well i gota free account at hostulra.com which allows free use of php, to try out the upload code for ppl to post picures and upload them directly to the server through a code i got from the tutorial on this page http://uk2.php.net/manual/en/features.file-upload.php

i done what the tutorial said to do makign to different files, one for the form and one for the validation crap, but wheneveri go to the page with the form on it and select my file and go to send file i receive a page that says this

Possible file upload attack!
Here is some more debugging info:Array
(
)


Anybody help me with this, could it be the free host not allowing such coding? i've looked for the problem on the php tutorail thing but found no solution, somebody help me out?

have you chmod'd the upload directory, also make sure on this line

$uploaddir = '/var/www/uploads/';

you have the right path, will probably be something like /home/username/public_html/

can we see your code, if you follow that example above you posted (the one i gave you) it will work

<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.

$uploaddir = '/uploads';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";

?>

i made a directory called uploads for the files, but i still get the error.

Should there be another forward slash in your $uploaddir variable? And also, like 96turnerri mentions, use your full server/root path.

$uploaddir = '/home/serverpath/public_html/uploads/';

One final thing, always use the is_uploaded_file() function to test whether the file has been uploaded to the server before you move it.

:)

well i trie dputtin in the full address
and that still didnt work

and lol i have no clue what the is uploade dfile function test is, i'm the biggest noob when it comes to php, only thing i know how to do with php is the page reload thing where its easy to have a main page and just make new pages without having to upadte every page because of how they reload in the content area.

im stuck already with this stuff

To use the is_uploaded_file() function you would do:


if (is_uploaded_file($_FILES['tmp_name']))
{
move_uploaded_file($_FILES['tmp_name'],$uploaddir);
}


You can actually use this function for debugging.

Try doing:


if (is_uploaded_file($_FILES['tmp_name']))
{
echo "File OK";
}
else
{
echo "File Not Uploaded";
}


See if the file is getting uploaded to the server. If it is, then the problem is with your $uploaddir variable. If not, then its something else. Its a process of elimination.

:)

so place the test code in place of the other code on my validation page and it'll tell if the file is gettin uploaded or not?

alright i put the test code in there along with the other one i didnt replace amnd heres what i got

Possible file upload attack!
Here is some more debugging info:Array
(
)

File Not Uploaded


so obviously its something else
the file isnt getting uploaded for some reason.. .
but im learning from this :)

$file_dir = "/home/public_html/~stampedia/walkthesky/uploads";
foreach( $HTTP_POST_FILES as $file_name => $file_array ) {
$file_name = $file_array['name'];
if( is_uploaded_file( $file_array['tmp_name'] ) ) {
move_uploaded_file( $file_array['tmp_name'], "$file_dir/$file_name") or die ("Couldn't Copy");
}
}

remember the enctype in the form tag for uploading the files and make sure its POST not GET

man i put that code in and it still didnt work
idk what the deal is i just suck!

can we see both your form and your action code

Form :
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="validate.php" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>


action

<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.


$uploaddir = '/~ratemyguitar/uploads/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";



$file_dir ="/~stampedia/walkthesky/uploads/";
foreach( $HTTP_POST_FILES as $file_name => $file_array ) {
$file_name = $file_array['name'];
if( is_uploaded_file( $file_array['tmp_name'] ) ) {
move_uploaded_file( $file_array['tmp_name'], "$file_dir/$file_name") or die ("Couldn't Copy");
}
}


if (is_uploaded_file($_FILES['tmp_name']))
{
echo "File OK";
}
else
{
echo "File Not Uploaded";

try making this line
$file_dir ="/~stampedia/walkthesky/uploads/";

$file_dir ="home/public_html/~stampedia/walkthesky/uploads/";
or
$file_dir ="home2/public_html/~stampedia/walkthesky/uploads/";

or ask you host what the full path server root is, and make sure the dir 'uploads' is chmod 0777

EDIT: ok upon looking at this page http://phpinfo.hostultra.com/, i think you should make

$file_dir = "/home2/~stampedia/public_html/walkthesky/uploads/"; but try the others above if that doesnt work

alright im sorta confused
is this what my action code should look like

<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.


$uploaddir = '/home2/~stampedia/public_html/walkthesky/uploads/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'
], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";



$file_dir ="/home2/~stampedia/public_html/walkthesky/uploads/";
foreach( $HTTP_POST_FILES as $file_name => $file_array ) {
$file_name = $file_array['name'];
if( is_uploaded_file( $file_array['tmp_name'] ) ) {
move_uploaded_file( $file_array['tmp_name'], "$file_dir/$file_name") or die ("Couldn't Copy");
}
}


if (is_uploaded_file($_FILES['tmp_name']))
{
echo "File OK";
}
else
{
echo "File Not Uploaded";

?>

or should it just be this

<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.

$file_dir = "/home2/~stampedia/public_html/walkthesky/uploads/";
foreach( $HTTP_POST_FILES as $file_name => $file_array ) {
$file_name = $file_array['name'];
if( is_uploaded_file( $file_array['tmp_name'] ) ) {
move_uploaded_file( $file_array['tmp_name'], "$file_dir/$file_name") or die ("Couldn't Copy");
}
}



?>

Originally posted by [S]tampede
<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.

$file_dir = "/home2/~stampedia/public_html/walkthesky/uploads/";
foreach( $HTTP_POST_FILES as $file_name => $file_array ) {
$file_name = $file_array['name'];
if( is_uploaded_file( $file_array['tmp_name'] ) ) {
move_uploaded_file( $file_array['tmp_name'], "$file_dir/$file_name") or die ("Couldn't Copy");
}
}

?>

alright i put that code in my action code
and i find a file and go to upload then it just displays a blank page
with nothing on it. And when i go look in my uploads folder, there aren't any files in there, so the file never got uploaded. I'm going to put the test code in there to see if its gettin uploaded and see what it does.

alright put the test code in there and got the result of
"File Not Uploaded"

damn.. something else is wrong

chmod settings would od that check they are 0777 and make sure you have enctype on the form tag

...form tag ectype? man i know nothing about php lol im confused what exactly do i put in the form tag for enctype?

<form enctype="multipart/form-data" ... ;)

oh yeah i checked that.. it was already in there lol

alright, have any idea of what to do now? lol seems as tho we've tried everything, and its my lack of knowledge about php is what really is causing the problems.

next step: contact your host ask them