Upload file, need help.

vigour

I need help with this code. I'm trying to upload a file but I always get the error message: Possible file upload attack!

I don't understand why.

Can someone please help me?

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Untitled Document</title>
</head>
<body>

<form action="test_upload.php" method="post" enctype="multipart/form-data"> 
<p>Pictures: 
<input type="file" name="pictures" /> 
<input type="submit" value="Send" /> 
</p> 
</form>  

</body>
</html>

<?
$uploaddir = '/pictures/upload/'; 
$uploadfile = $uploaddir . basename($_FILES['pictures']['name']); 
if (move_uploaded_file($_FILES['pictures']['tmp_name'], $uploadfile))
	{ 
   	echo "File is valid, and was successfully uploaded.\n"; 
	} 
else
	{ 
   	echo "Possible file upload attack!\n"; 
	} 
//echo basename($_FILES['pictures']['name']);
echo '<br>';
echo $uploadfile;
?>

navdmk

try this in ur <input type="hidden" name="pictures" value="1024000"> in ur but before the <inpt type="file">in ur form page. According to the manual the move_uploaded_file will return False if the file is not valid upload file (meaning that it was uploaded via PHP's HTTP POST upload mechanism). So check that. I am a begineer but I did not face any problems with upload file. But hope to help.