2014-01-11 17:28
浏览 50


So I'm making this file upload system in PHP. The $target_path is the absolute path and the permissions of the folder it will be uploaded into is set to 777. The tmp_name also returns something valid and the $_FILES['file_uploaded'] is an array.

However, when I run the following line of code. It returns false.

move_uploaded_file($_FILES['file_uploaded']['tmp_name'], $target_path)

Am I missing something here?

Update [Form HTML code]

<form action="photos.php" enctype="multipart/form-data" method="POST">

    <input type ="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size; ?>" />
    <input type ="hidden" name ="upload" value="upload" />
    <input type="file" name="file_upload" />
    <input type="text" name="tags" value="" />

    <input type="radio" name="size" value="_small" checked> Small<br>
    <input type="radio" name="size" value="_medium"> Medium<br>
    <input type="radio" name="size" value="_large"> Large<br>

    <select name="imagelib_id">
    <option value="1">General</option>
<input type="submit" name="submit" value="Upload" />

Solution I missed a filename for the uploaded file. The following line fixed my problem:

move_uploaded_file($_FILES['file_uploaded']['tmp_name'], $target_path . $_FILES['file_uploaded']['name']);
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • doudu9094 2014-01-11 17:35

    As it says in the PHP manual entry, the second parameter of the needs to be a filename, not a directory. You can follow the sample code and use the "name" value of the array:

    // FIXME: verify filename - see below
    $destination = $target_path . $_FILES['file_uploaded']['name'];    
    move_uploaded_file($_FILES['file_uploaded']['tmp_name'], $destination);

    I strongly recommend to follow the tips in this comment on the PHP manual and verify both the filename for dangerous characters and correct file extension:

    // snippet taken from the comment by Yousef Ismaeil Cliprz
    function check_file_uploaded_name ($filename) {
        (bool) ((preg_match("`^[-0-9A-Z_\.]+$`i",$filename)) ? true : false);
    点赞 打赏 评论

相关推荐 更多相似问题