CI provide us a class to simplify our file uploading routine. We can easily make a file uploading process in just a few simple step, no head spin needed. But we must know how the Uploading class work, so we can solve some problem may occurred.
A very common mistake is on ‘file type’ setting. In file uploading process, off course we need limit kind of file that allowed to upload and this will be common mistake.
The CI Upload class use their own ‘mime’ data to determinate the file mime type, I think why they use own mime rather than using mime function on PHP or Apache is to avoid dependency. Some server may not include mime extension in their setting so it will be problem if we can not use mime function to determinate the file mime.
The CI mime file located in system/application/config/mimes.php , when we do upload some file using upload class, the file that uploaded will generate the information about the file like file name, file type, size and temporary file name. This information generated by the browser. Here some information example of an ‘exe’ file uploaded using Internet Explorer browser.
Array
(
[userfile] => Array
(
[name] => putty.exe
[type] => application/x-msdownload
[tmp_name] => d:/wamp/tmp\phpCF.tmp
[error] => 0
[size] => 454656
)
)
The Uploading class use ‘type’ information as mime types. That information will compared with data from system/application/config/mimes.php to determinate if the file allowed to upload. If the data from ‘type’ included on mimes.php data it mark as ‘allowed file’. From mimes.php, an ”exe” file mime type is :
‘exe’ => ‘application/octet-stream’,
And from ‘type’ information the ‘exe’ file mime type is :
application/x-msdownload
Now we can see the problem here, the file information is generated by the browser and the browser may generate different kind of file type, Here the example for an “exe” file :
Internet Explorer : application/octet-stream (we have no problem if we use IE for upload)
Firefox : application/x-msdos-program (we got problem here)
Safari : application/x-msdownload (we also got problem here)
Opera : application/x-msdownload (we also got problem here)
So, we must check the allowed file type and the mime type in mimes.php in common browser : Safari, IE , Firefox and Opera is quite enough. For debugging, put this code on line 195 of Uploading Class, you will got information about file you been uploaded like in above example.
echo ‘
'; print_r($_FILES[$field]['type']); echo '
‘;
die();
?>