Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 691
  • Last Modified:

File Upload

Hi,
Simple question, I'm trying to do a file upload and I'm having problems

upload.html
.
.
<form action="upload.php" method="post" enctype="multipart/form-data">
      <p>Select File to upload:
      <input type="file" name="uploadfile" /></p>
      
      <p><input type="submit" name="Submit" value="Submit" /></p>
</form>
.
.

upload.php
<?
//file extension check
if (eregi('^image/p?jpeg(;.*)?$', $_FILES['uploadedfile']['type']))
      $extension = '.jpg';
else $extension = '.gif';      
echo $extension;

$filename = $_SERVER['DOCUMENT_ROOT'].'/temp00001'. $extension;

if (copy($_FILES['uploadedfile']['tmp_name'], $filename))
{
      echo "<p>file stored successfully as $filename</p>";
}
else
{
            echo "<p>Problem with file storage</p>";
}            
?>

It always reports the "Problem with file storage" also the gif is always returned from the extension check.

Any help appreciated
0
trican
Asked:
trican
1 Solution
 
pjdietzCommented:
A few thoughts,

First, make sure that the folder you are trying to copy the file into is write-enabled.

Second, I don't think you need to use the tmp_name. I think you can just use $_FILES['uploadedfile']['filename'].

As for the regular expression, if you are trying to search for literal paranthesis, I think you need to escape them (i.e., ...jpeg\(;.*\)?...), otherwise, you're using the syntax for a stored group. Since I don't see you back referencing anywhere, I'm assuming you want to actually find the characters ( and ).
0
 
tricanAuthor Commented:
that directory i'm trying to upload to is 755 and directory above that is 750 .. but i persume this is fine.

The first part is making sure the graphic file is what it claims it is by examining the $_FILES['uploadedfile']['type'].


I made the upload.php file really basic having just the following:

$filename = $_SERVER['DOCUMENT_ROOT'].'/pics/temp00001.jpg';
if (copy($_FILES['uploadedfile'], $filename))
{
      echo "<p>file stored successfully as $filename</p>";
}
else
{
            echo "<p>Problem with file storage</p>";
}


but the else condition always executes? :-(
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now