Ok, here's the page:

http://scott.summel.net/admin/index.php?section=uploads

I have it set so that only the filetypes I show there should work...however it allows any filetype.

Here's the code for the form:

<form enctype="multipart/form-data" action="/admin/index.php?section=uploads" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="250000" />
<input name="userfile" id="userfile" type="file" size="55" />

<input class="standard" type="submit" name="filesubmit" value="Upload" />
</form>

And here's the PHP code for the processing:

if ($_POST['filesubmit']){
$date = date('mdY',time());

$uploaddir = $_SERVER['DOCUMENT_ROOT'] . '/images/uploads/';
$uploadfile = $uploaddir . $date . '-' . str_replace(' ','_',basename($_FILES['userfile']['name']));

// Check File Extension
if (!preg_match('/[gif$|jpg$|jpe$|jpeg$|png$]/i',$_FILES['userfile']['name'])){
$smarty->assign('message','Sorry, you must submit either a .gif, .jpg, .jpeg, .jpe, or .png file.');
$smarty->assign('sub_tpl_name','admin_upload_message.tpl');
}
// If File Extension is Correct, Attempt to Move from TMP folder to Destination Folder
else{
// If File Move is Successful
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)){
$smarty->assign('message','Your file was successfully uploaded.<br />To insert your image into a new snippet, please use the following path:');
$smarty->assign('path','/' . substr($uploadfile,23));
$smarty->assign('sub_tpl_name','admin_upload_message.tpl');

// DEBUGGING INFO
/*
echo '<pre style="margin-left: 50px; font-weight: bold; text-align: left;">';
print_r($_FILES);
echo '</pre>';
*/

$smarty->assign('sub_tpl_name','admin_upload_message.tpl');
}
else{
echo 'There was a problem when attempting to upload a new picture.';
echo '<br />';
echo 'Send the following to the administrator:';
echo '<br />';

// DEBUGGING INFO
echo '<pre style="margin-left: 50px; font-weight: bold; text-align: left;">';
print_r($_FILES);
echo '</pre>';
}
echo '</div>';
}
}


I'm using Smarty Templating Engine, so that's what's with all the template-type variables and such.

Anyway, anyone know what I'm doin' wrong?

Thanks,
Will

Fo one, I would start in my form with:
<input type='file' name='userfile' accept='image/gif,image/jpg, etc...'>

Then, I would check against $_FILES['userfile']['type'] rather than just the file name. To be somewhat more certain that I'm getting what I want, I would check the MIME type with getimagesize() or mime_content_type().

Ok, I changed my if() to this:
// Check MIME type
if ($_FILES['userfile']['type'] != 'image/jpeg' OR 'image/pjpeg' OR 'image/gif' OR 'image/png' OR 'image/x-png'){
$smarty->assign('message','Sorry, you must submit either a .gif, .jpg, .jpeg, .jpe, or .png file.');
$smarty->assign('sub_tpl_name','admin_upload_message.tpl');

and then changed my input field to this:
<input type="file" name="userfile" accept="image/jpeg,image/gif" size="55" />

Unfortunately, it won't let me upload ANY file types now... Something wrong in my if statement possibly?

Thanks,
Will

// Check MIME type
$types = array("image/jpeg", "image/pjpeg", "image/gif", "image/png", "image/x-png");

if (in_array($_FILES['userfile']['type'], $types))
{
......

Is the accept attribute actually necessary then?