update : 2015.11.03
php.shukuma.com

검색:
 
 
Tells whether the file was uploaded via HTTP POST

is_uploaded_file

(PHP 4 >= 4.0.3, PHP 5, PHP 7)

is_uploaded_fileTells whether the file was uploaded via HTTP POST

설명

bool is_uploaded_file ( string $filename )

Returns TRUE if the file named by filename was uploaded via HTTP POST. This is useful to help ensure that a malicious user hasn't tried to trick the script into working on files upon which it should not be working--for instance, /etc/passwd.

This sort of check is especially important if there is any chance that anything done with uploaded files could reveal their contents to the user, or even to other users on the same system.

For proper working, the function is_uploaded_file() needs an argument like $_FILES['userfile']['tmp_name'], - the name of the uploaded file on the client's machine $_FILES['userfile']['name'] does not work.

인수

filename

The filename being checked.

반환값

성공 시 TRUE를, 실패 시 FALSE를 반환합니다.

예제

Example #1 is_uploaded_file() example

<?php

if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
   echo 
"File "$_FILES['userfile']['name'] ." uploaded successfully.\n";
   echo 
"Displaying contents\n";
   
readfile($_FILES['userfile']['tmp_name']);
} else {
   echo 
"Possible file upload attack: ";
   echo 
"filename '"$_FILES['userfile']['tmp_name'] . "'.";
}

?>

참고