views:

162

answers:

3

I am trying to upload a file to a sever using PHP. I cannot get it to work. Here is the code:

if( isset($_POST['Upload']) )
{

   //size condition 
   if ( $_FILES['uploaded']['size'] > 350000) 
   { 
      $mesg = "Your file is too large.<br>"; 
      exit; 
   } 

   if( move_uploaded_file($_FILES['uploaded']['tmp_name'], "upload/" . $_FILES['uploaded']['name'] ) )
   { 
      $mesg =  "The file ". basename( $_FILES['uploaded']['name']). " has been uploaded";    
   } 
   else 
   {     
      $mesg =  "Sorry, there was a problem uploading your file."; 
   }    
}
else
{
   $mesg = "Select a File to upload.";
}

Here is the code for the form I am using to submit the file:

<?
echo $mesg;
?>
<br /><br />
<form enctype="multipart/form-data" action="" method="POST">
Please choose a file: <input name="uploaded" type="file" /><br />
<input type="submit" value="Upload" />
</form>
+6  A: 

You need enctype="multipart/form-data" inside your <form> tag or nothing will be uploaded.

For more, check out the PHP manual.

Also, I am not sure if you're just doing this to test the functionality, but you should be wary of putting uploaded files in a web accessible folder, especially with their original names. This leaves an open door for someone to upload a malicious script and potentially take over your server.

Paolo Bergantino
+1 excellent security point
Jonathan Fingland
This is in a password protected area that only 2 or 3 people will have access to, so I am not worried about malicious scripts.
Josh Curren
i added the enctype="multipart/form-data" and i am still having the same problem
Josh Curren
+1  A: 

Change your form to

<form action="" method="POST" enctype="multipart/form-data">
ABCoder
i added the enctype="multipart/form-data" and i am still having the same problem
Josh Curren
+2  A: 

Your submit button does not have a name:

<input type="submit" value="Upload" />

You are checking for $_POST['Upload'], so you probably want:

<input type="submit" value="Upload" name="Upload" />
Tom Haigh
wow... I cant believe I missed that. Thanks!
Josh Curren