Home/ Questions/Q 7037759
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T01:35:02+00:00

I’m using www.phpcloud.com as a server for my application. I’m testing it so I

  • 0

I’m using http://www.phpcloud.com as a server for my application. I’m testing it so I can also determine the limitation of this application. It is free and fast. Now I have a problem. My code is not working. I can’t upload photo/image. I’ve used the ajax style upload but it won’t work. I have can it to the name way, but it also don’t work.

here is the code:

move_uploaded_file($_FILES['PF']['tmp_name'],"images/".$_FILES['PF']['name']);

The $_FILES[‘PF’][‘name’] have a value and the value is the image/photo that I upload.

anyone who have experience this and solve it? Or anyone who can help me please?.

THanks,
Justin

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Did you check if the upload succeeded? Just because you get the original filename in PHP doesn’t mean it did:

    if ($_FILES['PF']['error'] !== UPLOAD_ERR_OK) {
   die("Upload failed with error code " . $_FILES['PF']['error']);
}

    The error codes are defined here.

    Beyond that, never ever use the user-provided filename blindly in a filesystem operation as you are. It is trivial for a malicious user to embed a path into that file and your code would allow them to scribble on any file on your server which the webserver userID has write access to. e.g. ...['file'] = '../../../../../../../../etc/passwd'.

    • 0