>I have a simple script that attempts to upload a file and save it on the
>server. When I click send file I get this error message 'Warning: Unable to
>open '' for reading: No such file or directory in /var/www/html/upload.php
>on line 5
>Couldn't copy the file!'. The file is being uploaded from a Win 2000 machine
>and the php script live on an apache web server on a linux box. I have chmod
>777 the 'image' directory. Any ideas?
>Here's the code -
>
> -- upload.html --
><html>
><head>
><title>Upload a File</title>
></head>
>
><body>
>
><h1>Upload a File</h1>
>
><form enctype="multipart/form-data" method="post" action="upload.php">
>
><p><strong>File to Upload:</strong><br>
><input type="file" name="img1" size="30"></p>
>
><P><input type="submit" name="submit" value="Upload File"></p>
>
></form>
></body>
>
></html>
>
> -- upload.php --
><?php
>
>if ('img1' != "") {
This is kinda silly as it stands... 'img1' will *NEVER* be ''. You want
$img1
> copy($img1_tmp_name, "images/".$img1_name)
Here, you are trying to copy the wrong filename:
$img1 *IS* the file's name on your web-server.
$img1_name is what it used to be called on the surfer's desktop computer.
$img1_tmp_name ain't nothing.
Which is why you get an error message about '' not being able to be copied.
Also, use http://move_uploaded_file instead of copy() because it's *MUCH*
better security.
It makes sure that they haven't somehow fooled you into copying some other
file from somewhere else that isn't the one they uploaded.
It does not, however, make sure that the contents of the file are "safe" in
any way.
That's up to you.
For images, http://php.net/getimagesize is quite handy, because a valid
image will tell you what it is and what size it is, and an invalid one
won't.
> or die("Couldn't copy the file!");
>
>} else {
>
> die("No input file specified");
>}
>
>?>
The upload can also fail and send 'none' for $img1, rather than just ''.
I forget which way is which, but one of them ('none' versus '') means they
tried to upload a file but it didn't make it, and the other means they
didn't even choose a file at all.
--
Like Music? http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
