I know this is an old question and I have found lots of tutorial on SO however, they cannot solve my problem.
I use my mac to set up a localhost for web programming and I try to upload a jpg file to my localhost directory "/Library/WebServer/Documents". But it gives hint unable to move.
my front end code is:
<form action="upload_file.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file"><br>
<input type="submit" name="submit" value="Submit">
</form>
The php(upload_file.php) code is(there is some other checking codes for php file, copied from w3school):
move_uploaded_file($_FILES["file"]["tmp_name"] , "/Library/WebServer/Documents" . $_FILES["file"]["name"]);
And after I click the submit button, there is sth wrong printed on the screen.
Moreover, I did not find any tmp file in the file "/private/var/tmp", in which should be a tmp file...
make sure your php file has enough rights to write into the directory.
check if print_r($_FILES); lists anything, especially the size is important.
Related
I have a file upload form on which I also want to use the Google reCAPTCHA.
If I have the following
<form method="post">
<input type="file" name="filename">
<div class="g-recaptcha" data-sitekey="***"></div>
<input id="submit" name="submit" type="submit" value="Submit">
</form>
the I can use the reCAPTCHA, but cannot upload the file.
However, if I use:
<form method="post" enctype="multipart/form-data">
<input type="file" name="filename">
<div class="g-recaptcha" data-sitekey="***"></div>
<input id="submit" name="submit" type="submit" value="Submit">
</form>
I can upload the file successfully, and use the reCAPTCHA provided that the file is a text file. I cannot get it to work if I try to upload a pdf file.
When uploading a text file, the $_POST contains the 'g-recaptcha-response', but when uploading a pdf, the $_POST does not contain the 'g-recaptcha-response'.
Can someone explain what is going wrong here?
EDIT
It seems like it's actually a filesize problem.
Files larger than ~200kb cannot be sent whatever their format.
I have upload_max_filesize = 2M in my php.ini file, so I'm not sure why 200kb is too large...
Any thoughts?
EDIT 2: More information
It looks like the $_FILE contains the error code 3: UPLOAD_ERR_PARTIAL.
I don't see why the file cannot be uploaded completely.
EDIT 3: Getting somewhere
I can now upload files. It seems like I need to put the reCAPTCHA before the file input.
<form method="post" enctype="multipart/form-data">
<div class="g-recaptcha" data-sitekey="***"></div>
<input type="file" name="filename">
<input id="submit" name="submit" type="submit" value="Submit">
</form>
Can anyone elaborate on why this might be the case?
Edit 4: Spoke too soon
Switching the order makes the g-recaptcha-response' appear in $_POST, but I am still getting the error code 3: UPLOAD_ERR_PARTIAL.
Edit 5
It looks like the file is being uploaded correctly, since I can see it in the header parameters (firefox debugger). It seems like php is just not filling in the $_FILE array properly...
I tried the same code on a different server and it worked fine.
Looks like the problem was that the server I set up has some sort of configuration issue. It actually has nothing to do with the interaction of reCAPTCHA and the file input + enctype.
I will update if I figure out what the configuration problem is.
I'm using wampserver on my computer and wrote a simple html-form:
<form name="test" action="upload_file.php" method="post">
<label for="file">Filename:</label>
<input type="file" name="picurl" id="file" ><br>
<input type="submit" name="submit" value="Submit" >
</form>
When I click on "browse" and open a file ,for example pil.png it shows in the input textarea the full path(C:\Users\hope\Desktop\images\pil.png)
I want this exact link saved but when I try to catch it $name = $_POST["name"];it only displays this- "pil.png" not the full path. why?
You cannot get the complete local file path. Only the file data itself and its name is submitted to the server. The file path being displayed in the input element is only visual styling, it has no functionality.
File elements are very limited for security reasons, and that's a good thing.
The browser doesn't submit the full path because it would be a privacy problem, you would be exposing your file system structure to the server. It's not relevant to the server and the server doesn't need to know where the file was located on the client's filesystem.
You are getting only file_name because you are not asking for path.
to get full path you have to use
public string SplFileInfo::getRealPath ( void )
try
var_dump($_FILES['picurl']);
I've made a basic looking PHP file load system, so far I can upload any file type, I haven't add any parameters just yet.
But what I want to know is with the method I'm using, what steps should I take to make the system secure? Is there another, more secure way of doing things, and any guides, tips or suggestions that may help with this system?
This is my code so far:
$upload_to = "img/company_logos/";
if($_POST)
{
if(!empty($_POST['upload']))
{
$upload_to = $upload_to . $_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], $upload_to);
echo "Uploaded!";
}
}
?>
<html>
<body>
<form method="post" enctype="multipart/form-data">
<input type="hidden" id="upload" name="upload" value="1" />
<input type="file" id="file" name="file" />
<input type="submit" value="Submit" />
</form>
</body>
</html>
One of the major things I've seen is the upload directory permissions are set to 777 this means anyone can read/write/execute this dir.
Thanks for the help.
Check the referrer
Restrict file types
Rename files
Change permissions
Login and Moderate
http://php.about.com/od/advancedphp/qt/upload_security.htm
And see this one
PHP Upload file enhance security
I want to upload the files to this address: http://chusmix.com/Imagenes/grupos and I'm trying with this simple this code but it doesn't work:
<form enctype="multipart/form-data" method="post" action="http://chusmix.com/Imagenes/grupos">
Please specify a file:<br>
<input type="file" name="datafile" size="40">
</p>
<div>
<input type="submit" value="Send">
</div>
</form>
Oddly enough, the first result of a Google search yielded this rather helpful tutorial. Why not read it?
Read the PHP manual chapter "Handling file uploads":
http://php.net/manual/en/features.file-upload.php
The way you think uploads work is not the way they work. The form posts to the script you want to handle the request, not the location you want the uploads to be. When you upload a file to Apache, it places that file in the temporary directory of the computer (in Linux, that's /tmp by default).
Your script has to move the file from the temp directory to wherever you want it to be. The manual has plenty of code showing you how.
Make sure the form is loaded via
http://chusmix.com/Imagenes
The browsers wont you allow to upload to a unkown website (Same origin policy).
Edit your form
<form enctype="multipart/form-data" method="post" action="/grupos">
I am working with PHP and would like to get a remote file path location so that I can read file contents.
I would like the user to direct to a particular file, which can be located anywhere in the computer, so that it can be processed by the script.
Thanks
You can offer a user the ability to locate a file on their local computer and submit it to you via a web form, like..
<form id="myForm" enctype="multipart/form-data" action="/formHandler.php" method="post" >
<label for="fileUpload">File to Upload:</label>
<input name="fileUpload" id="fileUpload" type="file" /><br />
<input name="submit" id="submit" type="submit" value="Upload Now"></form>
Then you can process it on your side with PHP, or whatever you have on the server end. Since PHP is one of your tags, you can learn more on how to access, and work with, on the server end from the PHP reference site:
http://www.php.net/manual/en/features.file-upload.post-method.php
I hope I understood your question correctly..