2

This is how I handle my form:

        # Create the message
        # ----------------------------------------------------------------
        $name = $_POST['name'];
        $email = $_POST['email'];
        $title = $_POST['title'];
        $course = $_POST['course'];
        $file = $_POST['file'];

        $message  = "Name: ".$name."\n";
        $message .= "Email: ".$email."\n\n";
        $message .= "Title of Article: ".$title."\n";
        $message .= "Program: ".$course."\n\n";
        $message .= "Additional Info: ".$info;

        # Upload temporary files
        # ----------------------------------------------------------------
        $uploaddir = '/home/public/uploads/';
        $uploadfile = $uploaddir . basename($_FILES['file']['name']);
        if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile) == false) {
            echo 'Could not move file';
            exit;
        }

        if ($_FILES['file']['type'] != "application/pdf") {
            echo 'Not a pdf file';
            unlink($uploadfile);
            exit;
        }

The end product is hopefully sending an email with the file as an attachment. Right now I'm failing and getting the "Could not move file" message I built in. Is there an obvious reason why? $file is what I get from a file dialog in HTML (input type="file")

Improve this question

2 Answers 2

Reset to default
4

Two things:
1. Is the form set to:

<form method="POST" enctype="multipart/form-data" action="INSERT ACTION">

2. Is the folder your posting the file to, is it set to 777?

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Yeah I chmoded that folder to 777, I added the enctype and I'm just working out a couple syntax errors. I think this might be the issue.
The second I added the enctype, it seems that nothing is getting stored in $_POST .... is this normal?
Yes actually. You need to use $_FILE[''];
@Jake He should still get the other form data in $_POST. Also, it's $_FILES (plural)
@Phil Hmm, actually now that I think about it, that is true. odd. And yes he is right, it's $_FILES Sorry for the mistake.
|
2

Your form needs to have the appropriate enctype attribute set, ie

<form enctype="multipart/form-data" method="post" action=... >

Update

A couple of suggestions...

  1. Check the file type and do any other general validation before you move the uploaded file. That should be your last step.
  2. Can't remember exactly right now but I don't think you'll get anything useful (or at all) in the $_POST['file'] value. Use the $_FILES array for all uploaded file data.
Improve this answer

3 Comments

Thanks for the info, I'll use regex to check the extension at least. Any ideas about the comment I posted below?
@Max You don't need to change your validation method, just move the "PDF check" block above the "move uploaded file" block
Yeah I just finished the code. It works flawlessly, thanks :) I'm performing all checks before I upload the file.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.