Search Help Board

PHP Articles
PHP Help
Bulletin Board

PHP Manual (NEW!)
First Time PHP'ers
Help with programming
Sql assignment help
PHP Homework Help

?PHP Upload Script
Date:???10-21-03 13:17


I have an upload script on my site which I found on the internet a while back. I'd like to know how to alter it to fix some bugs.

It works with two files, an HTML file with a form, and a php file which the other file posts to. The PHP file is as follows:

pheterson.com - upload script

if ($img1_name != "") {

@copy("$img1", "/home/pheterso/www/upload/$img1_name")
or die("No copy!");

} else {

die("No input file!");



Your file has been uploaded successfully. Please wait to continue.

Or... If you're a lazy ass, click here.

The modifications I would like to make to this file are as follows:

1) Not allow index.html, index.htm, index.php to be uploaded.
2) Not allow overwriting of files.

Any help at all is appreciated.


?Re: PHP Upload Script
Date:???10-22-03 11:52

1. what does it matter, you assign a new name to them when they are copied from a temp upload folder to the path you want

2. if you are worried about your own files, then simply have a new directory with all the uploads stored in them and see point 1 about renaming

?Re: PHP Upload Script
Date:???10-22-03 13:31

Or better yet setup a extension checker and only allow certain extentions to be uploaded.. but ya having them uploaded to a unreadable tempdir is a good idea.

?Re: PHP Upload Script
Date:???12-17-03 01:12

IF ($img1_name = "index.htm"){
die("File not allowed")
} else {
@copy("$img1", "/home/pheterso/www/upload/$img1_name")
IF ($img1_name = "index.html"){
die("File not allowed")
} else {
@copy("$img1", "/home/pheterso/www/upload/$img1_name")
IF ($img1_name = "index.php"){
die("File not allowed")
} else {
@copy("$img1", "/home/pheterso/www/upload/$img1_name")

- Not the best of code I know, but (if there are formatting errors - excuse me) give it a try, it may slow the page down a bit but should wrk :)

sorry I couldnt be of more help

(samothy.co.uk, samsbox.co.uk)

Go to Top??|??Go to Topic??|??Threaded View??|??Search?
New Topic
?Reply To This Message
?Your Name:
?Your Email:
Email replies to this thread, to the address above.

Provided By