[FX.php List] [OFF] Potential gotchas with uploading files?
Joel Shapiro
jsfmp at earthlink.net
Fri Apr 3 12:01:23 MDT 2009
Thanks everybody for all your input.
Webko's FileThingie seems very cool although more than I'd need for
this project -- but I did have issues ("unknown error") with it on my
web host. I didn't do any troubleshooting on it, but it confirms
that there can be various server issues that will likely need to be
dealt with in addition to things like validating & restricting file
types.
Michael's Easy PHP Upload looks nice and simple but I haven't
downloaded it yet.
I think I've got my answer. Now I just need to decide how big of a
headache I'm willing to take on for this project ;)
Thanks all.
-Joel
On Apr 3, 2009, at 10:10 AM, Dale Bengston wrote:
> Hi Bob,
>
> Well, it still has to be a directory that has www write
> permissions, but as you pointed out in your example, that directory
> is known to the PHP scripts but not exposed to the user.
>
> This is where I started:
>
> http://us.php.net/manual/en/reserved.variables.files.php
> http://us.php.net/manual/en/function.is-uploaded-file.php
> http://us.php.net/manual/en/function.move-uploaded-file.php
>
> Dale
>
> On Apr 3, 2009, at 11:52 AM, Bob Patin wrote:
>
>> Dale,
>>
>> How do you move the files to another directory without having to
>> give the same permissions to the final directory? I'd be
>> interested in seeing how that's done...
>>
>> Best,
>>
>> Bob Patin
>>
>>
>> <new_logo_idea3_120w.jpg>
>>
>> Longterm Solutions
>> bob at longtermsolutions.com
>> 615-333-6858
>> http://www.longtermsolutions.com
>> iChat: bobpatin
>> AIM: longterm1954
>> FileMaker 9 Certified Developer
>> Member of FileMaker Business Alliance and FileMaker TechNet
>> --------------------------
>> FileMaker hosting and consulting for all versions of FileMaker
>> PHP • Full email services • Free DNS hosting • Colocation •
>> Consulting
>>
>> On Apr 3, 2009, at 11:38 AM, Dale Bengston wrote:
>>
>>> I followed the strategy laid out on php.net for uploading files
>>> to a temp directory, validating there, and moving/renaming valid
>>> files to another location. Anything not passing validation is
>>> deleted from the temp directory and the user gets an error message.
>>>
>>> I'm looking at Michael's and Webko's suggested libraries now, for
>>> one really good reason: multiple file upload support. This is
>>> going to be huge for a brand/content management system I am just
>>> beginning to develop.
>>>
>>> Dale
>>>
>>> On Apr 3, 2009, at 12:39 AM, Head Honcho wrote:
>>>
>>>> Hi Joel,
>>>>
>>>> On 03/04/2009, at 1:15 PM, Joel Shapiro wrote:
>>>>
>>>>> Hi all
>>>>>
>>>>> I'm looking for thoughts on how complicated an upload-file site
>>>>> can be.
>>>>>
>>>>>
>>>> <snip />
>>>>
>>>>>
>>>>> For those that have worked with this, what kinds of problems
>>>>> can should I be ready for? Could this be a big headache?
>>>>
>>>> I use the "easy upload" (<http://www.finalwebsites.com/
>>>> snippets.php?id=7>) class which allows me to set file sizes/
>>>> types as part of my script.
>>>>
>>>> Permissions can be a problem.. the upload folder will have to
>>>> have write permissions for the web server (_www or www or nobody
>>>> or whateverTheWebUserIsOnYourSystem). Those using the files
>>>> will need read privileges at least.
>>>>
>>>> Regards
>>>>
>>>> Michael Ward
>>>> --
>>>> Head Honcho
>>>> CustoMike Solutions
>>>> Member, FileMaker Business Alliance
>>>> Member, FileMaker Technical Network
>>>> FileMaker 7 Certified Developer
>>>> FileMaker 8 Certified Developer
>>>> FileMaker 9 Certified Developer
>>>> 10 Wandoo Crt
>>>> Wheelers Hill, 3150
>>>> ph 0414 562 501
>>>> headhoncho at customikesolutions.com
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> FX.php_List mailing list
>>>> FX.php_List at mail.iviking.org
>>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>>
>>> _______________________________________________
>>> FX.php_List mailing list
>>> FX.php_List at mail.iviking.org
>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
More information about the FX.php_List
mailing list