(PHP 3>= 3.0.17, PHP 4 >= 4.0.3, PHP 5)
is_uploaded_file -- Tells whether the file was uploaded via HTTP POSTReturns TRUE if the file named by filename was uploaded via HTTP POST. This is useful to help ensure that a malicious user hasn't tried to trick the script into working on files upon which it should not be working--for instance, /etc/passwd.
This sort of check is especially important if there is any chance that anything done with uploaded files could reveal their contents to the user, or even to other users on the same system.
is_uploaded_file() is available only in versions of PHP 3 after PHP 3.0.16, and in versions of PHP 4 after 4.0.2. If you are stuck using an earlier version, you can use the following function to help protect yourself:
Note: The following example will not work in versions of PHP 4 after 4.0.2. It depends on internal functionality of PHP which changed after that version.
<?php |
See also move_uploaded_file(), and the section Handling file uploads for a simple usage example.
Sites of interest: Web Hosting : Reseller Hosting : Website Hosting : HTML Editor : Web Design Templates : Free Web Hosting : ASP code examples : PHP & MySQL Code Examples |
Copyright © 2004 Evrsoft Developer Network. Privacy policy - Link to Us |
Contact Evrsoft |