You've already seen how PHP4's FTP functions can help youinteract with files on a remote server. In this article, learn how to usePHP's other file and directory manipulation functions, and build anequivalent application that demonstrates the difference between the twoapproaches.
Given all that information, let's take a look at "upload.php4"
// get some information
echo "Filename: $upfile_name<br>";
echo "Temporary filename: $upfile<br>";
echo "File size: $upfile_size bytes<br>";
echo "File type: $upfile_type<br>";
// if upload successful
echo "Upload successful!<br>";
// copy file to new location
if (copy($upfile, "/tmp/uploads/" . $upfile_name))
echo "File copy successful!<br>";
// else display error
echo "Upload unsuccessful!<br>";
Be warned: you should enforce strict rules about what can and
can't be uploaded when using such a system in a production environment. Failure to do this would open up a security hole which would allow users to upload Perl scripts, C binaries and PHP documents to the server, and perhaps even execute them remotely.
A good way to avoid this is to use the $upfile_type variable to decide which files get uploaded, and which get rejected. For example,