English | 简体中文 | 繁體中文 | Русский язык | Français | Español | Português | Deutsch | 日本語 | 한국어 | Italiano | بالعربية
PHP Filesystem Reference Manual
The is_uploaded_file() function can check whether the specified file is uploaded via HTTP POST. If the file is uploaded via HTTP POST, this function can return true.
bool is_uploaded_file ( string $filename )
If the file specified by filename is uploaded via HTTP POST, it returns TRUE. This can be used to ensure that malicious users cannot trick the script into accessing files that cannot be accessed, such as /etc/passwd.
This check is particularly important if there is a possibility that the uploaded file may cause the content to be displayed to the user or other users of the system.
To ensure that the is_uploaded_file() function works properly, it is necessary to specify a variable similar to $_FILES['userfile']['tmp_name'], and the filename $_FILES['userfile']['name'] from the uploaded file from the client does not work properly.
<?php
$file = "/PhpProject/simple.txt
if(is_uploaded_file($file)) {
echo("$file is uploaded via HTTP POST");
} else {
echo("$file is not uploaded via HTTP POST");
}
?>Output Results
/PhpProject/simple.txt is not uploaded via HTTP POST