Codice PHP:$dir=$_SERVER['DOCUMENT_ROOT'].'/public';
$filepdf=$id.'doc'.$_FILES['pdf']['name'];
if(trim($_FILES["pdf"]["name"])=='') {die("non hai indicato il file");}
$tipi_consentiti=array('application/pdf'); // ho modificato solo questa riga
if(!in_array($_FILES['pdf']['type'],$tipi_consentiti)) {die('tipo file non consentito pdf');}
if(is_uploaded_file($_FILES["pdf"]["tmp_name"])) {
move_uploaded_file($_FILES["pdf"]["tmp_name"],$dir.'/'.$filepdf) or die('errore');
$sql='UPDATE attivita SET att_pdf="'.$filepdf.'" WHERE att_id='.$id;
mysql_query($sql); }
Rispondi quotando