Possible file upload attack

schmoe

I'm not able to upload any files to server using this code:

<html>
<head>
<title>UPLOAD</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body>
<?
if(isset($_GET['Action']))
{
$uploaddir = '/web/uploads/bayview/';

print "<pre>";
if (move_uploaded_file($FILES['userfile']['tmp_name'
], $uploaddir . $FILES['userfile']['name']))

{
print "File is valid, and was successfully uploaded. Here's some more debugging info:\n";
print_r($FILES);
echo "<a href=index.php>View the Live Page!</a>";
} else {
print "Possible file upload attack! Here's some debugging info:\n";
print_r($FILES);
}
echo "<hr>";
?>
<?
echo "<hr>";
}
else
{
?>
<form enctype="multipart/form-data" action="?Action=Upload" method="post" >
<input type="hidden" name="MAX_FILE_SIZE" value="100000000000">
Upload a file: <input type="file" name="userfile" class="ViewForm">
<input type="submit" value="Upload" class="AdminOptions">
</form>
<?
}
?>
</body>
</html>

The error I get is:

Possible file upload attack! Here's some debugging info:
Array
(
[userfile] => Array
(
[name] => 10-0060.jpg
[type] => image/pjpeg
[tmp_name] => /tmp/php2aWFej
[error] => 0
[size] => 14233
)

)

PLEASE HELP ME

schmoe

I think I am actually having a problem with uploading the file.
I get an error when trying to validate the file too.

if (is_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name']))

this line of code fails.

I am not sure why 'is_uploaded_file' produces a false results but it does.
I have the right permissions set on the server 755 and I have the directory setup right. I have tried a few different files too and they all give me this error.

Thanks for any help