Hi,
I am working uploading feature with php and come to my mind of wondering what if user choose to input something like below
C:\php\extras\
And when click submit to next page, you will see the error message below. So the question is how to solve this kind of issue from happening. My idea is to use javascript to detect the value..but i am looking on other alternative.
Warning: move_uploaded_file(image_upload/extras") [function.move-uploaded-file]: failed to open stream: Invalid argument in D:\10 Document\Personal\www\www_04\t4.php on line 7
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move 'C:\WINDOWS\Temp\php36.tmp' to 'image_upload/extras"' in D:\10 Document\Personal\www\www_04\t4.php on line 7
array(5) { ["name"]=> string(7) "extras"" ["type"]=> string(24) "application/octet-stream" ["tmp_name"]=> string(25) "C:\WINDOWS\Temp\php36.tmp" ["error"]=> int(0) ["size"]=> int(0) }
Upload file - how to detect wrong input
Moderator: General Moderators
Re: Upload file - how to detect wrong input
JavaScript? Lord no.
Don't know what you did but the destination name has a quotation mark in it. That's not valid on Windows so you can't copy it using that name.
So how did you upload something called extras"?
Don't know what you did but the destination name has a quotation mark in it. That's not valid on Windows so you can't copy it using that name.
So how did you upload something called extras"?
-
BornForCode
- Forum Contributor
- Posts: 147
- Joined: Mon Feb 11, 2008 1:56 am
Re: Upload file - how to detect wrong input
You cannot use the JavaScript to detect input.
There are two ways to verify the upload, one to check it's extension which is not hack proof, the other one (the safe way) is to read file header, for example:
To identify gif:
To identify jpeg:
There are two ways to verify the upload, one to check it's extension which is not hack proof, the other one (the safe way) is to read file header, for example:
To identify gif:
Code: Select all
Byte 1 2 3
Hex 47 49 46
Char G I FCode: Select all
Byte 1 2 3 4 5 6 7 8 9 10 11
Hex FF D8 FF E0 Skip Skip 4A 46 49 46 00
Char ÿ Ø ÿ à Skip Skip J F I F Re: Upload file - how to detect wrong input
I dont have any idea why there is quatation mark there. But one thing for sure is that the entries value is causing it hair-wired...
Either i write a new script to detect the input or is a bugs on my programming. i tried to input a valid path to a filename and it works. My script are very straight forward. See below.
Page 1
<form name="form_name" method="post" action="t4.php" enctype="multipart/form-data">
<input name="fld_pic" size="50" type="file">
<br><input name="Submit1" type="submit" value="submit">
</form>
Page 2
$upload_file = $_FILES['fld_pic']["tmp_name"];
$dest_file = $_FILES['fld_pic']["name"];
$ok = move_uploaded_file($upload_file,'image_upload/'.$dest_file);
var_dump ($_FILES['fld_pic']);
Either i write a new script to detect the input or is a bugs on my programming. i tried to input a valid path to a filename and it works. My script are very straight forward. See below.
Page 1
<form name="form_name" method="post" action="t4.php" enctype="multipart/form-data">
<input name="fld_pic" size="50" type="file">
<br><input name="Submit1" type="submit" value="submit">
</form>
Page 2
$upload_file = $_FILES['fld_pic']["tmp_name"];
$dest_file = $_FILES['fld_pic']["name"];
$ok = move_uploaded_file($upload_file,'image_upload/'.$dest_file);
var_dump ($_FILES['fld_pic']);