uploads(again!)

[molly2ka]

Hi,

I've read the manual on php but php just refuses to upload my files. I'm trying to upload fragments of audio say 450KB in size. register_globals is set to off and the upload_temp directory is blank(tried changing the php.ini file but doesn't take effect).I'm working on windows xp with apache&mysql.The html I use for the form:

<form enctype="multipart/form-data" action="work.php" method="post">

<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>

here's the php code I use:

$uploaddir = 'C:\TEMP';
$uploadfile = $uploaddir . $_FILES['userfile']['name'];

if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded. ";
echo "Here's some more debugging info:\n";
echo_r($_FILES);
} else {
echo "Possible file upload attack! Here's some debugging info:\n";
print_r($_FILES);
}

i've even tried just one line

echo "temp is".$_FILES['userfile']['tmp_name'];

and a temp name never comes up so i'm guessing it doesn't upload. In the top example it always says "possible file upload attack etc."

also how do i use is_uploaded_file() with the $_FILES. i've found an example where you can use it if globals are on :
is_uploaded_file($userfile)

but when i attempt it with the $_FILES he error says array to string conversion

manni

 

[bastienk]

Check the permissions on XP, the web user default needs to have permissions to write to the folder....its likely a permissions problem...

here is my similar code

function upload()
{
  // In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
  // of $_FILES.

  global $article, $FileFlag,$myfile;

  $uploaddir= '../bastien/uploads/';   //change to match your dir
  $uploadfile = $uploaddir . $_FILES['userfile']['name'];
  $myfile     = $_FILES['userfile']['name'];
  //echo "Filename is:".$myfile."<br>";

  print "<pre>";
  //check the file extension (only doc allowed) and check the mime type of the file
  
    echo "filetype=".strtolower(substr($_FILES['userfile']['name'],-3));
    
    if (strtolower(substr($_FILES['userfile']['name'],-3))=="doc"){
       
            //check the file size
            if ($_FILES['userfile']['size']<30000){
              if (copy($_FILES['userfile']['tmp_name'], $uploadfile)){                   //windows
              //if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {  //unix
                 $FileFlag = 1;
        
              } //end if copy file
        }//end if file size

  }else{
    show_form($article);
    die("File is of the wrong format and has been rejected. Please try again.");
  }
  print "</pre>";
}//end function

Bastien

Cat, the other other white meat

 

[KarveR]

register_globals is set to off and the upload_temp directory is blank(tried changing the php.ini file but doesn't take effect).

you need to restart apache for any changes made to take effect with regard to directories.

also check your php.ini for

;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;

; Whether to allow HTTP file uploads.
file_uploads = On

; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
;upload_tmp_dir =

; Maximum allowed size for uploaded files.
upload_max_filesize = 2M

as Bastien said, check the permissions on the document root folder.

______________________________________________________________________
There's no present like the time, they say. - Henry's Cat.