Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


file uploading with move_uploaded_file()

Posted on 2004-03-24
Medium Priority
Last Modified: 2009-07-29

I just recently moved my web site to a new server. The new server does not support passing variables from page to page automatically. I now have to modify my scripts to pull in the variables using $_POST and  $_GET (something i've never had to do, what a pain in the @$$!!!)

Before, I was able to use:   copy("$pic", "/dir/tmp/blah/www/$pic_name");  (so easy!!)
But now I'm having a hell of a time trying to get it to work with $_FILES.

I've been told that I can't get the "full path" of the file on the user's computer with $_FILES, IE: "c:/blah/blah/blah/filename.gif" .. because it makes a security hole? Seems like if I could get the full path, like i used to, I could just use copy() again and everything would work fine, but no!! hehe.

So.... I've read the manual at php for "handling file uploads" ..... From what I've read, instead of using copy(), I now have to use move_uploaded_file()... something like this:

$uploaddir = '/my/unix/server/address/www/';
$uploadfile = $uploaddir . $_FILES['pic']['name'];
move_uploaded_file($_FILES['pic']['tmp_name'], $uploadfile);

But that doesn't seem to work. What am I missing? Thanks for any help in advance.

Question by:thaistixxx
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Accepted Solution

Andy earned 300 total points
ID: 10673266
You dont need to use your full root path just the path relative to the page that's running this code for example...

$uploaddir = 'files/uploads/';
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name']);

This works fine for me but I also have the following code to display the appropriate error message which may help you id the problem. With regard to error 2, you should include a hidden field in the form called MAX_FILE_SIZE and set the value to the max size in bytes you will allow.

if($_FILES['userfile']['error'] == "0"){
The image has been uploaded successfully!
else if($_FILES['userfile']['error'] == "1"){
Filesize exceeds the maxmium allowed by the server!<br>
You can contact your server admin and ask to have the 'upload_max_filesize' directive
in the 'php.ini' file increased.
else if($_FILES['userfile']['error'] == "2"){
Filesize exceeds the maxmium allowed by the webmaster!<br>
The current maximum is 100000 bytes. You can contact the webmaster and ask
to have this value increased.
else if($_FILES['userfile']['error'] == "3"){
Due to an unknown error the file was only partially uploaded!<br>
Please try again.
else if($_FILES['userfile']['error'] == "4"){
Due to an unknown error the file has not been uploaded!<br>
Please try again.

Assisted Solution

winglis4 earned 300 total points
ID: 10673302
Try changing this line:

$uploadfile = $uploaddir . $_FILES['pic']['name'];

to this

$uploadfile = $uploaddir .'/'. $_FILES['pic']['name'];

Hope this fixes it for ya!

Assisted Solution

robinet02 earned 300 total points
ID: 10675180
Maybe use this :

$uploaddir = '/my/unix/server/address/www/';
$uploadfile = $uploaddir . $_FILES['pic']['name'];

$fp = fopen($uploadfile, "wb");
if ($fp) {
     $content = file_get_contents($_FILES['pic']['tmp_name']);
     $bytes_written = fwrite($fp, $content);
} else {
     print ("open destination failed");
if ($bytes_written != strlen($content)) {
     print ("bytes written error");


Author Comment

ID: 10771146
I think there was just a missing variable in my script somewhere that was keeping it from working. It was one of those things that you give up on, come back later and fix it in 2 seconds.

Even though none of the answers here really fixed my problem (I fixed it on my own somehow) I still want to split the points up because I really appreciate the time you guys spend on answering questions here and I know sometimes it ends up being a waste to you. Anyway, Thanks!

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question