form uploads -revisited

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mzfp2
Forum Contributor
Posts: 137
Joined: Mon Nov 11, 2002 9:44 am
Location: UK
Contact:

form uploads -revisited

Post by mzfp2 »

I have this code, copied from a book, but doesnt seem to work :(

<?
$type = $_FILES['file']['type'];

if ($type == 'image/pjpeg' || $type == 'image/jpeg')
if (is_uploaded_file($_FILES['file']['tmp_name']))
{
copy($_FILES['file']['tmp_name'], "/images/$username.jpg");
print $type;
}
else
{
echo "Possible file upload attack. Filename: " . $_FILES['userfile']['name'];
}

?>
pootergeist
Forum Contributor
Posts: 273
Joined: Thu Feb 27, 2003 7:22 am
Location: UK

Post by pootergeist »

looks like that should work... what parts do not work?

is the enctype set on your posting form?
is the file field named correctly?

not sure on the is_uploaded_file line as $_FILES is just for uploaded files and ['fieldname']['tmp_name'] would be "" or "none" if the file wasn't uploaded.

one more note:
if you are only dealing with images you might prefer to use getimagesize to type test

$type = @getimagesize($_FILES['fieldname']['tmp_name'];
if($type[2] == 2) /// it's a jpeg file

and.... use move_uploaded_file rather than copy (to assure removal of the tmp version of the file)
Post Reply