Verify, rename, and upload

[JackW]

I have been trying for days to write a code that will upload a picture to my server after renaming it, verifying that it is a picture and not oversized, then add a link to my data base. What I have put together works fine when all requirements are met, however if I substitute a file that is not a picture (example .txt) page 2 either locks up as a blank page or uploads the incorrect file to the site. No error message of any kind. What am I doing wrong? Your help will be greatly appreciated. Here is my code:Page 1<html><body><form action="add6.php" method="post"enctype="multipart/form-data"><label for="file">Filename:</label><input type="file" name="file" id="file" /> <br /><input type="submit" name="submit" value="Upload Picture" /></form></body></html>Page 2<html><body><?php if (($_FILES["file"]["type"] == "image/gif")|| ($_FILES["file"]["type"] == "image/jpeg")|| ($_FILES["file"]["type"] == "image/pjpeg")|| ($_FILES["file"]["type"] == "image/jpg")&& ($_FILES["file"]["size"] < 20000)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else {//This function separates the extension from the rest of the file name and returns it function findexts ($filename) { $filename = strtolower($filename) ; $exts = split("[/\\.]", $filename) ; $n = count($exts)-1; $exts = $exts[$n]; return $exts; } //This applies the function to our file $ext = findexts ($_FILES['file']['name']) ;//This line assigns a random number to a variable. You could also use a timestamp here if you prefer. $ran = rand () ;//This takes the random number (or timestamp) you generated and adds a . on the end, so it is ready of the file extension to be appended.$ran2 = $ran.".";//This assigns the subdirectory you want to save into... make sure it exists!$target = "/My_site_info/uploads/";//This combines the directory, the random file name, and the extension$target = $target . $ran2.$ext; $image = $ran2.$ext;//Writes the photo to the server if(move_uploaded_file($_FILES['file']['tmp_name'], $target)) {echo "The file has been uploaded as ".$ran2.$ext;echo '<form action="putin.php" method="POST"> Name: <input type="text" name="name"><br> E-mail: <input type="text" name = "email"><br> Phone: <input type="text" name = "phone"><br> <input type="hidden" name="picture"value="';echo$image;echo '">' ;echo'<input type="submit" value="Submit"> </form>';} else{echo "Sorry, there was a problem uploading your file."; } }}?> </body></html>Page 3<html><body><?php$username="Myusername";$password="mypasswordy";$database="mydatabase";//This gets all the other information from the form $name=$_POST['name']; $email=$_POST['email']; $phone=$_POST['phone']; $pic=$_POST['picture']; // Connects to your Database @$db = mysql_pconnect('myinfo,'mydatabase','mypasswordy');mysql_select_db('mydatabase') or die( "Unable to select database");//Writes the information to the database {mysql_query("INSERT INTO `mytable` VALUES (NULL,'$name', '$email', '$phone', '$pic')");}$results=mysql_query($query);{echo 'Thank you for Submitting your information;}mysql_close($db);?></body></html>

[justsomeguy]

You do not have an else for this condition:if (($_FILES["file"]["type"] == "image/gif")|| ($_FILES["file"]["type"] == "image/jpeg")|| ($_FILES["file"]["type"] == "image/pjpeg")|| ($_FILES["file"]["type"] == "image/jpg")&& ($_FILES["file"]["size"] < 20000))If that is false, nothing happens.