[Gllug] PHP Again
Jackson, Harry
HJackson at colt-telecom.com
Tue Jul 24 15:54:24 UTC 2001
Hi
These are the two scripts I am now using. I am pretty sure the first on eis
OK.
Upload.html
<html>
<body>
<h1>Upload new File</h1>
<FORM ENCTYPE="multipart/form-data" ACTION="upload.php" METHOD=POST>
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000">
Send this file: <INPUT NAME="userfile" TYPE="file">
<INPUT TYPE="submit" VALUE="Send File">
</FORM>
</body>
</html>
This is the second script where I think the problem is. I am pretty sure it
has something to do with the first if statement. I think the "tmp_name"
should be something else but I know not what.
<h1>Uploading File</h1>
<?
if ($HTTP_POST_FILES['userfile']['tmp_name']=="none"){
echo "Problem: no file to upload";
}
if ($HTTP_POST_FILES['userfile']['size']==0){
echo "Problem: no file of 0 length";
}
if ($HTTP_POST_FILES['userfile']['type']=="text/plain"){
echo "Problem: file is not plain text";
}
if (is_uploaded_file($userfile)){
echo "Problem: Possible file upload attack";
}
$upfile = "includes/".$HTTP_POST_FILES['userfile']['name'];
if ( !copy($userfile, $upfile)){
echo "Problem: Could not move file to specified directory";
exit;
}
echo "File upload successful";
$fp = fopen($upfile, "r");
$contents = fread ($fp, filesize ($upfile));
fclose ($fp);
$contents = strip_tags($contents);
$fp = fopen($upfile, "w");
fwrite($fp, $contents);
fclose ($fp);
echo "Preview of file contents:<br><br>";
echo "$contents";
echo "<br><br>";
?>
</body>
</html>
> -----Original Message-----
> From: Tom Gilbert [mailto:tom at linuxbrit.co.uk]
> Sent: 24 July 2001 15:40
> To: 'gllug at linux.co.uk'
> Subject: Re: [Gllug] PHP Again
>
>
> * Jackson, Harry (HJackson at colt-telecom.com) wrote:
> > Hi all
> > I am, again, struggling with php. I am trying to
> provide a facility
> > where people can upload files onto my machine from a
> browser but I am unable
> > to get it to work. I have had a look through the manual and
> so far have had
> > little joy.
> >
> > track_vars is on
> > my tmp download directory is set up.
> > In the book it says that I can use $userfile in my code and
> this will be OK
> > but in the manual it says I should use
> $HTTP_POST_FILES['userfile']['name']
> > for versions after 3.x. I am unable to get it to work using either.
> > I am getting the following error.
> >
> > Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or
> > `T_NUM_STRING' in c:\program files\apache
> group\apache\htdocs\upload.php on
> > line 10
>
> That's just a syntax error. Probably related to quoting or something,
> but we'd need to actually see the source (especially line 10) to tell.
>
> Tom.
> --
> .^. .-------------------------------------------------------.
> /V\ | Tom Gilbert, London, England | http://linuxbrit.co.uk |
> /( )\ | Open Source/UNIX consultant | tom at linuxbrit.co.uk |
> ^^-^^ `-------------------------------------------------------'
>
> --
> Gllug mailing list - Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug
>
**********************************************************************
COLT Telecommunications
Registered in England No. 2452736
Registered Office: Bishopsgate Court, 4 Norton Folgate, London E1 6DQ
Tel. 020 7390 3900
This message is subject to and does not create or vary any contractual
relationship between COLT Telecommunications, its subsidiaries or
affiliates ("COLT") and you. Internet communications are not secure
and therefore COLT does not accept legal responsibility for the
contents of this message. Any view or opinions expressed are those of
the author. The message is intended for the addressee only and its
contents and any attached files are strictly confidential. If you have
received it in error, please telephone the number above. Thank you.
**********************************************************************
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list