Web Hosting Talk






PDA

View Full Version : Simple PHP file upload script

shaxs
09-15-2005, 05:25 PM
Hello,

I am looking for a simple simple file upload script made in php. Basically, all it needs to do is have a browse button, let a user select a file, and upload it. An email should be sent to the defined variable and a thank you message put on the screen. Thats it. I have not been able to find something this simple. Does anyone have any reccomendations? I could write it myself I guess, but just want to find a simple solution.
OmegaVortex
09-15-2005, 06:16 PM
There is no simple solution to this problem, you either have to write it using sockets or using FTP.
jetson
09-15-2005, 09:22 PM
http://us2.php.net/features.file-upload
Adam Hallett
09-15-2005, 10:15 PM
I have a script like that for school. I put it behind htaccess. This is extremely simple. I think some of the previous PHP versions had issues with file upload.

http://harddrivecaddy.com/temp/upload.zip
LimpBagel
09-23-2005, 02:41 PM
I implement file uploads just like in jetson's link. Works fine so far.
maxymizer
09-23-2005, 03:14 PM
Originally posted by LimpBagel
I implement file uploads just like in jetson's link. Works fine so far.

Just be sure to implement some security mechanisms. Malicious users might upload viral files and infect your server (or try to).
I hope you'll recognize the security risk behind it all.
shaxs
09-23-2005, 05:43 PM
I do. I wanted to have all files uplaoded to a non public directory, above the htdocs directory, but he was to lazy to ftp in and download them. So, I warned him and put them in a public directory.
LimpBagel
09-23-2005, 07:58 PM
Just be sure to implement some security mechanisms. Malicious users might upload viral files and infect your server (or try to).

Yes, definetely. The files are also uploaded to company specific folders so we would have a place to start looking if anything did happen.
uni001
09-24-2005, 10:25 AM
Originally posted by Adam Hallett
I have a script like that for school. I put it behind htaccess. This is extremely simple. I think some of the previous PHP versions had issues with file upload.

http://harddrivecaddy.com/temp/upload.zip

This looks handy, thanks.
minigino
09-28-2005, 03:24 PM
Originally posted by maxymizer
Just be sure to implement some security mechanisms. Malicious users might upload viral files and infect your server (or try to).
I hope you'll recognize the security risk behind it all.

If you use this method, write a small script to extract the file extension (takes like 2-4 lines of code), then have an array that contains your valid file extensions. You can then use the "in_array()" function to check if the files extension is in the array, therefore valid.
Dan L
09-28-2005, 03:59 PM
Don't forget to check the mime type too..