Home » Php » Uploading doc,pdf,jpg,png etc as BLOBs – PHP

Uploading doc,pdf,jpg,png etc as BLOBs – PHP

Posted by: admin February 23, 2020 Leave a comment

Q(Question):

I’ve found may scripts and examples on how to upload images but don’t have a clue how to upload a file like doc or pdf??

A(Answer):

Hi.

Uploading images is pretty much the same process as uploading any other file. The only difference would be how you validate the file once it has been sent.

Check out my article: http://bytes.com/topic/php/insights/…base-using-php.
It explains how to upload any file, not just images.

A(Answer):

i’m having a problem checking that something is being entered into the input box, i’m trying the below which is now working:

if(!isset($_FILES['uploaded_file'])) {
File not entered into input box.
} else {
A File has been entered.
}

It just always goes to the else statement???

A(Answer):

The file input is passed regardless of whether there was a file present. You can check if the file was uploaded using the error numbers passed with the array

A(Answer):

Got it sorted using error code 4, thanks.

A(Answer):

I got files uploading and downloading fine, the only problem i’ve come across is that when the file is downloaded to the desktop it hasn’t got any extension, its an unknown file!???

A(Answer):

You have to tell the browser what to name the file by setting the Content-Disposition header. Some browsers might be able to determine the extensions of well known mime-types, but you should always provide it to be safe.

A(Answer):

I’ll look into this, can you also point me in the direction of how to restrict certain file types for upload?

A(Answer):

@ziycon

To do that, you would have to check the file after the file is uploaded, see if it is actually what you were expecting. If it doesn’t pass this check, you simply don’t add it to your database.

Depending on the type of the file you want restricted, you would have to come up with a way to determine whether or not the file is actually what it is supposed to be. It is often tempting to use the mime type sent with the file, but this is sent by the browser so it can not be trusted.

If it is supposed to be an image, PHP’s getimagesize function can help you. It provides the actual mime-type, so you can verify against that.

If it is supposed to be a XML file, or something of that nature, you could try parsing it, see if it will parse correctly. If it does, it can be considered valid.

A(Answer):

It can be any one the below:
jpg,gif,png,doc,pdf

A(Answer):

For the images, use the getimagesize function I linked in my previous post. If the images are in fact valid, the function should return an array with all the info on it, or FALSE if they are invalid.

For the PDF, if the first 5 characters of the PDF file are "%PDF-", that would indicate that the file is actually a PDF file.
That can be done using the File System functions, like:


// Get the first 5 chars
$fh = fopen("/path/to/file.pdf", "r") or die("Could not open file");
$head = fgets($fh, 5);
fclose($fh);
// Check if they are valid
if($head == '%PDF-') {
echo "PDF file is valid!";
// Proceed with the insert process.
}
else {
echo "This is not a PDF file";
}

Note, however, that this only establishes that the file identifies itself as a PDF file, according to the PDF specification. It does not check if the file is actually a valid PDF file (For example, a text file who’s first 5 characters are ‘%PDF-‘ would also be considered valid.)

As to the DOC type, I can’t really help you. I never use proprietary M$ stuff if I can help it.
But if your server runs on Windows, and the server has Word installed, I suppose you could load the document through a COM object. See if it actually loads properly.

A(Answer):

Lovely tutorial by the way, got it all working perfectly.

Thanks,
ziy

A(Answer):

@ziycon

Thank you :] Glad you got it all to work.