|
|
Posted by AnrDaemon on 10/30/07 22:11
Greetings, damezumari.
In reply to Your message dated Monday, October 29, 2007, 23:52:25,
> I have a form:
> <form method="post" action="res_addaresource.php" name="frm1"
> enctype="multipart/form-data" onsubmit="return checkFields();">
> with a file object:
> <input name="localfile" id="localfile" type="file" size="68">
> to upload a file.
> I click the Browse button and select a file on my hard disk. Then I
> delete or rename the file on my hard disk. When I then submit the
> form
> $uploaded = move_uploaded_file($_FILES['localfile']['tmp_name'],
> $uploadfile);
> returns true and $_FILES['userfile']['error'] does not return an error
> (it returns the empty string which I guess means 0).
> The only way to detect something fishy is going on is looking at
> $_FILES['localfile']['size'] that returns 0.
> Is this the way things are supposed to be? I would want $uploaded to
> be false.
I think You messing with client- and server-side checks.
If You want to get real files from clients, just demand that they should be
more than zero bytes long. You can check uploaded file in place before moving
it.
Refer to PHP documantation in parts of file uploading (ini_get('upload_tmp_dir'),
is_uploaded_file('path/name') etc.)
--
Sincerely Yours, AnrDaemon <anrdaemon@freemail.ru>
Navigation:
[Reply to this message]
|