<?php

    # You'll notice a few differences between this form and HTML forms which do not submit data
    # The first being the inclusion of the 'enctype' attribute, which will tell 
    # the browser that it is posting both normal form data and mixed data
    # Another difference will be the inclusion of the MAX_FILE_SIZE hidden field which tells 
    # the browser how large the file may be.  This attribute can be easily side-stepped, 
    # so it should be used in conjunction with server-side file size validation.

    # In PHP once a file is posted it's attributes becomes available in the $_FILES
    # superglobal within a multi-dimensional array which contains five sub indices
    #       
    # $_FILES["fieldname"]["name"] - name of the file on the user's machine
    # $_FILES["fieldname"]["type"] - the type of file, i.e. image/jpeg, image/pjpeg
    # $_FILES["fieldname"]["size"] - the size of the file in bytes
    # $_FILES["fieldname"]["tmp_name"] - the temporary name assigned to the file by PHP
    # $_FILES["fieldname"]["error"] - the error code associated with the upload, if any
    #
    #
    # http://us4.php.net/manual/en/feature...ad.post-method

if (!isset($_FILES["userfile"]["tmp_name"])) 
{

    echo "<form method='post' enctype='multipart/form-data' action='{$_SERVER["PHP_SELF"]}'>
        <input type='file' name='userfile' size='20' />
        <input type='hidden' name='MAX_FILE_SIZE' value='1000000' />
        <input type='submit' name='do_action' value='Post Image' />
        </form>";

}

else if ($_POST["do_action"] == "Post Image")
{

    # If you'd like to validate the information, do so here...
    # You are strongly encouraged to implement some sort of validation scheme
    # Test the size, check file type, etc.
    # For the sake of this demonstration, I'm going to skip that part
    #
    # The copy function will move the file, it expects two arguments
    # boolean copy(string source, string destination) 
    # For this demonstration the source argument will be the temporary name assigned to the file    
    #
    # The destination expects an absolute path which is why I have used $_SERVER["DOCUMENT_ROOT"]
    # beyond that include the remaining path to the image and assign a new file name, or to keep 
    # the same file name append $_FILES["userfile"]["name"] where newfilename.jpg 
    # appears
    #
    # http://www.php.net/copy

    # If the copy function fails you want to ensure that you have set the proper write permissions 
    # on the destination directory.  
    # This can be done in unix with the chmod command, which likely will have to be done 
    # from the telnet command prompt.  Many ISPs block the PHP function chmod()
    # You can attempt it though.
    #
    # A chmod setting of 664 would likely get your PHP script going.
    #
    # boolean chmod(string file path, integer mode)
    #
    # At the command prompt you can get more information about how chmod works by typing in 
    # man 1 chmod
    # man 2 chmod
    # And there is a little more about it in the PHP manual
    # http://www.php.net/chmod
    #
    # In windows all you need to do is go to the folder in question and set read/write attributes 
    # via the properties option from the right click menu.

    if (!copy($_FILES["userfile"]["tmp_name"], $_SERVER["DOCUMENT_ROOT"]."path/to/image/newfilename.jpg"))
    {

        echo "Error: File copy failed.";

    } else {

        echo "Success! File copied!";

    }

}
?>

# assign type to a smaller variable!
$type = $_FILES["userfile"]["type"];

if ($type != "image/jpg" && $type != "image/pjpeg" && $type != "image/jpeg")
{

    echo "Error: not a valid JPEG image!";

}
?>