file upload validation - RefactorMyCode.com

This function validates files uploaded through a form. There has to be a file named 'info', 'data', and 'thumbnail'. Optional is a file called 'bg'. Each file has predefined max sizes. There should be no two files with the same name, and unknown filenames invalidate the upload.
The code works, but I was wondering if it could be written better. New to PHP.
Also not sure if there's a better way for debug messages.

Thanks!

define("MAX_INFO_SIZE",500);
define("MAX_DATA_SIZE",100000);
define("MAX_THUMBNAIL_SIZE",10000);
define("MAX_BG_SIZE",50000);
define("DEBUG",1);

function isUploadValid() {
	$isValid = true;
	$haveInfo = false;
	$haveData = false;
	$haveThumbnail = false;
	$haveBg = false;

	foreach ($_FILES['uploadFile']['name'] as $i => $name) {
		if ($name == "info") {
			if (DEBUG) echo ".validating info file\n";
			if ($haveInfo) { $isValid = false; } else { $haveInfo = true; }
			if (empty($_FILES['uploadFile']['tmp_name'][$i])) $isValid = false;
			if ($_FILES['uploadFile']['size'][$i] > MAX_INFO_SIZE) $isValid = false;
			if ($_FILES['uploadFile']['error'][$i]) $isValid = false;
		} elseif ($name == "data") {
			if (DEBUG) echo ".validating data file\n";
			if ($haveData) { $isValid = false; } else { $haveData = true; }
			if (empty($_FILES['uploadFile']['tmp_name'][$i])) $isValid = false;
			if ($_FILES['uploadFile']['size'][$i] > MAX_DATA_SIZE) $isValid = false;
			if ($_FILES['uploadFile']['error'][$i]) $isValid = false;
		} elseif ($name == "thumbnail") {
			if (DEBUG) echo ".validating thumbnail file\n";
			if ($haveThumbnail) { $isValid = false; } else { $haveThumbnail = true; }
			if (empty($_FILES['uploadFile']['tmp_name'][$i])) $isValid = false;
			if ($_FILES['uploadFile']['size'][$i] > MAX_THUMBNAIL_SIZE) $isValid = false;
			if ($_FILES['uploadFile']['error'][$i]) $isValid = false;
		} elseif ($name == "bg") {
			if (DEBUG) echo ".validating bg file\n";
			if ($haveBg) { $isValid = false; } else { $haveBg = true; }
			if (empty($_FILES['uploadFile']['tmp_name'][$i])) $isValid = false;
			if ($_FILES['uploadFile']['size'][$i] > MAX_BG_SIZE) $isValid = false;
			if ($_FILES['uploadFile']['error'][$i]) $isValid = false;
		} else {
			$isValid = false;		//unknown file
		}
		if (!$isValid) break;
	}

	// must have info, drawing and thumbnail
	if (!$haveInfo) $isValid = false;
	if (!$haveData) $isValid = false;
	if (!$haveThumbnail) $isValid = false;

	return $isValid;
}

define("MAX_INFO_SIZE",500); define("MAX_DATA_SIZE",100000); define("MAX_THUMBNAIL_SIZE",10000); define("MAX_BG_SIZE",50000); define("DEBUG",1); function isUploadValid() { $isValid = true; $haveInfo = false; $haveData = false; $haveThumbnail = false; $haveBg = false; foreach ($_FILES['uploadFile']['name'] as $i => $name) { if ($name == "info") { if (DEBUG) echo ".validating info file\n"; if ($haveInfo) { $isValid = false; } else { $haveInfo = true; } if (empty($_FILES['uploadFile']['tmp_name'][$i])) $isValid = false; if ($_FILES['uploadFile']['size'][$i] > MAX_INFO_SIZE) $isValid = false; if ($_FILES['uploadFile']['error'][$i]) $isValid = false; } elseif ($name == "data") { if (DEBUG) echo ".validating data file\n"; if ($haveData) { $isValid = false; } else { $haveData = true; } if (empty($_FILES['uploadFile']['tmp_name'][$i])) $isValid = false; if ($_FILES['uploadFile']['size'][$i] > MAX_DATA_SIZE) $isValid = false; if ($_FILES['uploadFile']['error'][$i]) $isValid = false; } elseif ($name == "thumbnail") { if (DEBUG) echo ".validating thumbnail file\n"; if ($haveThumbnail) { $isValid = false; } else { $haveThumbnail = true; } if (empty($_FILES['uploadFile']['tmp_name'][$i])) $isValid = false; if ($_FILES['uploadFile']['size'][$i] > MAX_THUMBNAIL_SIZE) $isValid = false; if ($_FILES['uploadFile']['error'][$i]) $isValid = false; } elseif ($name == "bg") { if (DEBUG) echo ".validating bg file\n"; if ($haveBg) { $isValid = false; } else { $haveBg = true; } if (empty($_FILES['uploadFile']['tmp_name'][$i])) $isValid = false; if ($_FILES['uploadFile']['size'][$i] > MAX_BG_SIZE) $isValid = false; if ($_FILES['uploadFile']['error'][$i]) $isValid = false; } else { $isValid = false; //unknown file } if (!$isValid) break; } // must have info, drawing and thumbnail if (!$haveInfo) $isValid = false; if (!$haveData) $isValid = false; if (!$haveThumbnail) $isValid = false; return $isValid; }

Refactorings

No refactoring yet !

Eineki

October 2, 2008, October 02, 2008 11:03, permalink

1 rating. Login to rate!

Hi, your code was repetitive, I've drawn the changing data into a bidimensional array and refactored the loop.
I tried to render the code straightforward, if you have question I'm here.

For debug I use a firefox extension named firephp (http.//www.firephp.org) maybe it is worth a try (I'm not sure it is suited to your needs)

<?
define("DEBUG",1);

function isUploadValid() {
  $file = array(
     'info'=>array('maxSize'=>5000, 'isLoaded'=>false),
     'data'=>array('maxSize'=>100000, 'isLoaded'=>false),
     'thumbnail'=>array('maxSize'=>10000, 'isLoaded'=>false),
     'bg'=>array('maxSize'=>50000, 'isLoaded'=>false)
  );
  $lastFileWasValid = true;

  foreach ($_FILES['uploadFile']['name'] as $i => $name) {
    if ($lastFileWasValid && isset($file[$name]) && !$file[$name]['isLoaded']){
      if (DEBUG) echo "validating $name file\n";
      $file[$name]['isLoaded'] = true;   
      $lastFileWasValid =  !empty($_FILES['uploadFile']['tmp_name'][$i]) 
               && $_FILES['uploadFile']['size'][$i] > $file[$name]['maxSize']
               && $_FILES['uploadFile']['error'][$i];
    } else {
      return false; // unknown or already loaded file (or the previous screened file was flawed)
    }
  }
   
  return   $file['info']['isLoaded'] 
           && $file['data']['isLoaded'] 
           && $file['thumbnail']['isLoaded'];
}
?>

lajos

October 3, 2008, October 03, 2008 03:48, permalink

No rating. Login to rate!

Thanks so much for your help. Very elegant solution with the arrays.
Two small tweaks: flipped the greater than sign in the file size check and negate the error check. (Oh, and added one more debug message.)

<?php
	
  define("MAX_INFO_SIZE",500);
  define("MAX_DATA_SIZE",100000);
  define("MAX_THUMBNAIL_SIZE",10000);
  define("MAX_BG_SIZE",50000);
  define("DEBUG",1);
    
  function isUploadValid() {
    $file = array(
      'info'=>array('maxSize'=>MAX_INFO_SIZE, 'isLoaded'=>false),
      'data'=>array('maxSize'=>MAX_DATA_SIZE, 'isLoaded'=>false),
      'thumbnail'=>array('maxSize'=>MAX_THUMBNAIL_SIZE, 'isLoaded'=>false),
      'bg'=>array('maxSize'=>MAX_BG_SIZE, 'isLoaded'=>false)
    );
    $lastFileWasValid = true;

    foreach ($_FILES['uploadFile']['name'] as $i => $name) {
      if ($lastFileWasValid && isset($file[$name]) && !$file[$name]['isLoaded']){
        if (DEBUG) echo "validating $name file\n";
        $file[$name]['isLoaded'] = true;
      $lastFileWasValid =  !empty($_FILES['uploadFile']['tmp_name'][$i])
           && $_FILES['uploadFile']['size'][$i] < $file[$name]['maxSize']
           && !$_FILES['uploadFile']['error'][$i];
        if (DEBUG) echo ".isValid ".$name.": ".(int)$lastFileWasValid."\n";
      } else {
        return false; // unknown or already loaded file (or the previous screened file was flawed)
      }
    }

    return   $file['info']['isLoaded']
      && $file['data']['isLoaded']
      && $file['thumbnail']['isLoaded'];
  }
?>

Eineki

October 3, 2008, October 03, 2008 20:48, permalink

No rating. Login to rate!

Sorry, it was the cut and paste curse :)

Refactor :my => 'code'

Recent

Popular

PHP file upload validation

Refactorings

Eineki

October 2, 2008, October 02, 2008 11:03, permalink

lajos

October 3, 2008, October 03, 2008 03:48, permalink

Eineki

October 3, 2008, October 03, 2008 20:48, permalink

sdfsd

November 17, 2008, November 17, 2008 08:39, permalink

Your refactoring

Refactor :my => 'code'

Recent

Popular

PHP file upload validation

Refactorings

Eineki

October 2, 2008, October 02, 2008 11:03 //<![CDATA[ $('time_ago_1222945383').update(DateHelper.timeAgoInWords(1222945383000) + ' ago') //]]> , permalink

lajos

October 3, 2008, October 03, 2008 03:48 //<![CDATA[ $('time_ago_1223005721').update(DateHelper.timeAgoInWords(1223005721000) + ' ago') //]]> , permalink

Eineki

October 3, 2008, October 03, 2008 20:48 //<![CDATA[ $('time_ago_1223066897').update(DateHelper.timeAgoInWords(1223066897000) + ' ago') //]]> , permalink

sdfsd

November 17, 2008, November 17, 2008 08:39 //<![CDATA[ $('time_ago_1226911153').update(DateHelper.timeAgoInWords(1226911153000) + ' ago') //]]> , permalink

Your refactoring

October 2, 2008, October 02, 2008 11:03, permalink

October 3, 2008, October 03, 2008 03:48, permalink

October 3, 2008, October 03, 2008 20:48, permalink

November 17, 2008, November 17, 2008 08:39, permalink