4. "Uploading Files using HTML Forms"
|
Uploading and receiving files from within PHP-script is non-trivial, so be
aware that you have to know what you are doing, otherwise consider to leave
it !!!
|
You need 2 parts for uploading files using a PHP script
1) The form
You need to create the HTML form that will contain the file upload element
correctly:
<p>
<FORM ENCTYPE="multipart/form-data" ACTION="form-upload.php" METHOD="POST">
Please select a file to upload: <br>
<INPUT TYPE="FILE" NAME="userfile">
<br>
<INPUT TYPE="submit">
</FORM>
</p>
|
Notice the form parameter ENCTYPE="multipart/form-data" which determines the
encoding that will be used to submit it.
2.) The PHP script to handle the form-upload
<?php
if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
copy($_FILES['userfile']['tmp_name'], "/place/to/put/uploaded/file");
} else {
echo "Possible file upload attack. Filename: " . $_FILES['userfile']['name'];
}
?>
|
NB:The account under which the webserver is running needs write access to this directory. At CERN the account for AFS webserver is within the AFS protection group webserver:afs. So the command
fs sa . webserver:afs write
has to be issued in teh upload directory !!!.
NB:The account under which the webserver is running needs write access to this directory. At CERN the
standart account for IIS webserver is cern\IUSR_WebServices and you need set
write rights for this account for the folder "/place/to/put/uploaded/file"
For more information on the PHP module see: http://www.php.net/manual/en/features.file-upload.php