0

i have a form to upload a file, the code to check if it arrives is here: 

if (is_uploaded_file($_FILES['foto'] ['tmp_name'])){
   echo "file is valid and was uploaded";
   print_r($_FILES);
 }

and it says:

 file is valid and was uploadedArray ( [foto] => 
 Array ( [name] => Penguins.jpg     [type] => image/jpeg [tmp_name]   
 => /var/www/uploads/phpf8ECTX [error] => 0 [size] => 777835 ) ) 
 Array ( [foto] => Array ( [name] => Penguins.jpg [type] => image/jpeg [tmp_name] 
=> /var/www/uploads/phpf8ECTX [error] => 0 [size] => 777835 ) ) array(1) { 
["foto"]=> array(5) { ["name"]=> string(12) "Penguins.jpg" ["type"]=> string
(10) "image/jpeg" ["tmp_name"]=> string(26) "/var/www/uploads/phpf8ECTX" ["error"]
=> int(0) ["size"]=> int(777835) } }

but the file didnt arrive, the php.ini is configured correct and the /var/www/uploads directory have permissions to write for all users,i'm running apache2 in linux, any idea about what is wrong? thank you

Improve this question
0

2 Answers 2

Reset to default
3

You have to move_uploaded_file to the uploads directory once it is done. My understanding is that PHP will upload to a temporary folder and delete it afterwards, if you don't explicitly persist the file to a different folder.

if (is_uploaded_file($_FILES['foto'] ['tmp_name'])){
    if (file_exists("upload/" . $_FILES["foto"]["name"]))
    {
        //Maybe you want to issue an error message if the file already exists, like this.
        echo $_FILES["foto"]["name"] . " already exists. ";
    }
    else
    {
        move_uploaded_file($_FILES["foto"]["tmp_name"],
            "upload/" . $_FILES["foto"]["name"]);
    }
}

And remember to set up a different temporary directory for your uploads.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

The check for is_uploaded_file() is redundant - it's included in move_uploaded_file().
1

is_uploaded_file() only confirms if the file you are referencing is in fact an uploaded file versus a system file, like say /etc/passwd. You can read more about it here: http://php.net/manual/en/function.is-uploaded-file.php

Returns TRUE if the file named by filename was uploaded via HTTP POST. This is useful to help ensure that a malicious user hasn't tried to trick the script into working on files upon which it should not be working--for instance, /etc/passwd.

This sort of check is especially important if there is any chance that anything done with uploaded files could reveal their contents to the user, or even to other users on the same system.

After validating your file name and properties (based on your specific requirements), you must call move_uploaded_file() to move the file from it's temp location to it's permanent home.

http://www.php.net/manual/en/function.move-uploaded-file.php

A good example of the actual upload script from W3Schools:

<?php
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png"))
&& ($_FILES["file"]["size"] < 20000)
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";

    if (file_exists("upload/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "upload/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
      }
    }
  }
else
  {
  echo "Invalid file";
  }
?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.