is_uploaded_file

Tells whether the file was uploaded via HTTP POST

bool **is_uploaded_file** string $filename

Returns true if the file named by was uploaded via HTTP POST. This is useful to help ensure that a malicious user hasn't tried to trick the script into working on files upon which it should not be working--for instance, . filename

This sort of check is especially important if there is any chance that anything done with uploaded files could reveal their contents to the user, or even to other users on the same system.

For proper working, the function needs an argument like , - the name of the uploaded file on the client's machine does not work. is_uploaded_file``$_FILES['userfile']['tmp_name']``$_FILES['userfile']['name']

filenameThe filename being checked.

return.success

Voorbeeld: example

<?php

if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
   echo "File ". $_FILES['userfile']['name'] ." uploaded successfully.\n";
   echo "Displaying contents\n";
   readfile($_FILES['userfile']['tmp_name']);
} else {
   echo "Possible file upload attack: ";
   echo "filename '". $_FILES['userfile']['tmp_name'] . "'.";
}

?>

move_uploaded_file``$_FILESHandling file uploads

Vorige ← is_readable Volgende is_writable →

is_uploaded_file

is_uploaded_file

Documentatie