how do you restrict the types of files being uploaded?

How do you restrict files so that you can upload only doc files?

<?php
$split = explode(".", $_FILES['file_to_upload']['name']);

$extension = strtolower($split[count($split) - 1]);

if ($extension == "doc")

{

// upload file

}
?>

A more foolproof way would be to check the file type from the $_FILES array:

What if i had the following code, how am i suppose to restrict the file chosen? ive tried both of the above methods and it doesnt seen to work properly.


if($File) // if file exists

{

print "File Name: <strong> $File_name </strong> <p>\n"; // name of file
print "File size: <strong> $File_size bytes </strong> <p>\n"; // size of file in bytes

if (copy($File, "c:\\$File_name"))
{
print "File successfully uploaded! <p>\n";
}
else
{
print "Unable to upload file <p>\n";
}
unlink ($File); // deletes the file

}

Where are $File and $File_name being set? And what version of PHP are you using?

it's set to the same php as the file upload form. Im using Phptriad 2.1.1. The php script points to itself when the file is uploaded.

Does the basic file upload work?
Are you suing PHP's variables $_FILES anywhere?

May I refer you to Jonathan Wichmann's article Creating a multifile upload script in PHP?