[FX.php List] [OFF] Potential gotchas with uploading files?

Dale Bengston dbengston at tds.net
Fri Apr 3 11:10:22 MDT 2009


Hi Bob,

Well, it still has to be a directory that has www write permissions,  
but as you pointed out in your example, that directory is known to the  
PHP scripts but not exposed to the user.

This is where I started:

http://us.php.net/manual/en/reserved.variables.files.php
http://us.php.net/manual/en/function.is-uploaded-file.php
http://us.php.net/manual/en/function.move-uploaded-file.php

Dale

On Apr 3, 2009, at 11:52 AM, Bob Patin wrote:

> Dale,
>
> How do you move the files to another directory without having to  
> give the same permissions to the final directory? I'd be interested  
> in seeing how that's done...
>
> Best,
>
> Bob Patin
>
>
> <new_logo_idea3_120w.jpg>
>
> Longterm Solutions
> bob at longtermsolutions.com
> 615-333-6858
> http://www.longtermsolutions.com
> iChat: bobpatin
> AIM: longterm1954
> FileMaker 9 Certified Developer
> Member of FileMaker Business Alliance and FileMaker TechNet
> --------------------------
> FileMaker hosting and consulting for all versions of FileMaker
> PHP • Full email services • Free DNS hosting • Colocation • Consulting
>
> On Apr 3, 2009, at 11:38 AM, Dale Bengston wrote:
>
>> I followed the strategy laid out on php.net for uploading files to  
>> a temp directory, validating there, and moving/renaming valid files  
>> to another location. Anything not passing validation is deleted  
>> from the temp directory and the user gets an error message.
>>
>> I'm looking at Michael's and Webko's suggested libraries now, for  
>> one really good reason: multiple file upload support. This is going  
>> to be huge for a brand/content management system I am just  
>> beginning to develop.
>>
>> Dale
>>
>> On Apr 3, 2009, at 12:39 AM, Head Honcho wrote:
>>
>>> Hi Joel,
>>>
>>> On 03/04/2009, at 1:15 PM, Joel Shapiro wrote:
>>>
>>>> Hi all
>>>>
>>>> I'm looking for thoughts on how complicated an upload-file site  
>>>> can be.
>>>>
>>>>
>>> <snip />
>>>
>>>>
>>>> For those that have worked with this, what kinds of problems can  
>>>> should I be ready for?  Could this be a big headache?
>>>
>>> I use the "easy upload" (<http://www.finalwebsites.com/snippets.php?id=7 
>>> >) class which allows me to set file sizes/types as part of my  
>>> script.
>>>
>>> Permissions can be a problem.. the upload folder will have to have  
>>> write permissions for the web server (_www or www or nobody or  
>>> whateverTheWebUserIsOnYourSystem).  Those using the files will  
>>> need read privileges at least.
>>>
>>> Regards
>>>
>>> Michael Ward
>>> --
>>> Head Honcho
>>> CustoMike Solutions
>>> Member, FileMaker Business Alliance
>>> Member, FileMaker Technical Network
>>> FileMaker 7 Certified Developer
>>> FileMaker 8 Certified Developer
>>> FileMaker 9 Certified Developer
>>> 10 Wandoo Crt
>>> Wheelers Hill, 3150
>>> ph 0414 562 501
>>> headhoncho at customikesolutions.com
>>>
>>>
>>>
>>> _______________________________________________
>>> FX.php_List mailing list
>>> FX.php_List at mail.iviking.org
>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1582 bytes
Desc: not available
Url : http://mail.iviking.org/pipermail/fx.php_list/attachments/20090403/3f81fd84/smime.bin


More information about the FX.php_List mailing list