galneweinhaw
asked on
password protect a file upload via form
I would like to have the user provide a password to upload files to a the specific directory using the following code:
***** THis is the form so far****
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-da
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
****Here is my successorfail.php code:******
<html>
<head>
<title>New Page 2</title>
</head>
<body>
<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.
$uploaddir = '/home/happyhik/html_publi
$uploadfile = $uploaddir . basename($_FILES['userfile
echo '<pre>';
if (move_uploaded_file($_FILE
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
?>
</body>
</html>
***** THis is the form so far****
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-da
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
****Here is my successorfail.php code:******
<html>
<head>
<title>New Page 2</title>
</head>
<body>
<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.
$uploaddir = '/home/happyhik/html_publi
$uploadfile = $uploaddir . basename($_FILES['userfile
echo '<pre>';
if (move_uploaded_file($_FILE
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
?>
</body>
</html>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you already have a user authentication in your system, you can use as doug said.
otherwise let the user enter specific code, upon matching the code you can allow the user to upload file.
This is my thought, i dont' now how is you designed your system.
bye.
otherwise let the user enter specific code, upon matching the code you can allow the user to upload file.
This is my thought, i dont' now how is you designed your system.
bye.
Also, if you don't have SSL on your server, you'll want to do the sha1 hash of the password in javascript, *before* they submit the form. That way their password isn't sent as clear text over the internet. If you're interested let me know.
-Doug
-Doug
ASKER