Hello, I'm new to PHP and also new to using newsgroups/mailing lists
directly. So if I make a mistake, please forgive me this once and I'll
try to do better in the future.
Please help me understand, my head is absolutely spinning and I can't
get my mind around this.
In the php.net site there is an example on uploading a file via a
form. http://www.php.net/manual/en/features.file-upload.post-method.php
This is the sample code for the form:
<form enctype="multipart/form-data" action="__URL__" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
Is MAX_FILE_SIZE passed to PHP as $MAX_FILE_SIZE?
Assuming I want to make it a variable in my PHP code, can I do this:
<?php
$MAX_FILE_SIZE = 30000;
echo <<<_END
<form enctype="multipart/form-data" action="__URL__" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
<<<_END
<?
In other words, simply omitting the "value" clause in the form field?
And can I make that value a global constant somehow so that I can
later also test the actual size of the uploaded file in another
function?
Or do I have to do this:
<?php
$MAX_UPLOAD_SIZE = 30000;
echo <<<_END
<form enctype="multipart/form-data" action="__URL__" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE"
value="$MAX_UPLOAD_SIZE"/>
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
<<<_END
<?
I'm also concerned that in the first instance, a malicious user can
modify the value and I will be hosed. Am I correct?
Thanks.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php