Upload help

[newbtophp]

How to upload and then file_get_contents?

 

Im currently, uploading to an external site. Im unsure on how to modify the code, so I can upload to the external site without storing the files to my directory (this can be a security risk).

 

 

I know where the external site writes the submitted data, to a txt located at http://site.com/web/temp_file.txt

 

if I do:

 

<?php

$file = file_get_contents('http://site.com/web/temp_file.txt');

 

echo($file);

?>

 

I can retrieve the submitted $_POST because the $_POST is written to the txt above.

 

 

So upon upload it uses curl to post to the external site using the perimeters attached, and then instead of explode() it does a file_get_contents() (like above). This way i dont think i'd need to store the files. But the trouble is, im unsure on how to do so  :-\

 

My current code:

<form enctype="multipart/form-data" action="index.php" method="POST">
<input name="file" type="file" />
<input type="submit" value="Submit" />
</form>
<?php
if (isset($_FILES['file'])) {
    $fileName = $_FILES['file']['name'];

// I dont want to store the files? 
    $directoryStore = '/home/path/public_html/'.$fileName;

    // extension
    $arrayAllowed = array('php','html');
    $extension = strtolower(end(explode('.',$fileName)));
    if(in_array($extension,$arrayAllowed))
    {    
// I dont want to store the files? 
        move_uploaded_file($_FILES['file']['tmp_name'],$directoryStore);
    
        /* Post Data */
        $postData['userfile'] = '@'.$directoryStore;

//URL
$url = 'http://site.com/page.php'; 


/* Post Data */
$postData['MAX_FILE_SIZE'] = '1000000';
$postData['submit'] = 'Send'; 
        
        $ch = curl_init(); // initialize curl handle
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_VERBOSE, 0);
        curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible;)");
        curl_setopt($ch, CURLOPT_AUTOREFERER, false);
        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT,7);
        curl_setopt($ch, CURLOPT_REFERER, 'http://site.com/page.php');
        curl_setopt($ch, CURLOPT_URL,$url); // set url to post to
        curl_setopt($ch, CURLOPT_FAILONERROR, 1);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);// allow redirects
        curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // return into a variable
        curl_setopt($ch, CURLOPT_TIMEOUT, 50); // times out after 50s
        curl_setopt($ch, CURLOPT_POST, 1); // set POST method
        curl_setopt($ch, CURLOPT_POSTFIELDS, $postData); // add POST fields
        $buffer = curl_exec($ch); // run the whole process
        curl_close($ch);
        
//Instead of this i can do file_get_contents (using the snippet i posted?)
        $temp = explode("<textarea cols='150' rows='30'>",$buffer);
        $temp2 = explode('</textarea>',$temp[1]);
        $code = $temp2[0];
        unset($buffer,$temp,$temp2);


        
echo($code);

        // Delete file
        unlink($directoryStore);
    } else {
       echo 'Invalid extension.';
    }
}
?>