Jump to content

Archived

This topic is now archived and is closed to further replies.

ttomnmo

File Uploads

Recommended Posts

I am very new to this whole deals and was hoping to get some help. I used a script that I found online to do a very simple upload page, but it only works for gif files.

<form name="form1" method="post" action="" enctype="multipart/form-data">
<input type="file" name="imagefile">
<br>
<input type="submit" name="Submit" value="Submit">
<form name="form1" method="post" action="" enctype="multipart/form-data">
<input type="file" name="imagefile">
<br>
<input type="submit" name="Submit" value="Submit">
<?
if(isset( $Submit ))
{
if ($_FILES['imagefile']['type'] == "image/gif"){
       

copy ($_FILES['imagefile']['tmp_name'], "files/".$_FILES['imagefile']['name']) 
    or die ("Could not copy");
echo ""; 
        echo "Name: ".$_FILES['imagefile']['name'].""; 
        echo "Size: ".$_FILES['imagefile']['size'].""; 
        echo "Type: ".$_FILES['imagefile']['type'].""; 
        echo "Copy Done...."; 
        }
else {
            echo "<br><br>";
            echo "Could Not Copy, Wrong Filetype (".$_FILES['imagefile']['name'].")<br>";
        }
}
?> </form>

I was hoping that I could change the 

if ($_FILES['imagefile']['type'] == "image/gif"){   

line to some how copy any type of file.

Is this possible? And if so, how?

Thanks much!

Share this post


Link to post
Share on other sites
This is a very old script or one that is poorly designed. you need to make some changes so you protect your server. granted you are only allowing gif files, but anyone can upload any file type to your server and just call it some_file.gif. It's bad idea to use code that you don't understand, because your taking a chance that the person who coded this knows what they are doing, which in this case is not the case. There better examples in the PHP manual comments, I say that because most bad examples posted there are removed rather quickly!

I'll write you example, just me minute or two!

me!

Share this post


Link to post
Share on other sites
This is just quick example (in and out), configure the stuff at the top..

I attached it!

I had a html error in the script, I used <td>, where it should have been <div>

I fixed it now

[attachment deleted by admin]

Share this post


Link to post
Share on other sites
I hope you check back to see, cause I do thank you. I am trying to read your code and see all that you did and why, and I understand some of it.

Thanks!

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.