[wplug] Clean up a PHP script

[Kevin Squire]

I have created a web form with PHP.  The webform is in online application
form, that then emails our HR department.  They want me to include an option
on the form to upload a resume.  I would like to stem off some trouble by
making sure that the file they upload is one of our "acceptable" formats.
(Arguments about acceptable can be tabled -- I had to fight them to accept
.txt file formats)

I have my check working, but I have two questions about it:

1) It seems to be a bit of a clug - can I clean it up some?
2) What false-positives could occur?

Here is a snip:

      error_reporting(0);
      // initialize a array to hold any errors we encounter
      $errors = array();
      // check to see if a first name was entered
      if (!$_POST['fName'])
         $errors[] = "First Name is required";
      // check to see if a last name was entered
      if (!$_POST['lName'])
         $errors[] = "Last Name is required";

CUT SOME STUFF OUT HERE......

        // check file types against known extensions
      $whitelist = array(".rtf", ".doc", ".txt", ".pdf");
      // initialize the extension errors counter
      $ext_err = 0;
      // check the file extension
      foreach ($whitelist as $item) {
        if (!preg_match("/$item\$/i", $_FILES['userfile']['name']))
           $ext_err = $ext_err + 1 ;
      }
      if ($ext_err == 4)
             $errors[] = "We only allow certain file formats " .$ext_err;

>From the "foreeach" loop down is that part that I would think I could clean
up some.. but I just can't seem to figure it out myself.

Thanks,
Kevin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.wplug.org/pipermail/wplug/attachments/20080131/bf0b74c3/attachment.html