My image upload script. Loads of checks, not all used each time. Optional file-physical-size checks rely on ‘getimagesize’ working. Its long, but stick with it. It works.
'jpg',
'image/jpeg'=>'jpg',
'image/gif'=>'gif',
'image/bmp'=>'bmp',
'image/png'=>'png');
if (isset($imageTypes[$_FILES["txtImage"]["type"]])) {
if ($_FILES['txtImage']['size'] < 500000) {
//Additional checks for file-physical-size
//$logo = getimagesize($_FILES["txtImage"]["tmp_name"]);
//$maximum = 400;
//if (($logo[0])>$maximum) {
// $error_image = "ERROR: ".$maximum."px Width exceeded";
//}
//if (($logo[1])>$maximum) {
// $error_image = "ERROR: ".$maximum."px Height exceeded";
//}
## FILE OK
$disallowed = array(" ",",","@","!","\"","/","\\","£","$","and so on");
$fileName = str_replace($disallowed,"_",$_FILES['txtImage']['name']);
$directory = "image_uploads/";
//if(!is_dir($directory)) mkdir($directory,0777);
$destination = $directory.$fileName;
if (!file_exists($destination)) {
# MOVE FILE
if (copy($_FILES['txtImage']['tmp_name'], $destination)) {
##################
### SUCCESS ####
##################
} else { $errors = true;
$error_image = "ERROR: Cannot save Image";}
} else { $errors = true;
$error_image = "ERROR: Image already exists";}
} else { $errors = true;
$error_image = "ERROR: File Size exceeds maximum"; }
} else { $errors = true;
$error_image = "ERROR: Image Type not allowed";}
} else { $errors = true;
$error_image = "ERROR: No Image Filesize";}
} else { $errors = true;
$error_image = "ERROR: Image Upload Failed"; }
?>