is_uploaded_file
(PHP 4 >= 4.0.3, PHP 5)
is_uploaded_file — Tells whether the file was uploaded via HTTP POST
Description
bool is_uploaded_file
( string $filename
)
This sort of check is especially important if there is any chance
that anything done with uploaded files could reveal their
contents to the user, or even to other users on the same
system.
For proper working, the function is_uploaded_file() needs
an argument like $_FILES['userfile']['tmp_name'], - the name of the uploaded
file on the clients machine $_FILES['userfile']['name'] does not work.
Parameters
-
filename
-
The filename being checked.
Return Values
Returns TRUE on success or FALSE on failure.
Examples
Example #1 is_uploaded_file() example
<?php
if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
echo "File ". $_FILES['userfile']['name'] ." uploaded successfully.\n";
echo "Displaying contents\n";
readfile($_FILES['userfile']['tmp_name']);
} else {
echo "Possible file upload attack: ";
echo "filename '". $_FILES['userfile']['tmp_name'] . "'.";
}
?>