I am just using a upload script and need to specify that only audio files are uploaded no video or images or any other file.
Only audio files must be loaded.
Can any body provide me the solution for that.

SCRIPT using


// you can change this to any directory you want
// as long as php can write to it
$uploadDir = 'C:/webroot/upload/';

$fileName = $_FILES;
$tmpName  = $_FILES;
$fileSize = $_FILES;
$fileType = $_FILES;
// the files will be saved in filePath
$filePath = $uploadDir . $fileName;
// move the files to the specified directory
// if the upload directory is not writable or
// something else went wrong $result will be false
$result    = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";

include 'library/config.php';
include 'library/opendb.php';
$fileName  = addslashes($fileName);
$filePath  = addslashes($filePath);
$query = "INSERT INTO upload2 (name, size, type, path ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$filePath')";
mysql_query($query) or die('Error, query failed : ' . mysql_error());
include 'library/closedb.php';

echo "<br>File uploaded<br>";
<form action="" method="post" enctype="multipart/form-data" name="uploadform">
<table width="350" border="0" cellpadding="1" cellspacing="1" class="box">
<td width="246"><input type="hidden" name="MAX_FILE_SIZE" value="2000000"><input name="userfile" type="file" class="box" id="userfile">
<td width="80"><input name="upload" type="submit" class="box" id="upload" value="  Upload  "></td>

I think the standard way is to check the file extension, or to check the mime type.

Of course, none of this guarantees that the uploaded file is a valid "audio" file. (What is an audio file for you? MP3, WAV, OGG, etc..????). Depending on your app, this may allow certain people to trade files that are not audio files, just by adding a fake .mp3 extension such as renaming somefile.zip to somefile_zip.mp3.