php - Limiting the checking condition while uploading SWF files

Question

I am creating an application of uploading swf files in a folder using PHP. My script is all working except for the first if condition where I'm checking whether the extension is swf or not, but I seems to have some error.

I'm not sure whether video/swf is a valid checking parameter for SWF files or not. My full script is below. I'm checking the size of the SWF using getimagesize(). Some people may wonder that getimagesize works for image, but I saw some examples where getimagesize() has been used for getting size of SWF files.

It's giving me the message "invalid swf file", that means its not satisfying the first checking condition at all.

<?php
        foreach($_FILES['item_swf']['tmp_name'] as $key=>$val)
        {

        list($width, $height) = getimagesize($_FILES['item_swf']['tmp_name'][$key]);

        if (( ($_FILES["item_swf"]["type"][$key] == "video/swf") || ($_FILES["item_swf"]["type"][$key] == "video/SWF") )
        && ($_FILES["item_swf"]["size"][$key] < 800000))
           {
                if ($_FILES["item_swf"]["error"][$key] > 0)
                  {
                     echo "Error: " . $_FILES["item_swf"]["error"][$key] . "<br />";
                  }
                else if($width==1000 && $height==328)
                  {
                   if (file_exists('../../swf_folder/header_swf/' . $_FILES["item_swf"]["name"]))
                            {
                               echo $_FILES["item_swf"]["name"][$key] . " already exists. ";
                             }
                   else
                            { 

                               move_uploaded_file($val, '../../swf_folder/header_swf/'.$_FILES['item_swf']['name'][$key]);
                               echo "done";
                        }
                  }
             else 
                 {
                    echo "size doest permit";
                 }  
            }
        else
            {
               echo "Not a valid swf file::";
            }                       

        }
        ?>

The line given below

move_uploaded_file($val, '../../swf_folder/header_swf/'.$_FILES['item_swf']['name'][$key]);

is working perfectly as it is uploading files to the dedicated folder, it somehow seems that the checking parameters for SWF only files are not set properly.

Edit

I got my answer. Instead of using video/swf I need to use application/x-shockwave-flash.

So the ultimate code will be:

<?php
        foreach($_FILES['item_swf']['tmp_name'] as $key=>$val)
        {

        list($width, $height) = getimagesize($_FILES['item_swf']['tmp_name'][$key]);

        if (($_FILES["item_swf"]["type"][$key] == "application/x-shockwave-flash") 
        && ($_FILES["item_swf"]["size"][$key] < 800000))
           {
                if ($_FILES["item_swf"]["error"][$key] > 0)
                  {
                     echo "Error: " . $_FILES["item_swf"]["error"][$key] . "<br />";
                  }
                else if($width==1000 && $height==328)
                  {
                   if (file_exists('../../swf_folder/header_swf/' . $_FILES["item_swf"]["name"]))
                            {
                               echo $_FILES["item_swf"]["name"][$key] . " already exists. ";
                             }
                   else
                            { 

                               move_uploaded_file($val, '../../swf_folder/header_swf/'.$_FILES['item_swf']['name'][$key]);
                               echo "done";
                        }
                  }
             else 
                 {
                    echo "size doest permit";
                 }  
            }
        else
            {
               echo "Not a valid swf file::";
            }                       

        }
        ?>

Answer 1

you can try

$savePath = "PATH_TO_SAVE";
$errors = array ();
$output = array ();
//

if (isset ( $_FILES ['item_swf'])) {

    foreach ( $_FILES ['item_swf'] ['tmp_name'] as $key => $val ) {

        $fileName = $_FILES ['item_swf'] ['name'] [$key];
        $fileSize = $_FILES ['item_swf'] ['size'] [$key];
        $fileTemp = $_FILES ['item_swf'] ['tmp_name'] [$key];

        $fileExtention = pathinfo ( $fileName, PATHINFO_EXTENSION );
        $fileExtention = strtolower ( $fileExtention );

        if ($fileExtention != ".swf") {
            $errors [$fileName] [] = "Invalid File Extention";
            continue;
        }

        if ($fileSize > 800000) {
            $errors [$fileName] [] = "File Too large";
            continue;
        }

        list ( $width, $height ) = getimagesize ( $fileTemp );

        if ($width != 1000 && $height != 328) {
            $errors [$fileName] [] = "Wrong File dimention ";
            continue;
        }

        if (file_exists ( $savePath . DIRECTORY_SEPARATOR . $fileName )) {
            $errors [$fileName] [] = "File Exist";
            continue;
        }

        if(!is_writable($savePath ))
        {
            $errors [$fileName] [] = "File Destination not writeable";
        }


        if(count($errors [$fileName]) == 0)
        {
            if(@move_uploaded_file ( $fileTemp, $savePath . DIRECTORY_SEPARATOR . $fileName))
            {
                $output[$fileName] == "OK" ;
            }
            else
            {
                $errors [$fileName] [] = "Error Saving File";
            }

        }


    }
        var_dump($errors, $output);
}

Let me know if you have any more challenge