hai guys, As i am a newbie i want to check a file path is an image or not
<? if(strpos($row['dfilepath'],'jpg') != false)
{
<img src=" <?= base_url().'/uploads/'.$row['dFilePath']?>" />
}
else
{
<input type="button" onclick="loaddetails('<?php echo $row['dFilePath'];?>');" value="<?php echo $row['dFilePath'];?>">
}
?>
whether my condition is correct or not..My error
unexpected '<'
Your code is incorrect. This should work assuming that your $row array is valid.
<?php
$ext = substr( $row[ 'dfilepath' ], strpos( $row[ 'dfilepath', '.' ) );
if($ext == 'jpg')
{
?>
<img src="<?php echo base_url().'/uploads/'.$row['dFilePath']?>" />
<?php
}
else
{
?>
<input type="button" onclick="loaddetails('<?php echo $row['dFilePath'];?>');" value="<?php echo $row['dFilePath'];?>">
<?php
}
?>
That will check if $row['dfilepath'] contains the string 'jpg' anywhere within it, so it will not fulfil your requirements.
If you mean if it is image then show it or show the download link then it is correct. Thanks
I'd make it so it only checks the last three chars of your file string, otherwise a file named "jpg.png" will currently cause your code to try to show the image:
<?php
$file = $row['dfilepath'];
$file_ending = substr($file, strlen($file) - 3);
if('jpg' == $file_ending) { ?>
<img src=" <?php echo base_url().'/uploads/'.$file?>" />
<?php } else { ?>
<input type="button" onclick="loaddetails('<?php echo $file;?>');" value="<?php echo $file?>">
<?php } ?>
It is generally a bad habit to check file type using the extension. I can easily create a text file and rename it .jpg According to this code it would suddenly become an actual image. Or even more evil: I might exploit some bug in webbrowsers by creating a fake jpg that actually executes some code.
Besides that, I might name my jpeg files JPEG, jPG, jpG, JPeg or any other combination you might think of. Then there's also other formats than jpeg. I don't know the rest of your code, but maybe you want someone to allow uploading png or gif images.
If you want to be a little more sure that you actually have an image file, a more sure way to check is using getimagesize. That does require the GD extension though. If that function provides you with output that seems likely to be real you're a whole lot safer using that file as an image. Sure there are cases when you don't care and just want to check for the extension of a file. But I get a feeling this code is supposed to get a little public. A little example:
<?php
$file = $row['dfilepath'];
// where upload_dir is a function that somehow finds
// the absolute path of the upload dir
$path = upload_dir() . DIRECTORY_SEPARATOR . $file;
$valid = array('image/jpeg', 'image/gif', 'image/png');
$info = getimagesize($path);
if($info !== false && in_array($info['mime'], $valid) {
// more likely you'll actually have an image here
// now you might want to print some html here, like:
?><img src="/uploads/<?php print $file; ?>" alt="" /><?php
}
?>
if(strpos($row['dfilepath'],'jpg') != false)
This is a minor gotcha, if 'jpg' happens to occur at the start of the string being searched. strpos will properly return 0 for the hit, but 0 evaluates to false in a standard equality test. You'll end up with (false != false).
If you're using strpos to exclusively test for the existence of a substring, you have to use the strict === and !== operators (note the extra =), which not only compare values but types as well, where 0 !== false will evaluate to true. Integer 0 is not strictly equal to boolean false, even though they have the same value of 0.