list($filename, $fileext) = split(".", $HTTP_POST_FILES['file']['name']);
If you put error_reporting(E_ALL); as the first line of your script you'll see it's full of buggets
I've tweaked your version a bit (and used the superglobals as there's no reason not to unless you're using PHP < 4.1.0):
Code: Select all
<?php
error_reporting(E_ALL);
include("dbconnection/connect_db.inc.php");
if (!empty($_POST['submit'])) {
list($filename, $fileext) = split(".", $_FILES['file']['name']);
print_r($HTTP_POST_FILES);
print_r($fileext);
if (!is_uploaded_file($_FILES['file']['tmp_name'])) {
$error = "You did not upload a file!";
unlink($_FILES['file']['tmp_name']);
// assign error message, remove uploaded file, redisplay form.
} else {
//a file was uploaded
$maxfilesize=3000000;
if ($fileext == "php")
{
$error = "This file type is not allowed.";
unlink($HTTP_POST_FILES['file']['tmp_name']);
// assign error message, remove uploaded file, redisplay form.
} elseif ($_FILES['file']['size'] > $maxfilesize) {
$error = "This file is too large";
unlink($_FILES['file']['tmp_name']);
// assign error message, remove uploaded file, redisplay form.
} elseif ($_FILES['file']['type'] != "text/plain") {
$error = "This file type is not allowed";
unlink($_FILES['file']['tmp_name']);
// assign error message, remove uploaded file, redisplay form.
} else {
//File has passed all validation, copy it to the final destination and remove the temporary file:
copy($_FILES['file']['tmp_name'],"faqs/".$_FILES['file']['name']);
unlink($_FILES['file']['tmp_name']);
print "File has been successfully uploaded!";
print "$filename";
print "$fileext";
exit;
}
}
}
?>
<html>
<head></head>
<body>
<form action="<?=$_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data">
<?php if(!empty($error)) echo $error; ?>
<br><br>
Choose a file to upload:<br>
<input type="file" name="file"><br>
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>