Hi I am currently trying to create an upload section for my website, i have looked at multiple websites and examples such as:
W3Schools
I have found out that there are multiple ways that these can go wrong for example mysql injection is each due to them using the $_FILES["file"]["type"]. So I have started to follow this link instead due to it being from php them selves, PHP Documentation
Ok to get to the point I have a problem with the code that I have at the moment I have a simple form that runs the PHP script to check the file upload and then upload if it is correct and come up invalid if it isn't this is partially working, the file uploads but if it is a large file I get a 404 file or directory not found error but if it is a smaller file size it works any ideas.
The HTML form is
<form enctype="multipart/form-data" action="upload_file.php" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="300000000" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
and the PHP file code is
<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.
$uploaddir = './';//
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
?>
any ideas would be much appreciated or if anybody knows a better example to use.
