mysql_real_escape_string($_FILES['uploaded_file']['name']); $filemime = mysql_real_escape_string($_FILES['uploaded_file']['type'] == "application/pdf" || $_FILES["uploaded_file"]["type"] == "application/msword"); $size = $_FILES['uploaded_file']['size']; $data = mysql_real_escape_string(file_get_contents($_FILES ['uploaded_file']['tmp_name'])); $subjects =$_POST['subjects']; $name =$_POST['name']; $phone =$_POST['phone']; $email =$_POST['email']; # Create the SQL query $query = " INSERT INTO file( Filename, Filemime, Filesize, Filedata, subjects, name, email, phone, Created ) VALUES ( '{$filename}', '{$filemime}', {$size}, '{$data}', '{$subjects}','{$name}','{$email}','{$phone}', NOW() )"; # Execute the query $result = mysql_query($query, $dbLink); # Check if it was successfull if($result) { echo "Success! Your file was successfully added!"; } else { echo "Error! Failed to insert the file"; echo "

". mysql_error($dbLink) ."

"; } } else { echo "Error! An error accured while the file was being uploaded. Error code: ". $_FILES['uploaded_file']['error']; } # Close the mysql connection mysql_close($dbLink); # Echo a link back to the mail page echo "

Click here to go back home page!.

"; ?>

This is using OLD mysql calls. Update it to mysqli or PDO. I havent needed it since I wrote it long ago, so it has not been updated. It works as is though.

Keep in mind, the Php default upload size is 2 meg. You will have to change your php.ini file to upload larger files.

[php]

File Upload To Database

Please Choose a File and click Submit

<? require "config.php"; /* Upload any type of files to MySQL. Final Version 1.1 Last Modified Sunday, February 21, 2010 1:55:32 PM Author Galaxy Internet - Kevin Rubio

Change Log Ver 1.1: Added array for allowed file types.

TO DO: Check to see if temp file gets deleted after it is inserted into MySQL. Do an unlink if it doesnt to delete the temp file.
*/

//------------------------------------------------------------------------------
// Allowed File Types - 1=Allow 0=Not Allowed
//------------------------------------------------------------------------------

//Image Types
$allow_jpeg =‘1’;
$allow_jpg =‘1’;
$allow_gif =‘1’;
$allow_png =‘1’;

// Document Types
$allow_txt=‘1’;
$allow_word=‘1’;
$allow_pdf=‘1’;

// Maximum upload size in bytes
$max_upload_size= ‘5000000’;

//------------------------------------------------------------------------------

if(!isset($_FILES[‘file’])) { echo ‘

Select a file to Upload

’;}

// Selected and uploaded a file
if (isset($_FILES[‘file’]) && $_FILES[‘file’][‘size’] > 0) {

$file= $_FILES[‘file’];
$file_name= $_FILES[“file”][“name”] ;
$file_type= $_FILES[“file”][“type”] ;
$file_size= $_FILES[“file”][“size”] ;
$file_location= $_FILES[“file”][“tmp_name”] ;

//------------------------------------------------------------------------------
// Check for maximum file upload size
//------------------------------------------------------------------------------

if ($file_size >"$max_upload_size") // In Bytes
{ echo “

<font color=“red”>Your file is too big!\n
The file $file_name is $file_size bytes. Upload max = $max_upload_size bytes”; die; }

//------------------------------------------------------------------------------
// Check for allowed file types
//------------------------------------------------------------------------------

$allowed_file_type = array();

if ($allow_jpeg==‘1’){
array_push($allowed_file_type, “image/jpeg”);
}
if ($allow_jpg==‘1’){
array_push($allowed_file_type, “image/jpg”);
}
if ($allow_gif==‘1’){
array_push($allowed_file_type, “image/gif”);
}
if ($allow_png==‘1’){
array_push($allowed_file_type, “image/png”);
}
if ($allow_pdf==‘1’){
array_push($allowed_file_type, “application/pdf”);
}
if ($allow_txt==‘1’){
array_push($allowed_file_type, “text/plain”);
}
if ($allow_word==‘1’){
array_push($allowed_file_type, “application/msword”);
}

if (!in_array ($file_type, $allowed_file_type)) {
die(“File Type $file_type not allowed.”);
}

//------------------------------------------------------------------------------
// Display Uploaded File Details
//------------------------------------------------------------------------------

if ($_FILES["file"]["error"] > 0)
  {
  echo "Error: " . $_FILES["file"]["error"] . "<br />";
  }
else
  {
  echo "Upload: " . $_FILES["file"]["name"] . "<br />";
  echo "Type: " . $_FILES["file"]["type"] . "<br />";
  echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
  echo "Size: " . $_FILES["file"]["size"] . " Bytes<br />";
  echo "Stored in: " . $_FILES["file"]["tmp_name"];
  }

//------------------------------------------------------------------------------

  // Temporary file name stored on the server
  $tmpName  = $_FILES['file']['tmp_name'];  
   
  // Read the file 
  $fp = fopen($tmpName, 'r');
  $data = fread($fp, filesize($tmpName));
  $data = addslashes($data);
  fclose($fp);

  // Insert file into database.
  $query = "INSERT INTO $DBtable";
  $query .= "(file, file_name, file_type) VALUES ('$data', '$file_name', '$file_type')";
  $result = mysql_query($query) or die("<b><font color=\"#FF0000\">ERROR</font></b><br>There is a problem with your query <b>$query</b><br>MySQL says: " . mysql_error());

  echo "Thank you, your file has been uploaded.";

  // Close our MySQL Link
  mysql_close($con);

}

?>

[/php]

Thanks for your positive quick response. I shall update it then.

If your happy, click Karma next to my name