Documentation is available at upload_example.php
- <?php
- /**
- * upload_example.php
- *
- * (C) 2007 SPLINELAB http://www.splinelab.com/flexupload/
- *
- * Simple upload-script to demonstrate and test FlexUpload.
- * Feel free to use this to start developing your own scripts.
- *
- * Your upload script have to return some information for FlexUpload.
- *
- * If the upload was successfull just print "OK" (uppercase without quotation marks)
- * If something went wrong print a nice error message to inform the user what happened.
- *
- *
- *
- * Important Note:
- *
- * In real-life your upload script have to be more secure than this one.
- * You have to make sure that only authorized users can upload files to your server!
- * You also should check the extension of the uploaded file to prevent bad guys to upload
- * malicious executable files (you should not accept files endig with .ph*, .cgi, .pl, ...)
- *
- *
- *
- * Notes for migration from JavaUpload:
- *
- * The field name has changed to "Filedata" (this is the default in Flex) so you have to use
- * $_FILES['Filedata'] to access the uploaded file.
- *
- * The format of the return value also has changed. If you print something different than "OK"
- * FlexUpload assumes an error.
- * E.g. In JavaUpload you printed "success=1\r\n" if your upload succeeds and
- * "success=0\r\nSome error occurred"
- * Now you print "OK" if your upload succeeds and "Some error occured". This helps to avoid
- * parsing errors of the return value if your script raises some php warnings or errors.
- *
- *
- * @version 1.0
- * @author Mirko Schaal <ms@splinelab.com>
- * @package FlexUpload
- * @subpackage example
- */
- // just test GET parameters provided to the postURL parameter...
- //echo "myGETVariable: ".$_GET['myGETVariable'];
- // is Filedata there?
- if (! isset($_FILES['Filedata'])) {
- echo "Whooops! There is no file! (maybe filesize is greater than POST_MAX_SIZE directive in php.ini)";
- exit;
- }
- // make nicer filenames ;)
- $fn = preg_replace("/[^a-zA-Z0-9._-]/", "_", $_FILES['Filedata']['name']);
- // and set the directory
- $fn = 'uploaddir/'.$fn;
- // check if the file already exists
- if ( file_exists($fn) ) {
- echo "File exists - i don't like to overwrite it!";
- exit;
- }
- // move the uploaded file
- if (is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
- if (move_uploaded_file($_FILES['Filedata']['tmp_name'], $fn)) {
- @chmod($fn, 0666);
- echo 'OK';
- } else {
- echo 'can\'t move the uploaded file';
- }
- } else {
- switch($_FILES['Filedata']['error']) {
- case 0:
- echo 'possible file attack!';
- break;
- case 1:
- echo 'uploaded file exceeds the UPLOAD_MAX_FILESIZE directive in php.ini';
- break;
- case 2:
- echo 'uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the html form';
- break;
- case 3:
- echo 'uploaded file was only partially uploaded';
- break;
- case 4:
- echo 'no file was uploaded';
- break;
- default: //a default error, just in case! :)
- echo 'default error - that\'s magic!';
- break;
- }
- }
- ?>
Documentation generated on Sun, 17 Jun 2007 11:38:02 +0200 by phpDocumentor 1.3.0RC3