I have created a php file to handle file uploads. It very simple without any bells or whistles.
I just wanted to know if there was a way to control the owner of the new file because when iupload files the owner is set to httpd which means that I can't access the file properly. My code is as follows. <!doctype html public "-//w3c//dtd html 4.0 transitional//en"> <html> <head> <title>File Uploads</title> <meta name="Generator" content="Editplus"> <meta name="Author" content="James Cook"> <meta name="Keywords" content="file upload, Filke Upload, FILE UPLOAD, files, Files, FILES, uploads, Uploads, UPLOADS"> <meta name="Description" content="A page that allows the author to upload files to his web page."> </head> <body> <h2>Cook's File Upload page, please do not use</h2> <br /> <?php global $HTTP_POST_FILES; global $PHP_SELF; include "connect.php"; $connection = dbconnect(); $query="select pwd from pwd;"; $result = @MYSQL_QUERY($query,$connection); if (!$result){ echo("No result"); echo mysql_errno() . ": " . mysql_error() . "\n"; } $res = @MYSQL_RESULT($result,0,"pwd"); if (empty($addr)){ $addr="/home/cj923/public_html/wat/"; } if (empty($first)){ displayform(); } else{ if ($pass==$res){ // In PHP earlier then 4.1.0, $HTTP_POST_FILES previous $_FILES should be used instead of $_FILES. if (is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])){ copy($HTTP_POST_FILES['userfile']['tmp_name'], $addr . $HTTP_POST_FILES['userfile']['name']); } else{ echo "Possible file upload attack. Filename: " . $HTTP_POST_FILES['userfile']['name'] . "<br />"; } /* ...or... */ $move = move_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'], $addr . $HTTP_POST_FILES['userfile']['name']); if (!$move){ echo ("File Move failed"); echo ("<a href='$PHP_SELF'>Try Again</a>"); } else{ echo("File Moved successfully"); } } else{ echo ("Incorrect pass, sorry<br/>"); echo ("<a href='$PHP_SELF'>Try Again</a>"); } } function displayform(){ global $PHP_SELF; $HTML=<<<HTML <form enctype='multipart/form-data' action='$PHP_SELF' method='post'> <input type='hidden' name='max_file_size' value='10000'> <table> <tr> <td>Send this file: </td> <td><input name='userfile' type='file'><br /></td> </tr> <tr> <td><input type='hidden' name='first' value='1'> Use this pass: </td> <td><input type='password' name='pass'></td> </tr> <tr> <td>Save to this location: </td> <td><input type='text' name='addr'></td> </tr> <tr> <td></td><td>Default is /home/cj923/public_html/wat/</td> </tr> <tr colspan='2'> <td><input type='submit' value='send file'></td> </tr> </form> HTML; echo ($HTML); } ?> </body> </html> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php