Page 1 of 1

file upload script

Posted: Tue May 27, 2008 7:47 am
by ilsiity
Hi I'm currently working on a file upload script but having quite a few problems .

This is code I'm using for it :

Code: Select all

$uploaddir = '/test/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
 
echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
    echo "File is valid, and was successfully uploaded.\n";
} else {
    echo "Possible file upload attack!\n";
}
 
echo 'Here is some more debugging info:';
print_r($_FILES);
 
print "</pre>";
 
and heres what happens when i try and upload something :

Possible file upload attack!
Here is some more debugging info:Array
(
[userfile] => Array
(
[name] => MI2_26.TXT
[type] => text/plain
[tmp_name] => /tmp/phpFcyTZY
[error] => 0
[size] => 1567
)

)

I think I've setup the folder permissions correctly , so i can't think why its not working ...

Re: file upload script

Posted: Tue May 27, 2008 9:16 am
by Eran
According to the file array, it was successfully uploaded to the temporary directory.
The script probably fails at moving it from to your desired upload directory, and most likely its because you aren't using an absolute path to it.
Trying checking if php sees your upload dir as an actual directory and change it until it works:

Code: Select all

 
var_dump(is_dir($uploaddir)); //Should be true when PHP can read it
 
You might want to add $_SERVER['DOCUMENT_ROOT'] in front of your upload dir name, it should help.

In addition, if you are working on a unix system, check the permissions of the dir (should be 0777).

Re: file upload script

Posted: Tue May 27, 2008 10:38 am
by ilsiity
$_SERVER['DOCUMENT_ROOT'] worked a treat , cheers pytrin