[PHP-DB] Re: Help with file upload

Thu, 16 Oct 2003 00:10:03 -0700 

I made a mistake in my last message:

The lines that say:
                ftp_chdir( $site , $folder );
                ftp_site( $site , "chmod $mode $folder" );
should say:
                ftp_chdir( $site , $folderbase );    // this is the one that
was wrong
                ftp_site( $site , "chmod $mode $folder" );



"Bunmi Akinmboni" <[EMAIL PROTECTED]> escribió en el mensaje
news:[EMAIL PROTECTED]
> Pls Help.
> I have done a lot of reading prior to this yet I just can't seem make it
> work. I wrote an upload program as seen below but the response I got was:
>
> Possible file upload attack. Filename: ayservenet.jpg Array ( [ufile1]
> => Array ( [name] => ayservenet.jpg [type] => image/pjpeg [tmp_name] =>
> /tmp/phpIMEhdh [error] => 0 [size] => 3030 ) )
>
> My codes are:
> File UPLOAD.HTM:
> <html>
> <head>
> <title>Untitled Document</title>
> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
> </head>
>
> <body>
> <form method="post" action="fuprocess.php" enctype="multipart/form-data">
> <input type="file" name="ufile1" size="20">
> <input type="submit" name="submit" value="submit">
> </form>
> </body>
> </html>
>
> File FUPROCESS.PHP:
> <?php
> // In PHP earlier then 4.1.0, $HTTP_POST_FILES  should be used instead
> of $_FILES.
> // $realname = $_FILES['ufile1']['name'];
>
> if (is_uploaded_file($_FILES['ufile1']['name'])) {
>      copy($_FILES['ufile1']['name'], ".");
> echo "$ufile1_name ";
> echo "DONE";
> echo " ";
> print_r($_FILES);
> } else {
>      echo "Possible file upload attack. Filename: " .
> $_FILES['ufile1']['name'];
> echo " ";
> print_r($_FILES);
> }
> ?>
>
> Thanks.
> --
> 'Bunmi Akinmboni
> 5, Aibu Street, Off Bode Thomas Street,
> P.O. Box 6235, Surulere, Lagos, NIGERIA.
> Tel: (234) 1-813-3335
> Fax: (234) 1-583-2585 (Nigeria Only)
> Fax: 1 (309) 285-2383 (International)
> Email: [EMAIL PROTECTED]
> Web site: http://www.budelak.com
>            http://www.ayserve.net
>
> Web Design, Web Hosting, Domain Registration, ICT Consultancy,
> Networking, Internet, eCommerce, System Integrator
> ===================================================

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to