File upload directive: $_FILES["filename"]["name"] instead of $_FILES["filename"]["tmp_name"]

--0-834447625-1261520971=:40733
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

Hello,
=A0
On my production & testing servers (production runs on a centrino and testi=
ng runs on Windows) I can only access the temporary uploaded file using=20
ini_get( 'upload_tmp_dir' . '/' . $_FILES['filename']['name'];
while the file $_FILES['filename']['tmp_name'] simply does not exist (check=
ed with file_exists() function, and also looking in the temporary folder).
=A0
Is there a problem with my PHP installations? Is there any directive to cha=
nge this bihaviour?
=A0
On production: PHP 5.2.10 and on testing: PHP 5.2.8 and 5.3.0
=A0
Thanks in advance. =0A
--0-834447625-1261520971=:40733--

Re: File upload directive: $_FILES["filename"]["name"] instead

2009/12/22 Andrei Iarus :
> Hello,
>
> On my production & testing servers (production runs on a centrino and testing runs on Windows) I can only access the temporary uploaded file using
> ini_get( 'upload_tmp_dir' . '/' . $_FILES['filename']['name'];
> while the file $_FILES['filename']['tmp_name'] simply does not exist (checked with file_exists() function, and also looking in the temporary folder).
>
> Is there a problem with my PHP installations? Is there any directive to change this bihaviour?
>
> On production: PHP 5.2.10 and on testing: PHP 5.2.8 and 5.3.0
>
> Thanks in advance.
>
>
>

2 functions to get to grips with:

1 - is_uploaded_file()
2 - move_uploaded_file()

Example from http://php.net/is_uploaded_file


if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
echo "File ". $_FILES['userfile']['name'] ." uploaded successfully.\n";
echo "Displaying contents\n";
readfile($_FILES['userfile']['tmp_name']);
} else {
echo "Possible file upload attack: ";
echo "filename '". $_FILES['userfile']['tmp_name'] . "'.";
}

?>


--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: File upload directive: $_FILES["filename"]["name"] instead

2009/12/23 Andrei Iarus :
> Of course: also tried the is_uploaded_file, exactly like in the manual. A=
nd
> it fails.... :(
>
> --- On Wed, 12/23/09, Richard Quadling wrote:
>
> From: Richard Quadling
> Subject: Re: [PHP] File upload directive: $_FILES['filename']['name']
> instead of $_FILES['filename']['tmp_name']
> To: "Andrei Iarus"
> Cc: php-general@lists.php.net
> Date: Wednesday, December 23, 2009, 6:10 PM
>
> 2009/12/22 Andrei Iarus :
>> Hello,
>>
>> On my production & testing servers (production runs on a centrino and
>> testing runs on Windows) I can only access the temporary uploaded file u=
sing
>> ini_get( 'upload_tmp_dir' . '/' . $_FILES['filename']['name'];
>> while the file $_FILES['filename']['tmp_name'] simply does not exist
>> (checked with file_exists() function, and also looking in the temporary
>> folder).
>>
>> Is there a problem with my PHP installations? Is there any directive to
>> change this bihaviour?
>>
>> On production: PHP 5.2.10 and on testing: PHP 5.2.8 and 5.3.0
>>
>> Thanks in advance.
>>
>>
>>
>
> 2 functions to get to grips with:
>
> 1 - is_uploaded_file()
> 2 - move_uploaded_file()
>
> Example from http://php.net/is_uploaded_file
>
> >
> if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
>    echo "File ". $_FILES['userfile']['name'] ." uploaded s=
uccessfully.\n";
>    echo "Displaying contents\n";
>    readfile($_FILES['userfile']['tmp_name']);
> } else {
>    echo "Possible file upload attack: ";
>    echo "filename '". $_FILES['userfile']['tmp_name'] . "'=
..";
> }
>
> ?>
>
>
> --
> -----
> Richard Quadling
> "Standing on the shoulders of some very clever giants!"
> EE : http://www.experts-exchange.com/M_248814.html
> Zend Certified Engineer : http://zend.com/zce.php?c=3DZEND002498&r=3D2134=
74731
> ZOPA : http://uk.zopa.com/member/RQuadling
>
>

What version of Windows?

Can you provide a really basic test?

And a var_dump($_FILES) please?

--=20
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
Zend Certified Engineer : http://zend.com/zce.php?c=3DZEND002498&r=3D213474=
731
ZOPA : http://uk.zopa.com/member/RQuadling

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: File upload directive: $_FILES["filename"]["name"] instead

2009/12/23 Andrei Iarus
>
> Found the problem: I use Zend Framework, and after using a procedre, it i=
s automatically moved. :( Thanks very much, I thought it was a problem with=
PHP, but from now on, it is a Zend Framework problem. Thanks again.
>
> --- On Wed, 12/23/09, Richard Quadling wrote:
>
> From: Richard Quadling
> Subject: Re: [PHP] File upload directive: $_FILES['filename']['name'] ins=
tead of $_FILES['filename']['tmp_name']
> To: "Andrei Iarus" , "PHP General list" lists.php.net>
> Date: Wednesday, December 23, 2009, 7:52 PM
>
> 2009/12/23 Andrei Iarus :
> > Of course: also tried the is_uploaded_file, exactly like in the manual.=
And
> > it fails.... :(
> >
> > --- On Wed, 12/23/09, Richard Quadling wrote=
:
> >
> > From: Richard Quadling
> > Subject: Re: [PHP] File upload directive: $_FILES['filename']['name']
> > instead of $_FILES['filename']['tmp_name']
> > To: "Andrei Iarus"
> > Cc: php-general@lists.php.net
> > Date: Wednesday, December 23, 2009, 6:10 PM
> >
> > 2009/12/22 Andrei Iarus :
> >> Hello,
> >>
> >> On my production & testing servers (production runs on a centrino and
> >> testing runs on Windows) I can only access the temporary uploaded file=
using
> >> ini_get( 'upload_tmp_dir' . '/' . $_FILES['filename']['name'];
> >> while the file $_FILES['filename']['tmp_name'] simply does not exist
> >> (checked with file_exists() function, and also looking in the temporar=
y
> >> folder).
> >>
> >> Is there a problem with my PHP installations? Is there any directive t=
o
> >> change this bihaviour?
> >>
> >> On production: PHP 5.2.10 and on testing: PHP 5.2.8 and 5.3.0
> >>
> >> Thanks in advance.
> >>
> >>
> >>
> >
> > 2 functions to get to grips with:
> >
> > 1 - is_uploaded_file()
> > 2 - move_uploaded_file()
> >
> > Example from http://php.net/is_uploaded_file
> >
> > > >
> > if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
> >    echo "File ". $_FILES['userfile']['name'] ." uploaded=
successfully.\n";
> >    echo "Displaying contents\n";
> >    readfile($_FILES['userfile']['tmp_name']);
> > } else {
> >    echo "Possible file upload attack: ";
> >    echo "filename '". $_FILES['userfile']['tmp_name'] . =
"'.";
> > }
> >
> > ?>
> >
> >
> > --
> > -----
> > Richard Quadling
> > "Standing on the shoulders of some very clever giants!"
> > EE : http://www.experts-exchange.com/M_248814.html
> > Zend Certified Engineer : http://zend.com/zce.php?c=3DZEND002498&r=3D21=
3474731
> > ZOPA : http://uk.zopa.com/member/RQuadling
> >
> >
>
> What version of Windows?
>
> Can you provide a really basic test?
>
> And a var_dump($_FILES) please?
>
> --
> -----
> Richard Quadling
> "Standing on the shoulders of some very clever giants!"
> EE : http://www.experts-exchange.com/M_248814.html
> Zend Certified Engineer : http://zend.com/zce.php?c=3DZEND002498&r=3D2134=
74731
> ZOPA : http://uk.zopa.com/member/RQuadling
>

Glad you got it worked out.

--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
Zend Certified Engineer : http://zend.com/zce.php?c=3DZEND002498&r=3D213474=
731
ZOPA : http://uk.zopa.com/member/RQuadling

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php