PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I'm doing a simple image upload and basically as I'm sure all of you are aware no matter what tutorial I find on the internet the code is basically the same (for just simple image uploads).
But what I am finding is that it keeps returning "Possible image upload attack!".
<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.
$uploaddir = 'http://www.mydomain.com/images/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
?>
Notice the two upload directories are the same. It keeps saying possible image upload attack. The file size is only a few Kilobytes, it must have something to do with the directory that which I am trying to upload to.
Can anyone offer any advice? As far as I know there are no restrictions that would disable image uploads on my server. I mean I changed it in my config file.
No, you will need to change the path to the path where your web site images folder is on the actualy server. If it's a unix server it will be something like the format above, otherwise it could be something like "C:/folder/folder/websites/mywebsite.com/images/"
It is a Unix server. The directory looks like this, when I get to it through FileZilla, all my html files are under a folder called htdocs.
When i click the htdocs, all my files that I made are in there. Then, inside that htdocs, I have a folder called images. But, inside htdocs, but not images, there is phpMyAdmin.
Looks good. But I just put that PHP code in the config file so that would be the directory file, AND the upload file. But still doesn't work. Could this be something regarding permissions?
Yes your images directory needs to have write permissions. Also (for security) you will need to add code to chmod the upload file to read only and ensure that it actually is an image.