IT Nursery
  • 1010 Avenue of the Moon
    New York, NY 10018 US.
  • Mon - Sat 8.00 - 18.00
    Sunday: Closed
  • Get A Quote
  • WordPress

    • How to limit file type to be upload?

    • IT Nursery
    • May 17, 2022
    • 0

    I have a custom page template with a form, that any visitor of the website can upload a file. Now, I want to restrict the file type that will be upload (docx, doc and pdf only) and I limit the file size into 2MB only.

    How to do this? I already have a function that the user allowed to upload, but I don’t know how to restrict the file type that allowed to be upload. Please help me.

    I tried to change

    'post_mime_type' => $file_return['type']

    into this

    'post_mime_type' => 'application/msword,vnd.openxmlformats-officedocument.wordprocessingml.document,pdf'

    but still it’s not working.

    PHP in custom page template

    if(isset($_POST['submit'])){
    $firstName = isset($_POST['firstName']) ? $_POST['firstName'] : '';
    $middleName = isset($_POST['middleName']) ? $_POST['middleName'] : '';
    $lastName = isset($_POST['lastName']) ? $_POST['lastName'] : '';
    $email = isset($_POST['email']) ? $_POST['email'] : '';
    $mobile = isset($_POST['mobile']) ? $_POST['mobile'] : '';
    $locations = isset($_POST['locations_list']) ? $_POST['locations_list'] : '';
    $position = isset($_POST['position']) ? $_POST['position'] : '';
    $message = isset($_POST['message']) ? $_POST['message'] : '';
        if( ! empty($_FILES)){
            $file=$_FILES['resumeFile'];
            $attachment_id = upload_user_file($file);
        }

    $sql=$wpdb->query($wpdb->prepare("INSERT INTO resume_databank(submit_time,last_name,first_name,middle_name,mobile_number,email,location,position,message,process_resume,attachment_resume_id) VALUES (now(),'$lastName','$firstName','$middleName','$mobile','$email','$locations','$position','$message','No','$attachment_id')"));
}

    PHP in functions.php

    function upload_user_file($file = array()){
    require_once(ABSPATH . 'wp-admin/includes/admin.php');
      $file_return = wp_handle_upload($file, array('test_form' => false));
      if(isset($file_return['error']) || isset($file_return['upload_error_handler'])){
          return false;
      } else {
          $filename = $file_return['file'];
          $attachment = array(
              'post_mime_type' => $file_return['type'],
              'post_title' => preg_replace('/\.[^.]+$/', '', basename($filename)),
              'post_content' => '',
              'post_status' => 'inherit',
              'guid' => $file_return['url']
          );

          $attachment_id = wp_insert_attachment($attachment, $file_return['url']);

          require_once(ABSPATH . 'wp-admin/includes/file.php');
          $attachment_data = wp_generate_attachment_metadata($attachment_id, $filename);
          wp_update_attachment_metadata($attachment_id, $attachment_data);

          if(0 < intval($attachment_id)){
            return $attachment_id;
          }
      }
      return false;
}

    3 Answers
    3

    This is a full working example with file type and size limits and all the error handling.

    Every step is commented. Let me know if you have any more questions.

    • You can find all the mime types from here.
    • Make sure to check if it’s allowed in WP too.
    // Allowed file types -> search online for desired mime types
$allowed_file_types = array( "image/jpeg", "image/jpg", "image/png" );
// Allowed file size -> 2MB
$allowed_file_size = 2000000;

$upload_errors="";

// Check if has a file -> this assumes your file input "name" is "uploaded-file"
if ( ! empty( $_FILES['uploaded-file']['name'] ) ) {

    // Check file type
    if ( ! in_array( $_FILES['uploaded-file']['type'], $allowed_file_types ) ) {

        $upload_errors .= '<p>Invalid file type: ' . 
                          $_FILES['uploaded-file']['type'] . 
                          '. Supported file types: jpg, jpeg, png</p>';
    }

    // Check file size
    if ( $_FILES['uploaded-file']['size'] > $allowed_file_size ) {

        $upload_errors .= '<p>File is too large. Max. upload file size is 2MB</p>';
    }

    // No errors -> upload image
    if ( empty( $upload_errors ) ) {

        if ( $_FILES['uploaded-file']['error'] !== UPLOAD_ERR_OK ) __return_false();

        require_once( ABSPATH . 'wp-admin/includes/file.php' );

        // Upload the file -> if you don't want to attach it to post, pass $post_id as 0
        $upload_id = media_handle_upload( 'uploaded-file', $post_id );        

        if ( is_wp_error( $upload_id ) ) {

            // Error uploading the file -> show it
            echo '<p>Upload failed. Please submit again</p>';
        } 
        else {

            // No errors -> show success message
            echo '<p>Upload was successful</p>';
        }
    }

    // Had an error -> show error(s)    
    else {

        echo $upload_errors;
    }
}

    Tags:

    Leave a Reply

    Your email address will not be published. Required fields are marked *