1000000) { throw new RuntimeException('Túl nagy a file!'); } $finfo = new finfo(FILEINFO_MIME_TYPE); if (false === $ext = array_search( $finfo->file($_FILES['upfile']['tmp_name']), array( 'jpg' => 'image/jpeg', 'png' => 'image/png', 'gif' => 'image/gif', ), true )) { throw new RuntimeException('Nem kép!'); } // You should name it uniquely. // DO NOT USE $_FILES['upfile']['name'] WITHOUT ANY VALIDATION !! // On this example, obtain safe unique name from its binary data. if (!move_uploaded_file($_FILES['upfile']['tmp_name'],$WHERE['subdir'].'/'.$WHERE['filename'])) { throw new RuntimeException('Nem tudtuk átmozgatni. Van jogunk írni a célkönyvtárba?'); } } catch (RuntimeException $e) { $_SESSION['alert'][] = 'info::'.$e->getMessage(); } } ?>