why I can't let people upload files to my web?
I have PHP, mySQL support server running.
I set the upload folder chmod to 777
and I upload php file up by ascii mode & binary mode too. no works.. just get no file selected on all php scripts form hotscripts..
but I have browse and select a image file.. why??
uploader
Moderator: General Moderators
upload.php code
upload.html code
?>
When I try to upload a filename.txt
it goes to a blank white page.. nothing up.. and when I try my tmp folder where It upload. no file in there
i have chmod 777 tmp folder
Code: Select all
<?
if ($file == "none") {
print "You must specify a file to upload";
}
else {
copy($file, "/dw05/d55/vietboy/tmp/$file_name");
unlink($file);
}
?>Code: Select all
<form action="upload.php" method="post" ENCTYPE="multipart/form-data">
<input type="file" size=40 name="file"><br>
<input type="hidden" name="MAX_FILE_SIZE" value="100000">
<input type="submit" value="upload">
</form>When I try to upload a filename.txt
it goes to a blank white page.. nothing up.. and when I try my tmp folder where It upload. no file in there
i have chmod 777 tmp folder
An important note, that form is very insecure. Anyone who knows PHP could upload a .PHP file to your server and execute it. I would advise that add some security to the form.
Right now this form is setup to check if the file is an image or not (either a .GIF or .JPG). If you want other files to be uploaded then you need to change the MIME types. Here is a list of known MIME types: http://simplythebest.net/info/apache_mime.html
Here is how I would do it:
Right now this form is setup to check if the file is an image or not (either a .GIF or .JPG). If you want other files to be uploaded then you need to change the MIME types. Here is a list of known MIME types: http://simplythebest.net/info/apache_mime.html
Here is how I would do it:
Code: Select all
<?php
$uploaddir = $_SERVER['DOCUMENT_ROOT'] . "/path/to/upload/folder/"; //replace the $uploaddir to wherever you want the files to go
$filename = $_FILES['file']['name']; // get the filename
$filetype = $_FILES['file']['type']; // get the file MIME type
$uploadfile = $uploaddir . $filename; //this is full path to where the file will go
if (empty($filename)) { //make sure the user selected a file
die ("You must specify a file to upload!");
}
if ($filetype == "image/jpeg" || $filetype == "image/jpg" || $filetype == "image/gif") { //make sure file is .jpg or .gif
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) { // move the file
echo "File is valid, and was successfully uploaded. ";
}
else {
echo "File upload failed";
}
}
else {
die ("Please only upload image files. Your file type was $filetype");
}
?>