Page 1 of 1
Uploading Static File. [cannot be solved]
Posted: Mon Jun 06, 2005 8:17 pm
by aybra
Hello and thank you,
I'm trying to upload a static file from my C:/, the file will always be the same name. I've tried modifieng the Script for uploading
Code: Select all
<?php
$uploadDir = 'htdocs/';
$uploadFile = $uploadDir . addslashes($_FILES['userfile']['name']);
print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadFile))
{
print "File is valid, and was successfully uploaded. ";
print "Here's some more debugging info:\n";
print_r($_FILES);
}
else
{
print "Possible file upload attack! Here's some debugging info:\n";
print_r($_FILES);
}
print "</pre>";
?>
But i keep getting the Possible file upload attack...
any one know how to do what i'm trying to do?
Posted: Mon Jun 06, 2005 8:41 pm
by John Cartwright
and what is your print_r returning?
Posted: Mon Jun 06, 2005 9:14 pm
by aybra
It works well when i use
Code: Select all
<form enctype="e;multipart/form-data"e; action="e;upload.php"e; method="e;post"e;>
<input type="e;hidden"e; name="e;MAX_FILE_SIZE"e; value="e;100000000"e; />
Choose a file to upload: <input name="e;userfile"e; type="e;file"e; />
<input type="e;submit"e; value="e;Upload File"e; />
</form>
the array spits out
Code: Select all
Array
(
[userfile] => Array
(
[name] => eq2log_Flore.txt
[type] => text/plain
[tmp_name] => C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\php4C.tmp
[error] => 0
[size] => 2401
)
)
but i dont want to use the upload script to do it, i've tried setting a value in the first snippet there but it wount auto propigate to the field.
I've also tried using a text field, but of course that didnt work. If it had i'da been very shocked.
Posted: Tue Jun 07, 2005 4:21 am
by andylyon87
are you simply trying to upload a file to yor server and show the user the details of the file then save those details to a txt file.
Posted: Tue Jun 07, 2005 7:08 am
by Syranide
the error is likely because it cannot move the file.
for such reasons as you cannot move it into "htdocs/" as you are already in it, everything is relative to the script itself.
Posted: Tue Jun 07, 2005 8:05 am
by aybra
The path to the file is outside of the localhost, and is not in htdocs. There is no accurance f the file inside htdocs. The script works fine when i use the upload form, however I want the path to the file hardcoded into the script. Every time i hit that page from my home PC, i want it to upload the text file. Delete the text file, than insert into a MySql DataBase. Than delete the file on the server.
The file is in C:/program files/sony/everquestII/logs/eqlogs_character.txt
Posted: Tue Jun 07, 2005 8:25 am
by phpScott
i don't think it has anything to do with file paths but the security around the input type =file.
if it could be hardcoded into the form what would stop from hardcoding in commonfile name into a form and uploading all sorts of data from you computer. Just think of all the fun(usefull)stuff you could get of the windows system directory.
It's down to security I don't think you can do it the way you want.
You could try looking in php ftp functions though.
Posted: Tue Jun 07, 2005 3:52 pm
by aybra
Preciate the help, didnt think of that prospect of it.. Thanks ya'll guess i'll just have to waist the three clicks of my mouse!