Selecting folder path using input type file

Question

I have a problem in PHP. I am using <input type=file> to get the file name from the user. Basically I want to store the just folder path and not the file, so that when I display the path using hyperlink, the user can open the directory.

But using <input type=file> the user has to select a file then only the file textbox will get filled. Now I want to strip off the last part of the filename.

How do I do this ? Or is there a better way to solve this problem?

EDIT:

I am using something like this in say a file named 1.html:

<form method="post" action="update.php">
    <input type="file" name="attachment" id="attachment"></td> </tr>
 </form>

Now, in update.php I am using something like this:

$logpath1=$_POST['attachment'];

Basically I am getting the file name in $logpath1 that user selects. But the thing is input type = file will only work for files and not folders.

So, how do I strip the filename from the path?

Example: if user selects,

C:\Documents and Settings\myusee\Desktop\new 2.cpp

I want to strip off new 2.cpp.

I am not sure how can I use explode. Moreover I am running on XAMPP Lite.

Answer 1

Most browsers suppress accessing the path info (or any other part of a file input box) for security reasons. With normal file inputs, this can not be done. Maybe one of the Flash-based uploading plugins like swfbox allow presetting a directory.

Answer 2

You can do this another way, put a hidden field <input type="hidden" id="something" name="something" /> and use jQuery (JavaScript) to select the value of the file input box and put it into hidden field before submission and after submission you will have a whole path, I don't know if it works but it's worth a try.

Answer 3

You need to tune your Google fu.

First hit got me this tutorial: PHP file upload

I think what you are looking for is $_FILES['uploadedfile']['name']

Answer 4

1) ANY information about the clients file structure directory path is a security risk. POST submits, JavaScript, Flash, Java applications or any other web-based method that has the ability to do this is an exploit. I would doubt Firefox, Internet Explorer, Safari, Opera, or any other browser is going to allow you to do this. If a method is found - a later version most likely will patch this exploit and your code will be rendered useless.

2) If you want to instead display a directory of your server directory, you can use this PHP code to get the full path to the temp directory where the uploaded file is stored.

$temp_path=$_FILES['attachment']['tmp_name'];

However, this would be a security risk for your SERVER. Also, the temp path is normally denied access from the web. Normally, only the PHP interpreter can access this.

Usually, once a file is uploaded, if it is valid, it can be moved this way:

move_uploaded_file($_FILES['attachment']['tmp_name'], $the_directory_i_want);

But since $the_directory_i_want is a variable you set, you would already know this.

It sort of sounds like you are trying to use WAMP and PHP as a local file utility of some sort. If that is the case, PHP may not be a good solution. You may instead want to look at creating an .HTA application.