Manualshelf

Specifications

ManualsBrandsMaxxus ManualsExercise BikePRO SPK-23
381382383384385386387388389390
Common Problems
There are a few things to keep in mind when performing file uploads.
The previous example assumes that users have been authenticated elsewhere. You
shouldnt allow just anybody to upload files on to your site.
If you are allowing untrusted or unauthenticated users to upload files, its a good idea to
be pretty paranoid about the contents of them. The last thing you want is a malicious
script being uploaded and run. You should be careful, not just of the type and contents of
the file as we are here, but of the filename itself. Its a pretty good idea to rename
uploaded files to something you know to be safe.
If you are using an NT or other Windows-based machines, be sure to use
\\ instead of \
in file paths as usual.
If you are having problems getting this to work, check out your php.ini file. You will
need to have set the upload_tmp_dir directive to point to some directory that you have
access to. You might also need to adjust the memory_limit directive if you want to
upload large filesthis will determine the maximum file size in bytes that you can
upload.
If PHP is running in safe mode, you will get an error message about being unable to
access the temporary file. This can only be fixed either by not running in safe mode or
by writing a non-PHP script that copies the file to an accessible location. You can then
execute this script from your PHP script. Well look at how to execute programs on the
server from PHP toward the end of this chapter.
Using Directory Functions
After the users have uploaded some files, it will be useful for them to be able to see whats
been uploaded and manipulate the content files.
PHP has a set of directory and file system functions that are useful for this purpose.
Reading from Directories
First, well implement a script to allow directory browsing of the uploaded content. Browsing
directories is actually very straightforward in PHP. In Listing 16.3, we show a simple script
that can be used for this purpose.
Advanced PHP Techniques
P
ART IV
358
21 7842 CH16 3/6/01 3:40 PM Page 358