Re[2]: [PHP] where is my uploaded file ?

Tue, 24 Feb 2004 15:27:16 -0800 

Hello Mike,

Tuesday, February 24, 2004, 11:05:17 PM, you wrote:

FML> On 24 February 2004 06:58, adwinwijaya wrote:

>>         <input name="image" type="file">

>>         $uploadfile = $uploaddir . $_FILES['userfile']['name'];

>> Array
>> (
>>     [image] => Array

FML> Hint: "image"!="userfile"

FML> Cheers!


Ok, I have change 'userfile' to 'image' and now it show the warning
like this:
Warning:  move_uploaded_file(C:\Program Files\Apache Group\Apache2\htdocs\test\): 
failed to open stream: Permission denied in C:\Program Files\Apache 
Group\Apache2\htdocs\Services\List_Notices\Death_and_Funeral\death_notice_process.php 
on line 15



Warning:  move_uploaded_file(): Unable to move
'C:\WINDOWS\Temp\php251.tmp' to 'C:\Program Files\Apache
Group\Apache2\htdocs\test\' in C:\Program Files\Apache
Group\Apache2\htdocs\Services\upload_process.php on line 15

Possible file upload attack!  Here's some debugging info:
Array
(
    [image] => Array
        (
            [name] => hpfr3320.log
            [type] => text/plain
            [tmp_name] => C:\WINDOWS\Temp\php251.tmp
            [error] => 0
            [size] => 748
        )

)


I also change the upload path in php.ini to C:\WINDOWS\Temp\

var_dump($_FILES) produce:
array(1) {
  ["image"]=>
  array(5) {
    ["name"]=>
    string(12) "hpfr3320.log"
    ["type"]=>
    string(10) "text/plain"
    ["tmp_name"]=>
    string(26) "C:\WINDOWS\Temp\php251.tmp"
    ["error"]=>
    int(0)
    ["size"]=>
    int(748)
  }
}


can someone tell me what the happen ?

here I attach the complete code :
<?php

        $uploaddir = 'C:\\Program Files\\Apache Group\\Apache2\\htdocs\\test\\' ;
        // $uploaddir = 'C:/Program Files/Apache
        //Group/Apache2/htdocs/test/' ; --> this doesnt work as well

        $uploadfile = $uploaddir . $_FILES['userfile']['name'];
        
        print "<pre>" ; 
        var_dump($_FILES) ; 
        print "<pre>" ; 
        
        
        print "<pre>";
        if (move_uploaded_file($_FILES['image']['tmp_name'], $uploadfile)) {
                print "File is valid, and was successfully uploaded. ";
                print "Here's some more debugging info:\n";
                print_r($_FILES);
        } else {
                print "Possible file upload attack!  Here's some debugging info:\n";
                print_r($_FILES);
        }
        print "</pre>" ;
          
?>

-- 
Best regards,
 adwinwijaya

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to