Jump to content

Recommended Posts

Hello all,

I have a weird problem. I have the following code which processes the uploaded file into the relevant location.

 

<?php

$blacklist = array(".txt",".php", ".phtml");

foreach ($blacklist as $item) {
   if(preg_match("/$item\$/i", $_FILES['userfile']['name'])) {
       echo "We do not allow uploading PHP files\n";
       exit;
   }
}

$uploaddir = 'Images/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
    echo "File is valid, and was successfully uploaded.\n";
} else {
    echo "File uploading failed.\n";
}
?>

 

I know the script is far from secure, but Im working through an example which will eventually add hashing to filename and do a more thorough check on the filetypes allowed etc. My question is, this script at present obtains the file I have selected and places it in the images folder. However when I navigate to that folder and double click on the file I've uploaded, the dialog prompt opens up and says "program name" can't open this picture because you dont have permission to access the file location - or a pdf would say error opening document - Access denied.

 

When I manually copy a file or image to the same location using the Windows environment, it seems to work fine? Anyone shed some light on this please?

 

Thanks

 

Jalz

OK,

 

Just realised if I open my browser and point to the relevant location to the uploaded file, the image does display OK in the browser. If that is the case I think I may be worrying about something I dont need to worry about.

 

Ill see if the database can acces sthe files uploaded and if they can then I'm back in business.

 

Thanks

 

Jalz

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.