Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 311
  • Last Modified:

PHP File Upload to Current Folder

I'm trying to upload an image to a folder using php.

I've got a very simple form.

--
<form method="post" enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']?>">
   <input type="file" name="userfile"><br/>
   <input type="submit" value="Upload">
</form>
--

I just want to save the file that the user uploads, to a sub-folder under where this script is, called uploaded_images. I'd like to keep the filename the same as what the user enters. If the file already exists, then append a timestamp or something to the filename, or even a sessionid to keep it unique.

I'm running PHP5 on Apache2 on Windows XP.

This is only so that some of my friends can upload files to me from various locations where they have limited internet access. I'll worry about security and stuff later on.

Thanks if anyone can help. And if anyone gives complete code in one full page I'll double the points.
0
Narusegawa
Asked:
Narusegawa
1 Solution
 
gruntarCommented:
Here is a script for you to do the job

<?php

// change path to upload dir
$upload_dir = './';
$upload_file = $upload_dir . $_FILES['dat']['name'];



if(empty($_POST['add']))
{
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data">
  <table width="100%" border="0" cellspacing="5" cellpadding="0">

     <tr>
      <td width="28%" align="right">File:</td>
      <td width="72%">      <input type="file" name="dat">
      </td>
    </tr>
    <tr>
      <td width="28%">&nbsp;</td>
      <td width="72%">
     <input type="submit" name="add" value="Upload">
      </td>
    </tr>
  </table>
</form>

<?php
     
} else {
     

      if (move_uploaded_file($_FILES['dat']['tmp_name'], $upload_file))
      {
          echo 'File ' . $_FILES['dat']['name'] . ' uploaded!';  
      }
      else
      {
          echo "Error: Can't upload file " . $_FILES['dat']['name'];  
      }

}

?>

Cheers
0
 
NarusegawaAuthor Commented:
Excellent, works a treat. Thanks very much!
0
 
y2kwackoCommented:

----------------------------------------------------------------------------------------------------
<HTML>
<HEAD>
<TITLE></TITLE>
<META name="description" content="">
<META name="keywords" content="">
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#800080">
<?php

if (isset($action) && !empty($action))
{

$uploaddir = './';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

if (file_exists($uploadfile)) $uploadfile = $uploaddir . time() . "_" . basename($_FILES['userfile']['name']);


echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
   echo "File is valid, and was successfully uploaded.\n";
} else {
   echo "Possible file upload attack!\n";
}

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";

}

?>




<form method="post" enctype="multipart/form-data" action="<?php echo($_SERVER['PHP_SELF']); ?>">
   <input type="hidden" name="action" value="upload">
   <input type="file" name="userfile"><br/>
   <input type="submit" value="Upload">
</form>

</BODY>
</HTML>

----------------------------------------------------------------------------------------------------

If you want to make a file size limit that gets checked both by the browser and by php add the hidden form field <input type="hidden" name="MAX_FILE_SIZE" value="200000">.


Regards,
Kevin
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now