Syntax:

bool is_uploaded_file (string filename)

This function is available only in versions of PHP 3 after PHP 3.0.16, and in versions of PHP 4 after
4.0.2.
Returns TRUE if the file named by filename was uploaded via HTTP POST. This is useful to help
ensure that a malicious user hasn’t tried to trick the script into working on files upon which it should not
be working--for instance, /etc/passwd.
This sort of check is especially important if there is any chance that anything done with uploaded files
could reveal their contents to the user, or even to other users on the same system.


I read this in PHP manuals. first of all, I can check if a file is uploaded via the POST method by checking all
the $_FILES array for files whose names match my desired file, like


if ( isset($_FILES['aFile']['name']) )
do something...


So, if this is_uploaded_file function/directive/whatever! is for security reasons, then how can I be for example
that malicious user and enter a wrong name while the scripter could check my file name by the $_FILES
super global array? assuming that is_uploaded_file doesn't exist at all!

/me is confused. Huh?

/me is confused. Huh?


What's that "/me" standing for?!

in Irc, /me is always replaced by your name. so if I say "/me is bored" it says "spybreak is bored"

Thanx!