I want to upload a CSV file for which I have the form set up:
Code: Select all
echo "<form name=\"form1\" id=\"form1\" method=\"post\" enctype=\"multipart/form-data\" onsubmit=\"return check();\" action=\"team_standings.php?action=upload\">";
echo "<p>";
echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"30000\" />";
echo "<b>Import an Excel CSV standings list: </b>";
echo "<br>";
echo "<input type=\"file\" name=\"csvinput\" id=\"csvinput\">";
echo "<p>";
echo "<input type=\"submit\" value=\"Upload\">";
echo "</form>";
and then I have the receiving code which is in another file:
if ($_FILES["csvinput"]["error"] > 0)
{
echo "Error: " . $_FILES["csvinput"]["error"] . "<br />";
}
else
{
$myFile = $_FILES["csvinput"]["name"];
echo "Upload: " . $myFile . "<br />";
echo "Type: " . $_FILES["csvinput"]["type"] . "<br />";
echo "Size: " . ($_FILES["csvinput"]["size"] / 1024) . " Kb<br />";
$filePath = $_FILES["csvinput"]["tmp_name"];
echo "Stored in: " . $filePath;
}
$uploaddir = '/var/www/html/admin/Uploads';
$uploadfile = $uploaddir . basename($_FILES['csvinput']['name']);
echo '<pre>';
if (move_uploaded_file($_FILES['csvinput']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";WHY?