By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
454,407 Members | 1,583 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 454,407 IT Pros & Developers. It's quick & easy.

Wrong if statement logic

P: n/a
I am trying to upload images using either exec command.
The file is uploaded ok.
My script:

<html>
<head>
<title>Picture Upload Page</title>
<?php

if ($_POST['upload']=="upload") {

$fnamefrom = ' ()/\%"'."'^&*@!`~";
$fnameto = "+__________+___";
$fname = strtr($pic_name,$fnamefrom,$fnameto);

if ($pic_size > 0) {
$upload_file = system("/bin/cp $pic
/mnt/raid/WWWROOT/lexon.ws/imgstore/$fname", $retval);

if ($upload_file) {
$goodsave = 1;
}
else {
echo "error while uploading files";
};
};
}

else {echo "no submit";};

?>
</head>
<body>
<?php
if ($goodsave == 1) {
?>
<p>The picture, $pic, was successfully saved to the server.</p>
<?php
}
else {echo "NOT SAVED!!!";};
?>

<form action="<?php echo $PHP_SELF?>" method="post"
enctype="multipart/form-data">
<input type="file" name="pic" size="25">
<input type="submit" name="upload" value="upload">
</form>

</body>
</html>
I still receive error NOT SAVED and error uploading files.
Is something wrong with my logic.

Thanks
Jul 17 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
Bartosz Wegrzyn wrote:
I am trying to upload images using either exec command.
The file is uploaded ok.
My script:

<html>
<head>
<title>Picture Upload Page</title>
<?php

if ($_POST['upload']=="upload") {

$fnamefrom = ' ()/\%"'."'^&*@!`~";
$fnameto = "+__________+___";
$fname = strtr($pic_name,$fnamefrom,$fnameto);

if ($pic_size > 0) {
$upload_file = system("/bin/cp $pic

^
Where is $pic coming
from?

And why are you using system commands when there's perfectly good PHP
functions to do exactly what you want? e.g. move_uploaded_file(), or
even just copy()

--
Oli

Jul 17 '05 #2

P: n/a
Oli Filth wrote:
Bartosz Wegrzyn wrote:
I am trying to upload images using either exec command.
The file is uploaded ok.
My script:

<html>
<head>
<title>Picture Upload Page</title>
<?php

if ($_POST['upload']=="upload") {

$fnamefrom = ' ()/\%"'."'^&*@!`~";
$fnameto = "+__________+___";
$fname = strtr($pic_name,$fnamefrom,$fnameto);

if ($pic_size > 0) {
$upload_file = system("/bin/cp $pic


^
Where is $pic coming
from?

And why are you using system commands when there's perfectly good PHP
functions to do exactly what you want? e.g. move_uploaded_file(), or
even just copy()

the pic is comming from the form
Jul 17 '05 #3

P: n/a
Bartosz Wegrzyn wrote:
Oli Filth wrote:
Bartosz Wegrzyn wrote:
I am trying to upload images using either exec command.
The file is uploaded ok.
My script:

<html>
<head>
<title>Picture Upload Page</title>
<?php

if ($_POST['upload']=="upload") {

$fnamefrom = ' ()/\%"'."'^&*@!`~";
$fnameto = "+__________+___";
$fname = strtr($pic_name,$fnamefrom,$fnameto);

if ($pic_size > 0) {
$upload_file = system("/bin/cp $pic


^
Where is $pic coming
from?

And why are you using system commands when there's perfectly good PHP functions to do exactly what you want? e.g. move_uploaded_file(), or even just copy()

the pic is comming from the form


This is assuming that you have register_globals enabled. But having it
enabled is a Bad Thing. See
http://www.php.net/manual/security.globals.php for why.

Have you actually read the manual on how to handle file uploads? Start
with the examples there.
http://www.php.net/manual/features.file-upload.php
--
Oli

Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.