PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
tags where appropriate when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
Im trying to upload an image ( with description, price .. ) on remote server...
The code for localhost:
do not rely on the mime-type sent from the browser to be correct. Since you are looking for images, use getimagesize() to determine both type and dimensional information about the image.
using basename() on the "name" element, as IE (at least) sends full path information. At the worst, someone could send a malicious path that could overwrite a file outside the 'files' directory.
You may experience added backslashes in the text description, this is due to using addslashes() on data that has already passed through a magic quotes handler. It's suggested to detect the magic quotes system and stripslashes() the data if on, before escaping (using mysql_real_escape_string() if possible)
Where does this come from ?
I choose the file and click submit and this is what i get after i have changed the suggested parts.
Warning: move_uploaded_file(files/bullet.gif) [function.move-uploaded-file]: failed to open stream: No such file or directory in C:\Apache2\Apache2\htdocs\test\upload.php on line 28
After testing syntax i still can make no real upload into db.
I get no errors, file is saved in temp dir but there is no upload into db.
Confirmation is displayed ( Succesfull transfer ).
I tested with gif, jpg , different file sizes ( from 10 - 500KB ) but the db table is still empty