------=_NextPart_000_002D_01C894FC.375A66C0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hello

I have the next code:



-- archive_a_subir.php --

<form action=3D"archivo_subir.php" method=3D"post"
enctype=3D"multipart/form-data">

<input type=3D"file" name=3D"file">

<input type=3D"submit" value=3D"ADJUNTAR ARCHIVO">

</form>



In archive_subir.php:



<?

$carpeta =3D "subidos"; // nombre de la carpeta ya creada. =
chmool 777
(todos los permisos)

copy($_FILES['file']['tmp_name'] , $carpeta . '/' . $_FILE
['file']['name']);

?>



You can see this in http://www.portbora.com.ar/foro/archivo_a_subir.php,
when I run these appears the next warning



Warning: copy(subidos/) [ =
<http://www.portbora.com.ar/foro/function.copy>
function.copy]: failed to open stream: Is a directory in
/home/pu000561/public_html/foro/archivo_subir.php on line 3



Why this? How can I run correctly?

Thanks.



+ =
_
// Emiliano Boragina _

// Dise=F1o & Comunicaci=F3n //////////////////
+ =
_

// emiliano.boragina [at] gmail.com /
// 15 40 58 60 02 ///////////////////////////
+ =
_




------=_NextPart_000_002D_01C894FC.375A66C0--

> $carpeta = "subidos"; // nombre de la carpeta ya creada. chmool 777
> (todos los permisos)
>
> copy($_FILES['file']['tmp_name'] , $carpeta . '/' . $_FILE
> ['file']['name']);

It's $_FILES not $_FILE (an 's' on the end).

It's always worth using error_reporting(E_ALL) and
ini_set('display_errors', true) when doing development, this would have
triggered a notice or warning (can't remember which).

--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

I suppose I am behind the time in migrating from php4 to 5. That said,
my main problem is getting variables recognised. I can see how to do it
- you need to identify all the variables that could be sent from the
page and then assign a name, as in $myvar=$_GET['myvar'] and ditto for
POST variables if any. Is there a function to convert all get and post
variables to $_GET and $_POST, or is that a security concern? The
further I have got is this:

function php5($var) {
if(ISSET($_POST[$var])&&$_POST[$var]<>"") {
$newvar=$_POST[$var];
} else {
$newvar=$_GET[$var];
}
return $newvar;
}

$input_variable=php5('input_variable');

however I would like to do this for all variable, I tried iterating
through the $_GET and $_POST arrays but could not get it to work.

Anyway the main reason I am writing is:

- where the web page form uses the POST method, but there are parameters
in the URL after the ? sign, these 'get' parameters seem to stay there
when you submit the form from eg <input type=submit> button. So, let's
say the script will add a line if addlines=y, if before you submit the
form you have ?addline=y in the URL you will continue to add lines
according to the script even though there is no hidden variable on the
page called 'addline', because every time you submit the form with POST
you have addline=y in the URL - if the script looks at GET variables
then this will feed into the script. This does not seem to happen with
php4 - if the page does not submit an 'addline' variable from a form
field, it will not feed into the script. So what's the rationale for
that (the URL submitting the variables) and what is the usual solution?
The problem arises on this particular page because of a mix of buttons,
some are javascript and send the addline=y with onClick.

John


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

------=_Part_4050_19097177.1207263946997
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Sounds like you're talking about the register_globals functionality. It's a
php.ini setting that will cause $_POST['foo'] or $_GET['foo'] to be copied
to the global variable $foo. This is somewhat of a security risk, thus
disabled by default.

There's another superglobal array that you might find useful: $_REQUEST.
$_REQUEST consists of variables from $_GET,$_POST,$_COOKIE (in that order, I
believe).

http://us3.php.net/manual/en/reserved.variables.php

http://us3.php.net/manual/en/ini.core.php#ini.register-globa ls

--GREG

(note:I also posted this to the php-general list as it isn't a db-related
topic.)

------=_Part_4050_19097177.1207263946997--

------=_Part_4046_20997481.1207263846990
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Sounds like you're talking about the register_globals functionality. It's a
php.ini setting that will cause $_POST['foo'] or $_GET['foo'] to be copied
to the global variable $foo. This is somewhat of a security risk, thus
disabled by default.

There's another superglobal array that you might find useful: $_REQUEST.
$_REQUEST consists of variables from $_GET,$_POST,$_COOKIE (in that order, I
believe).

http://us3.php.net/manual/en/reserved.variables.php

http://us3.php.net/manual/en/ini.core.php#ini.register-globa ls

--GREG

On Thu, Apr 3, 2008 at 6:40 PM, ioannes <ioannes [at] btinternet.com> wrote:

> I suppose I am behind the time in migrating from php4 to 5. That said, my
> main problem is getting variables recognised. I can see how to do it - you
> need to identify all the variables that could be sent from the page and then
> assign a name, as in $myvar=$_GET['myvar'] and ditto for POST variables if
> any. Is there a function to convert all get and post variables to $_GET and
> $_POST, or is that a security concern? The further I have got is this:
>
> function php5($var) {
> if(ISSET($_POST[$var])&&$_POST[$var]<>"") {
> $newvar=$_POST[$var];
> } else {
> $newvar=$_GET[$var];
> }
> return $newvar;
> }
>
> $input_variable=php5('input_variable');
>
> however I would like to do this for all variable, I tried iterating
> through the $_GET and $_POST arrays but could not get it to work.
>
> Anyway the main reason I am writing is:
>
> - where the web page form uses the POST method, but there are parameters
> in the URL after the ? sign, these 'get' parameters seem to stay there when
> you submit the form from eg <input type=submit> button. So, let's say the
> script will add a line if addlines=y, if before you submit the form you have
> ?addline=y in the URL you will continue to add lines according to the script
> even though there is no hidden variable on the page called 'addline',
> because every time you submit the form with POST you have addline=y in the
> URL - if the script looks at GET variables then this will feed into the
> script. This does not seem to happen with php4 - if the page does not
> submit an 'addline' variable from a form field, it will not feed into the
> script. So what's the rationale for that (the URL submitting the variables)
> and what is the usual solution? The problem arises on this particular page
> because of a mix of buttons, some are javascript and send the addline=y with
> onClick.
>
> John
>
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

------=_Part_4046_20997481.1207263846990--

Greg Bowser wrote:
> Sounds like you're talking about the register_globals functionality. It's a
> php.ini setting that will cause $_POST['foo'] or $_GET['foo'] to be copied
> to the global variable $foo. This is somewhat of a security risk, thus
> disabled by default.
>
> There's another superglobal array that you might find useful: $_REQUEST.
> $_REQUEST consists of variables from $_GET,$_POST,$_COOKIE (in that order, I
> believe).

Here is a snippet from my php.ini file

; This directive describes the order in which PHP registers GET, POST, Cookie,
; Environment and Built-in variables (G, P, C, E & S respectively, often
; referred to as EGPCS or GPC). Registration is done from left to right, newer
; values override older values.
variables_order = "GPCS"

Get -> Post -> Cookie -> Session

With the latter overwriting the previous.

>
> http://us3.php.net/manual/en/reserved.variables.php
>
> http://us3.php.net/manual/en/ini.core.php#ini.register-globa ls
>
> --GREG
>
> On Thu, Apr 3, 2008 at 6:40 PM, ioannes <ioannes [at] btinternet.com> wrote:
>
>> I suppose I am behind the time in migrating from php4 to 5. That said, my
>> main problem is getting variables recognised. I can see how to do it - you
>> need to identify all the variables that could be sent from the page and then
>> assign a name, as in $myvar=$_GET['myvar'] and ditto for POST variables if
>> any. Is there a function to convert all get and post variables to $_GET and
>> $_POST, or is that a security concern? The further I have got is this:
>>
>> function php5($var) {
>> if(ISSET($_POST[$var])&&$_POST[$var]<>"") {
>> $newvar=$_POST[$var];
>> } else {
>> $newvar=$_GET[$var];
>> }
>> return $newvar;
>> }
>>
>> $input_variable=php5('input_variable');
>>
>> however I would like to do this for all variable, I tried iterating
>> through the $_GET and $_POST arrays but could not get it to work.
>>
>> Anyway the main reason I am writing is:
>>
>> - where the web page form uses the POST method, but there are parameters
>> in the URL after the ? sign, these 'get' parameters seem to stay there when
>> you submit the form from eg <input type=submit> button. So, let's say the
>> script will add a line if addlines=y, if before you submit the form you have
>> ?addline=y in the URL you will continue to add lines according to the script
>> even though there is no hidden variable on the page called 'addline',
>> because every time you submit the form with POST you have addline=y in the
>> URL - if the script looks at GET variables then this will feed into the
>> script. This does not seem to happen with php4 - if the page does not
>> submit an 'addline' variable from a form field, it will not feed into the
>> script. So what's the rationale for that (the URL submitting the variables)
>> and what is the usual solution? The problem arises on this particular page
>> because of a mix of buttons, some are javascript and send the addline=y with
>> onClick.
>>
>> John
>>
>>
>> --
>> PHP Database Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>


--
Jim Lucas

"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
by William Shakespeare


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

------=_Part_9887_30708037.1207328626447
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Hi,

try this,

$carpeta =3D $_SERVER['DOCUMENT_ROOT']."/subidos"; // nombre de la carpeta =
ya
creada. chmool 777 (todos los permisos)
copy($_FILES['file']['tmp_name'] , $carpeta . $_FILE['file']['name']);

Regards,
Tacio Vilela


2008/4/2 Chris <dmagick [at] gmail.com>:

>
> $carpeta =3D "subidos"; // nombre de la carpeta ya creada. chmoo=
l
> > 777
> > (todos los permisos)
> >
> > copy($_FILES['file']['tmp_name'] , $carpeta . '/' . $_FILE
> > ['file']['name']);
> >
>
> It's $_FILES not $_FILE (an 's' on the end).
>
> It's always worth using error_reporting(E_ALL) and
> ini_set('display_errors', true) when doing development, this would have
> triggered a notice or warning (can't remember which).
>
> --
> Postgresql & php tutorials
> http://www.designmagick.com/
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


--
/*******************************************
*** ***
*** T=E1cio Vilela ***
*** MSN: taciovilela [at] hotmail.com ***
*** SKYPE: taciovilela ***
*** ***
*******************************************/

------=_Part_9887_30708037.1207328626447--