On Mon, 14 Feb 2005, Sean Coates wrote:
is_uploaded_file is a register_globals artifact, and shouldn't need to
be used with the $_FILES array.
? That is untrue. You should always use it.
Derick
--
Derick Rethans
http://derickrethans.nl | http://ez.no | http://xdebug.org
||*()*|| Hi, Jakub.
is_uploaded_file is a register_globals artifact, and shouldn't need to
be used with the $_FILES array.
JV Sounds like it will be best to remove this example and write that
JV is_uploaded_file() is unnecessary if $_FILES array is used instead.
Hmm.. Is it possible to forge
anatoly techtonik wrote:
Hmm.. Is it possible to forge $_FILES contents by supplying some wrong
POST data?
Derick says it's possible:
is_uploaded_file is a register_globals artifact, and shouldn't need to
be used with the $_FILES array.
? That is untrue. You should always use it.
I can't
Derick Rethans wrote:
is_uploaded_file is a register_globals artifact, and shouldn't need to
be used with the $_FILES array.
? That is untrue. You should always use it.
How would $_FILES get populated with invalid data (that is_uploaded_file
would catch)?
S
On Tue, 15 Feb 2005, Sean Coates wrote:
Derick Rethans wrote:
is_uploaded_file is a register_globals artifact, and shouldn't need to
be used with the $_FILES array.
? That is untrue. You should always use it.
How would $_FILES get populated with invalid data (that is_uploaded_file
would
Derick Rethans wrote:
register_globals = 1
http://example.com/$_FILES['file']=foo
You probably meant
http://example.com/?_FILES['file']=foo
In which PHP version? $_FILES and others always overwrite registered
globals AFAIK.
Jakub Vrana
Derick Rethans wrote:
is_uploaded_file is a register_globals artifact, and shouldn't need to
be used with the $_FILES array.
? That is untrue. You should always use it.
How would $_FILES get populated with invalid data (that is_uploaded_file
would catch)?
register_globals = 1
techtonik Mon Feb 14 11:20:01 2005 EDT
Modified files:
/phpdoc/en/reference/filesystem/functions is-uploaded-file.xml
Log:
integrated note 39637, added example
please check wording
anatoly techtonik wrote:
+if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
I think this check is superfluous. $_FILES['userfile']['tmp_name']
always contain an uploaded file.
Jakub Vrana
+if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
I think this check is superfluous. $_FILES['userfile']['tmp_name']
always contain an uploaded file.
Well, not if some maliciosly included code dealt with the files array
before... But then that maliciosly included code would be able to do
Gabor Hojtsy wrote:
+if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
I think this check is superfluous. $_FILES['userfile']['tmp_name']
always contain an uploaded file.
Well, not if some maliciosly included code dealt with the files array
before... But then that maliciosly included
Sean Coates wrote:
is_uploaded_file is a register_globals artifact, and shouldn't need to
be used with the $_FILES array.
Sounds like it will be best to remove this example and write that
is_uploaded_file() is unnecessary if $_FILES array is used instead.
Jakub Vrana
irchtml Mon Jan 10 20:12:58 2005 EDT
Modified files:
/phpdoc/en/reference/filesystem/functions move-uploaded-file.xml
Log:
Bug #31407: move_uploaded_file() documentation incohenrent
13 matches
Mail list logo