File Uploads

SP8600

Can some one please show me a basic script in that handles file uploads becuase i just cant get the hang of them.

Thanks,
Darren

dalecosp

upload.html:

<html><head>
<title>Uploads</title>
</head>
<body>
<b>Upload a file:</b><br><br>
<form enctype="multipart/form-data" action="upload.php" method=POST>
<input type="hidden" name="MAX_FILE_SIZE" value=1000>
Upload this file: <input name="userfile" type="file">
<input type="submit" value="Upload!"></form>
</body></html>

You must set a MAX_FILE_SIZE. This figure is in bytes.
The enctype must be set as shown to let the server know what's up. Input must be of type "file".

upload.php:

<head><title>Uploading...</title></head>
<body><b>Uploading now...</b><br>
<? if ($userfile=="none") {echo "No File!";
exit; }
if ($userfile_size==0) {echo "File is empty!"; 
exit; }
if (!is_uploaded_file($userfile)) {echo "Possible upload MIM attack!";
exit; }
$mvfile="/path/to/storage".$userfile_name;
if (!copy($userfile, $upfile)) { echo "Couldn't move file to location.";
exit; }

echo "<br><b>File Upload Successful!</b><br><br>";
?>

There's much error checking to do, so people aren't uploading junk or scripts, etc., to your server.
G'luck,