For image upload we use FILE html controller.
How this html controller able to browse in the local system?
After selecting a file , it will be copied and moved to server location.
If the php is ale to copy the local file and move to server , will it be able to do any other manipulations of that file ? like delete!
What is happening actually on file upload?
The HTML control is provided by the browser. The browser is a local application and has access to the user's file system. The file's contents are sent to the receiving script by the browser using standard methods.
PHP has no access to the user's file system at any point, just the copy provided by the browser. Deleting or even reading files on the user's file system is not possible.
Actually php is not accessing local system. After you choose a file and click upload at upload form. The whole file(not location) is sent via POST request. And php just recieves that POST request with the whole file, and stores at server.
Related
Unable to correctly use php code to load a video mp4 file stored in home directory.
Hi, I am building a WP site that sells instruction video mp4 files. To protect the files I have placed them in a directory called videos which is in the home directory (outside of the public_html directory) to protect the files from being downloaded for free. I am trying to write php code for loading the video. However, I can't access the video in /home/username/videos.
My code:
add_action('template_redirect', 'video_redirect', 5);
function video_redirect(){
if (is_admin())
return;
if (!is_page(videoplayerpageonmysite))
return;
$filename="/home/username/videos/videofile.mp4";
echo " Your browser does not support the video tag.";
Each time I run the code I get a No video with supported format... error.
I'm only able to get it to load the video file when it is in the public_html folder (it works perfectly then), but not when it is located in /home/username/videos/
Please help!
You can't give the browser a file path on your server's hard disk and expect it to be able to load it. It will resolve it as a relative URL, ask the HTTP server for it, and then get a 404.
You need to give the browser a URL that actually loads the file.
If you want to limit who can access it (e.g. people who have paid), then you could write a PHP program that checks to see if the request is coming from someone who has paid (i.e. Authentication + Authorization), then reads the file and outputs it in the HTTP response.
You have to use a PHP script as the source URL in the video tag and specify some identifier for which video it should load e.g. src="loadvideo.php?id=1" or something. (This is because the source must be a valid URL which is actually accessible on the webserver - the browser, which don't forget runs on the user's machine not the server, cannot navigate to a path on disk. If it could, then moving your files outside the public_html folder would not provide any security!)
And then when the video tag is loaded into the page, it will make a request to that URL, which causes the PHP script to run. The script must associate the provided ID with the correct file on disk, fetch the contents of that file and echo them as the response, along with appropriate headers (e.g. mime type etc). You can probably find examples of this pattern online already.
Of course the PHP script will also need to authenticate the request to make sure the requestor is a signed-in, paid user, otherwise you still aren't protecting anything. Without this last step, anyone could just visit the PHP script's URL and provide an ID until they got a result, and download the videos just as if you'd put them in the public_html folder. As long as you implement security correctly though, only users who already paid for the videos would be able to download them.
Hi I am wondering if the input field with type "file" is automatically uploading files to the server when there is a file selected by the user.
The thing I want is that a user can select files to submit it and that a PHP FTP connection is established to upload the files.
I am not sure if the browser pre-uploads the files to a temp directory on the server or does it do that only when you hit the submit button?
Because if the file is already uploaded to the server it would be unnecessary to use FTP to upload the file again only to a different location on the server.
Basically what I want to accomplish is something similar to what we transfer does. I believe they are not uploading before the user hits the button.
Can anybody point me in the right direction and provide me with some extra info about this matter. Haven't found the desired information yet.
Thanks in advance.
The file is uploaded only once the form is submitted (in the same HTTP POST request as all other form fields). Why don't you try it, to see yourself?
And you cannot use PHP to upload a file via FTP from a client to a server. That's not possible. PHP runs on the server, it cannot access files on a client's machine. See also:
Upload a local file from application via web server with PHP code to FTP server
PHP uploading file from browser to FTP.
Is it possible to send file from a local URL?
I need to upload files in php from your local url, eg I open the web page with:
www ... upload.php?url=c://...file.jpg,
from the url GET,I would get the file on the pc and would upload, without using html or anything else that I have to choose, just with the file url.
Important, it can only be this way, it will not be possible to choose the file during the upload, it will only be a POST or GET with the local url.
I researched and found nothing related, if anyone can help
I think it is impossible for server to get a client file by using the file path.
But maybe you can use JS and FileSystemobject to prepare the file, make it to streaming and post to the server.
And you must know FSO need a high security permission and may be disabled on users' browser.
I am currently trying to retrieve a file from an FTP-Server in order to make it accessible for the user to download. ftp_get() writes it to a path on the local machine, yes, but what I want is that it also shows up in the download history and counts as "normal" download from the internet but I didn't figure out how to do this yet. I also tried to link directly to the file in PHP with header("Location: ftp://username:password#ftp.server.com/myfile.file") but this was resulting in the browser showing the files contents (which I didn't want). Did I miss any header-Parameters ? Or is there a completely different way to do this ?
You won't be able to "redirect" a user to a file so he can download it using FTP. This is a HTTP-thing. Browsers provides FTP features and make it look like HTTP but, in fact, those are different stuff.
If this file is only accessible through FTP and it is on a remote server, the only way I can imagine so you cand 'redirect' this download to the user is:
Download the file from the FTP to your application server through FTP in PHP;
Send it to the user using PHP and appropriate file headers, something like this: https://stackoverflow.com/a/7263943/2802720
Hope it helps.
I am trying to read and write a remote a file to the user's browser through CodeIgniter(FTP Class). That is, I want user to read the file edit the content and save it back.
One way will be
- download the file to my server
- read the file and echo to the user(Browser)
- Save the content of the file to local copy(My server)
- upload the file back to the server
But I don't want to download the file to my server I just want to read and write to remote file
You can write it to the temporary file and after displaying just delete it using unlink() function in the same script. Just call it straight after echoing the content. The file will be present on your server for a really short period of time. FTP is used to upload files, but not for editing them remotely. Any FTP client supporting file edit is actually saving it to the temp folder on your computer and after the edit uploads it back to the server.