File upload problem!

A

Anonymous

Guest
Hi
I am trying to upload a file from user to the webserver.
The form is updated but no file is uploaded.
I am using PHP 5 and apache 2
Code:
<HTML>
	<HEAD>
		<TITLE>Upload File</TITLE>
	</HEAD>
	<BODY>
		<?php
		$submit = $_POST[submit];
		
		if($submit)
		{
						
			$uploaddir = '/EclipseWorkspace/LPCL101/files/';
			$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
			
			echo '<pre>';
			if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) 
			{
			   echo "File is valid, and was successfully uploaded.\n";
			} else 
			{
			   echo "Possible file upload attack!\n";
			}
			
			echo 'Here is some more debugging info:';
			print_r($_FILES);
			
			print "</pre>";
		}
		else if(!$submit)
		{
			?>
			<h1>Upload File</h1>
			<form enctype="multipart/form-data" action="upload_file.php" method="POST">
	    		
	    		<input type="hidden" name="MAX_FILE_SIZE" value="30000" >
	    		
	    		Send this file: <input name="userfile" type="file" >
	    		<input type="Submit" name="submit" value="Send File" >
			</form>
			<?php
		}
		?>				
	</BODY>
</HTML>
 
I have tried to upload using Firefox and it gives me this reply
--------------
Possible file upload attack!
Here is some more debugging info:Array
(
[userfile] => Array
(
[name] => New Text Document.txt
[type] => text/plain
[tmp_name] => C:\WINDOWS\TEMP\php97.tmp
[error] => 0
[size] => 164
)

)
---------------
 
Do things this way:
Code:
<?php

if(isset($_POST['submit'])) {
     // Do something
}
else {
     // Do something
}

?>
Also change:
Code:
<?php

// This:
type="Submit"

// To this:
type="submit"

?>
Give a full path in your $uploaddir.
 
Seems like my upload path was not correct
Code:
$submit = $_POST['submit'];
		if(isset($_POST['submit']))
		{						
			$uploaddir = '../files/';
           $uploadfile = $uploaddir . basename($_FILES['userfile']['name']);


Thanx for the help.
 
Back
Top