PHP File upload help

[jcafaro10]

I'm new to php.  I'm trying to do some simple php file uploading but I'm unsure what to do for security.  I'd like to be able to upload a file to an http server from an iphone.

 

I have some sample code that I found from a tutorial:

$target_path = "uploads/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}

 

The problem is that there's no protection.  My thought was to have that php code check for a password that would be sent in the POST but a) I'm not sure exactly how to do that and b) if anyone read this php code they'd know what the password is.

 

My other thought was to check if an encrypted version of the password was correct since then someone would have to know what the original password is.  Would that be a better idea?