StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
2486354
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2010-03-21T07:56:07.187
FavoriteCount
0
LastActivityDate
2010-03-21T08:04:28.733
LastEditDate
2010-03-21T08:04:28.733
LastEditorUserId
84478
OwnerUserId
84478
ParentId
2486329
PostTypeId
2
Score
8
ViewCount
0
LastEditorDisplayName
text
Body
<h2>edit</h2> I just realized that you want to allow PDF files as well. In that case check out <a href="http://us3.php.net/manual/en/ref.fileinfo.php" rel="noreferrer">PHP's Fileinfo class and functions</a>. But as far as security goes, you still shouldn't rely on <code>$_FILES[]['type']</code> :) I'll leave the rest here in case it helps someone else who finds this question <hr> For checking the mime type of the image, <code>$_FILES[]['type']</code> could be unsafe. This data is sent by the browser and could be easily spoofed. You should use the <code>getimagesize()</code> function if you only want to allow images to be uploaded (despite its maybe misleading name). This function won't just give you the size but all the data you will probably need about the image. I used the following script in an image handling class: <pre><code>private function load_image_data($image_file) { // Firstly, to disambiguate a loading error with a nonexistant file error, // check to see if the file actually exists. if( ! file_exists($image_file) ) { throw new Nonexistent_Image_Exception("The file '{$image_file}' does not exist"); } // We're going to check the return value of getimagesize, so we don't // need any pesky warnings or notices popping up, since we're going to // stop execution of this function if something goes wrong. $image_data = @getimagesize($image_file); if( $image_data === false ) { throw new Load_Image_Exception("Could not get image data from '{$image_file}'"); } $this->size = new Dimensions($image_data[0], $image_data[1]); $this->mime = $image_data['mime']; } </code></pre> Notice that <code>getimagesize()</code> returns an associative array containing a 'mime' index. The data here is reliable. In another function I checked the mime type of the image and converted it to PNG with the appropriate GD function: <pre><code>private function load_image($image_file) { // Suppress warning messages because we're going to throw an // exception if it didn't work instead. switch( $this->mime ) { case 'image/jpeg': case 'image/pjpeg': $this->image = @imagecreatefromjpeg($image_file); break; case 'image/gif': $this->image = @imagecreatefromgif($image_file); break; case 'image/png': $this->image = @imagecreatefrompng($image_file); break; default: throw new Invalid_Image_Exception("The image was of an invalid type"); } if( $this->image === false ) { throw new Load_Image_Exception("Loading of image '{$image_file}' failed"); } } </code></pre> You probably won't need to do all of this, but you can see what mime types appear for the filetypes you have specified. Notice that a jpeg could have two different mime types. Hope this helps.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POHow can I only allow certain filetypes on upload in php?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USCarson Myers
UserOwnerUserId
1. USCarson Myers
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COHmm, very interesting! Can I use this for pdf files as well?
 singulars
 PostPostId
 PO
 UserUserId
 USzeckdude
2. COI'm afraid I misread your question and skipped the 'pdf' part. I made an edit at the top pointing you towards some PHP functions for getting file information. I can't stress enough though how important it is to not trust data from the browser
 singulars
 PostPostId
 PO
 UserUserId
 USCarson Myers

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.