p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/index.php)
-   PHP How-To (http://p2p.wrox.com/forumdisplay.php?f=98)
-   -   mak upload file secure for public usage (http://p2p.wrox.com/showthread.php?t=63117)

crmpicco October 22nd, 2007 03:04 PM

mak upload file secure for public usage
 
Code:

/* UPLOADING FILE */
$target_path = "../images/gallery/";
$target_path = $target_path . basename( $_FILES['filename']['name']);

if(move_uploaded_file($_FILES['filename']['tmp_name'], $target_path)) {
      echo "The file ".  basename( $_FILES['filename']['name']).
        " has been uploaded";
} else {
      echo "There was an error uploading the file, please try again!";
}

$filename = basename( $_FILES['filename']['name']);

Form element:
Code:


<input type="file" name="filename" id="filename" class="textbox" size="40">

I am looking to make my code as secure as possible, it's basically taking a image from the form field and moving it to a directory on the server. I would also like to check what the file type is - as i'm only wanting to allow gif, png, jpg, bmp etc......

I know that the code isn't safe enough to put up live at the moment.......

Cheers,
Picco
[^]

www.crmpicco.co.uk
www.ie7.com


All times are GMT -4. The time now is 01:43 AM.

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.