File upload

djme · #1 Jan 10th, 2006, 16:06

Hi, im trying to upload an image using php - ive looked at numerous tutorials and think i know how to do it except i think im missing something basic

to my understanding the following code should output the path that the user enters in the upload form

PHP: Select all


$image_file = $_FILES[’upload_file’]; //the name of the file from the form
echo "Image_file = $image_file";

however its just outputting Image_file =

the name of the upload field in the upload form is "upload_file" and im trying to do this to test why everytime i try to write code to upload the file, it fails. I've even tried to use scripts that are already done and have set the upload directory to 777, though I wasn't aware that this would be needed for the above code to do its job

djme · #2 Jan 10th, 2006, 17:40

I understand it now its
$image_file = $_FILES[upload_file][name]

djme · #3 Jan 10th, 2006, 19:20

could anyone tell me whats wrong with this - ive set Image folder to 777

PHP: Select all


<?php
$error_message = ""; //error upload message, set to zero
$Image_file = $_FILES[upload_file][name]; //the name of the image  $Image_size = $_FILES[upload_file][size]; //the size of the image
$Image_type = $_FILES[upload_file][type]; //the type of the image
$Temp_directory = $_FILES['upload_file']['tmp_name']; //the temp directory
$Target_directory = "www/Image/";
$Target_directory = $Target_directory . basename( $_FILES['upload_file']['name']); 

echo "The name of the file from the form is $Image_file <br>";
echo "The size of the image is $Image_size <br>";
echo "The type of file uploaded is $Image_type <br>";
echo "The temporary path is $Temp_directory <br>";
echo "The target path is $Target_directory <br>";

if ( !ereg( "gif|png|x-png|jpeg", $_FILES[upload_file][type]) ) {
   echo "This is not an image";
} 
  else if ( $_FILES[upload_file][size] > 110000 ) {
   echo "This file is too large";
} 

copy ($_FILES['upload_file']['tmp_name'], "$Target_directory") 
    or die ("Could not copy"); 

?>

it gives the following output when i try to load a small image

The name of the file from the form is bnr.png
The size of the image is
The type of file uploaded is image/x-png
The temporary path is /tmp/phpMBYQBS
The target path is www/Image/bnr.png
Could not copy

grahame · #4 Jan 11th, 2006, 17:48

Is the target path really relative to your current directory, or should you have a ../ or something in front of it?

djme · #5 Jan 11th, 2006, 18:25

I didnt think of that, i bet I should have ../ at the front. I sorted it now anyway (by putting the script into the folder I want to upload images to and just using the file name as the second parameter)

Would you know of an alternative to setting the directory to 777, im bit worried that this is unsafe, im only using the upload for me at the minute (not public) but if I want to allow this facility on the actual site then this from what ive read would be unsafe.

Also I read somewhere about using explode() to make sure that the file being uploaded is an image and not a malicious file with an image extension - would you recommend I use this?

thanks,

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
PHP+SQL+File Upload	joshlindem	PHP Forum	5	May 10th, 2008 16:48
file upload	berry05	Job Opportunities	0	Mar 19th, 2008 19:09
renama file name before upload	mcnika	PHP Forum	1	Mar 17th, 2008 12:13
File Upload	magiccupcake	PHP Forum	1	Jan 22nd, 2007 05:10
simple file upload?	jimmy_d	PHP Forum	3	May 19th, 2006 18:27

		Webforumz.com > Main Forums > Program Your Website > PHP Forum
File upload