|
|
Posted by Rik Wasmus on 10/29/07 21:14
On Mon, 29 Oct 2007 21:52:25 +0100, damezumari <jannordgreen@gmail.com> =
=
wrote:
> I have a form:
>
> <form method=3D"post" action=3D"res_addaresource.php" name=3D"frm1"
> enctype=3D"multipart/form-data" onsubmit=3D"return checkFields();">
>
> with a file object:
>
> <input name=3D"localfile" id=3D"localfile" type=3D"file" size=3D"68">
>
> to upload a file.
>
> I click the Browse button and select a file on my hard disk. Then I
> delete or rename the file on my hard disk. When I then submit the
> form
>
> $uploaded =3D move_uploaded_file($_FILES['localfile']['tmp_name'],
> $uploadfile);
>
> returns true and $_FILES['userfile']['error'] does not return an error=
> (it returns the empty string which I guess means 0).
>
> The only way to detect something fishy is going on is looking at
> $_FILES['localfile']['size'] that returns 0.
>
> Is this the way things are supposed to be? I would want $uploaded to
> be false.
Well, the UA should issue the warning/block on a submit (Opera does BTW,=
=
with a nice inline explanation next to the input element, FF & MSIE =
don't). There's no way you can know it's not supposed to be an empty fil=
e, =
which it could be. Empty files are used quite regularly for genuine =
purposes.
-- =
Rik Wasmus
Navigation:
[Reply to this message]
|