Php is uploaded file () function

Write your php code

(PHP 3>= 3.0.17, PHP 4 >= 4.0.3, PHP 5)

is_uploaded_file -- Tells whether the file was uploaded via HTTP POST

Syntax

bool is_uploaded_file ( string filename )

Returns TRUE if the file named by filename was uploaded via HTTP POST. This is useful to help ensure that a malicious user hasn't tried to trick the script into working on files upon which it should not be working--for instance, /etc/passwd.

This sort of check is especially important if there is any chance that anything done with uploaded files could reveal their contents to the user, or even to other users on the same system.

For proper working, the function is_uploaded_file() needs an argument like $_FILES['userfile']['tmp_name'], - the name of the uploaded file on the clients machine $_FILES['userfile']['name'] does not work.

Example 1. is_uploaded_file() example


<?php

if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
   echo "File ". $_FILES['userfile']['name'] ." uploaded successfully.\n";
   echo "Displaying contents\n";
   readfile($_FILES['userfile']['tmp_name']);
} else {
   echo "Possible file upload attack: ";
   echo "filename '". $_FILES['userfile']['tmp_name'] . "'.";
}

?>

is_uploaded_file() is available only in versions of PHP 3 after PHP 3.0.16, and in versions of PHP 4 after 4.0.2. If you are stuck using an earlier version, you can use the following function to help protect yourself:

Note: The following example will not work in versions of PHP 4 after 4.0.2. It depends on internal functionality of PHP which changed after that version.

Example 2. is_uploaded_file() example for PHP 4 < 4.0.3


<?php
/* Userland test for uploaded file. */
function is_uploaded_file($filename) 
{
    if (!$tmp_file = get_cfg_var('upload_tmp_dir')) {
        $tmp_file = dirname(tempnam('', ''));
    }
    $tmp_file .= '/' . basename($filename);
    /* User might have trailing slash in php.ini... */
    return (ereg_replace('/+', '/', $tmp_file) == $filename);
}

/* This is how to use it, since you also don't have
 * move_uploaded_file() in these older versions: */
if (is_uploaded_file($HTTP_POST_FILES['userfile'])) {
    copy($HTTP_POST_FILES['userfile'], "/place/to/put/uploaded/file");
} else {
    echo "Possible file upload attack: filename '$HTTP_POST_FILES[userfile]'.";
}
?>

See also move_uploaded_file(), and the section Handling file uploads for a simple usage example.

Php is uploaded file Function syntax tag

is uploaded file php code on this is provided for your study purpose, it will guide you to know how create and design a website using php. use it to practice and train your self online

Php is uploaded file syntax tutorial

php tutorial guide and code design are for easy learning and programming. The code practice section provided at the top is for practising of this syntax. Use the code section up to practice your php programming online. Learning php is very easy, all you need is to use the examples on this site and practice them to perfect your skills.