Im learning PHP by myself from a book called "PHP the Complete Reference - PHP5.2" Im currently at Chapter11 FTP, uploading,deleting,makedir etc but have run into a few questions not covered by the book:

According to my textbook this is a simple code to upload to a server:

$connect=ftp_connect("johnsite.com");
$result=ftp_login($connect,"john@johnsite","johnnyWalker");
if(!$result){
echo'Could not connect to Server';  
}
$result=ftp_put($connect,'myFile.php',FTP_ASCII);
echo'UPLOADING FILE......';
if($result){
    echo'File Uploaded!';
}

My Questions:

1. To which directory will this upload, how will I modify code if i want to upload to directory say public_html/images/myFile.jpg

2. In the example myFile.php is hardcoded, what if I want user to select a file to upload? Am I correct in assuming you can do something like this:

   <input type="file" name="myFile" value="upload a file" />
   <input type="submit" name="upload" />
   
   if(isset($_POST['upload'])){
       $fileName=$_POST['myFile']; //file is now assigned to var name
       $result=ftp_put($connect,$fileName,FTP_ASCII); //file linked to var name being uploaded
   }
   

3. Is this the most efficient secure way?

Thank you for reading

As @Bonner said Fabien answer is incorrect since you are looking for a script to upload files from a page on your website to the server.

First thing to remember is that ftp_put() function will always overwrite the existing files. Instead I suggest you to have a look at the PHP move_uploaded_file

Code

This is the form. Inside the action attribute we specify a file, which will handle and process all the files. You'll need to use the multipart/form-data value for the form's enctype property.

I have included comments almost everywhere for a better understanding.

<form action="upload.php" method="post" enctype="multipart/form-data">
    File: <input type="file" name="upload-file" size="30" />
    <input type="submit" name="submit" value="Upload file" />
</form>

upload.php

<?php
    // Used to determinated if the upload file is really a valid file
    $isValid = true;
    // The maximum allowed file upload size
    $maxFileSize = 1024000;
    //Allowed file extensions
    $extensions = array('gif', 'jpg', 'jpeg', 'png');

    // See if the Upload file button was pressed.
    if(isset($_POST['submit'])) {
        // See if there is a file waiting to be uploaded
        if(!empty($_FILES['upload-file']['name'])) {

            // Check for errors
            if(!$_FILES['upload-file']['error']) {
                // Renamed the file
                $renamedFile = strtolower($_FILES['upload-file']['tmp_name']);

                // Get the file extension
                $fileInfo = pathinfo($_FILES['upload-file']['name']);

                // Now vaidate it
                if (!in_array($fileInfo['extension'], $extensions)) {
                    $isValid = false;
                    echo "This file extension is not allowed";
                }

                // Validate that the file is not bigger than 1MB
                if($_FILES['upload-file']['size'] > $maxFileSize) {
                    $isValid = false;
                    echo "Your file's size is to large. The file should not be bigger than 1MB";
                }

                // If the file has passed all tests
                if($isValid)
                {
                    // Move it to where we want it to be
                    move_uploaded_file($_FILES['upload-file']['tmp_name'], 'uploads/'.$renamedFile);
                    echo 'File was successfully uploaded!';
                }
            }
            // If there is an error show it
            else {
                echo 'There was an error file trying to upload the file:  '.$_FILES['upload-file']['error'];
            }
        }
    }

1. If you want upload to directory public_html/images/

$destination_path = "public_html/images/"; 
$result=ftp_put($connect, $destination_path . 'myFile.php', FTP_ASCII);

2.

<form method="POST" action="" enctype="multipart/form-data">
    <input type="file" name="myFile">
    <input type="submit" name="submit" value="Submit">
</form>
<?php
if ($_POST['submit']) {
    $result=ftp_put($connect, $_FILES['myFile']['name'], FTP_ASCII);
}
?>

3. This is not secure and very dangerous. You have to check the extension of uploaded files.