Specifications
<?
if ($userfile==”none”)
{
echo “Problem: no file uploaded”;
exit;
}
if ($userfile_size==0)
{
echo “Problem: uploaded file is zero length”;
exit;
}
if ($userfile_type != “text/plain”)
{
echo “Problem: file is not plain text”;
exit;
}
if (!is_uploaded_file($userfile))
{
echo “Problem: possible file upload attack”;
exit;
}
$upfile = “/home/book/uploads/”.$userfile_name;
if ( !copy($userfile, $upfile))
{
echo “Problem: Could not move file into directory”;
exit;
}
echo “File uploaded successfully<br><br>”;
$fp = fopen($upfile, “r”);
$contents = fread ($fp, filesize ($upfile));
fclose ($fp);
$contents = strip_tags($contents);
$fp = fopen($upfile, “w”);
fwrite($fp, $contents);
fclose($fp);
Interacting with the File System and the Server
C
HAPTER 16
16
INTERACTING WITH
THE
F
ILE SYSTEM
AND THE
SERVER
355
LISTING 16.2 Continued
21 7842 CH16 3/6/01 3:40 PM Page 355