?
PHP FAQ
PHP Articles
PHP Help
Bulletin Board
PHP Manual (NEW!)
First Time PHP'ers
Help with programming
Sql assignment help
PHP Homework Help
?
?PHP Upload Script
Author :??(---.mia.bellsouth.net)
Date :???10-21-03 13:17
Hello,
I have an upload script on my site which I found on the internet a while back. I'd like to know how to alter it to fix some bugs.
It works with two files, an HTML file with a form, and a php file which the other file posts to. The PHP file is as follows:
pheterson.com - upload script
/*upload.php*/
if ($img1_name != "") {
@copy("$img1", "/home/pheterso/www/upload/$img1_name")
or die("No copy!");
} else {
die("No input file!");
}
?>
Your file has been uploaded successfully. Please wait to continue.
Or... If you're a lazy ass, click here .
The modifications I would like to make to this file are as follows:
1) Not allow index.html, index.htm, index.php to be uploaded.
2) Not allow overwriting of files.
Any help at all is appreciated.
Thanks,
Eric
?Re: PHP Upload Script
Author :??(---.ym.rnc.net.cable.rogers.com)
Date :???10-22-03 11:52
1. what does it matter, you assign a new name to them when they are copied from a temp upload folder to the path you want
2. if you are worried about your own files, then simply have a new directory with all the uploads stored in them and see point 1 about renaming
?Re: PHP Upload Script
Author :??(4.20.98.---)
Date :???10-22-03 13:31
Or better yet setup a extension checker and only allow certain extentions to be uploaded.. but ya having them uploaded to a unreadable tempdir is a good idea.
?Re: PHP Upload Script
Author :??(193.61.103.---)
Date :???12-17-03 01:12
IF ($img1_name = "index.htm"){
die("File not allowed")
} else {
@copy("$img1", "/home/pheterso/www/upload/$img1_name")
}
IF ($img1_name = "index.html"){
die("File not allowed")
} else {
@copy("$img1", "/home/pheterso/www/upload/$img1_name")
}
IF ($img1_name = "index.php"){
die("File not allowed")
} else {
@copy("$img1", "/home/pheterso/www/upload/$img1_name")
}
?>
- Not the best of code I know, but (if there are formatting errors - excuse me) give it a try, it may slow the page down a bit but should wrk :)
sorry I couldnt be of more help
Sam
(samothy.co.uk, samsbox.co.uk)