CodingForums.com - View Single Post

Fou-Lu · 10-08-2012, 07:20 PM

Uh, what?
If you upload, you get the path from the $_FILES superglobal. It is explicit in a chosen temp directory and the filename will be some randomness. You cannot access a remote filesystem.

The problem here is the use of \. \ followed by another character may be a command which is interpreted in double quotations. Escape the slash with a \ or convert them to front slashes.

The rest of the errors are because you didn't implement any type of error controlling. You simply assume that the resource is valid and opened successfully instead of checking that it did. Resource handles will return false if they fail, or a resource if they are successful. Block them in branches to verify if they are successful.

10-08-2012, 07:20 PM	PM User \| #4
Fou-Lu God Emperor Join Date: Sep 2002 Location: Saskatoon, Saskatchewan Posts: 15,650 Thanks: 4 Thanked 2,451 Times in 2,420 Posts	Uh, what? If you upload, you get the path from the $_FILES superglobal. It is explicit in a chosen temp directory and the filename will be some randomness. You cannot access a remote filesystem. The problem here is the use of \. \ followed by another character may be a command which is interpreted in double quotations. Escape the slash with a \ or convert them to front slashes. The rest of the errors are because you didn't implement any type of error controlling. You simply assume that the resource is valid and opened successfully instead of checking that it did. Resource handles will return false if they fail, or a resource if they are successful. Block them in branches to verify if they are successful.