Hi, sorry if this is one of those oft-answered questions, but...

I am using the script below to upload a file to the server, however if I
upload a file, say, 'pamnude.jpg' then the tmp path, file name and file size
are returned but not the mimetype. Why could this be?

Also, I read about there being a bug where arbitrary files could be
specified as the file parameter and cause files on the server to be
processed. This can be checked with the is_uploaded_file($file) function.
The example on the php.net site was /etc/passwd
Using the script below, I used /etc/passwd as the file name (or even if I
entered no file name, or any garbage text) and I always get the 'True'
What am I doing wrong?

Finally, is there any way of uploading that won't cause the file to be saved
to the server, but be handled directly by a script to a database?



 echo "$source<br>$name<br>$mimetype<br>$size";


<form enctype='multipart/form-data' method='post' action='$PHP_SELF'>
File to upload: <input type='file' name='ulfile' id='ulfile'>
<input type=submit name='Upload' value='Upload File'><br>

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to