move_uploaded_file
Эта функция проверяет, является ли файл filename загруженным на сервер (переданным по протоколу HTTP POST). Если файл действительно загружен на сервер, он будет перемещён в место, указанное в аргументе destination .
Такая проверка особенно важна в том случае, если существует шанс того, что какие-либо действия, производимые над загруженным файлом, могут открыть его содержимое пользователю или даже другим пользователям системы.
Список параметров
Путь к загруженному файлу.
Назначение перемещаемого файла.
Возвращаемые значения
В случае успеха возвращает TRUE .
Если filename не является загруженным файлом, никаких действий не предпринимается и move_uploaded_file() возвращает FALSE .
Если filename является загруженным файлом, но не может быть перемещён по каким-либо причинам, никаких действий не предпринимается и move_uploaded_file() возвращает FALSE . Кроме того, отображается предупреждение.
Примеры
Пример #1 Загрузка нескольких файлов
$uploads_dir = ‘/uploads’ ;
foreach ( $_FILES [ «pictures» ][ «error» ] as $key => $error ) if ( $error == UPLOAD_ERR_OK ) $tmp_name = $_FILES [ «pictures» ][ «tmp_name» ][ $key ];
$name = $_FILES [ «pictures» ][ «name» ][ $key ];
move_uploaded_file ( $tmp_name , » $uploads_dir / $name » );
>
>
?>?php
Примечания
Замечание:
Функция move_uploaded_file() принимает во внимание как безопасный режим, так и open_basedir. Тем не менее, ограничения накладываются лишь на параметр destination , чтобы разрешить перемещение загруженных файлов, так как параметр filename может конфликтовать с этими ограничениями. move_uploaded_file() гарантирует безопасность этой операции, работая лишь с теми файлами, которые были загружены через PHP.
Если результирующий файл уже существует, он будет перезаписан.
Смотрите также
- is_uploaded_file() — Определяет, был ли файл загружен при помощи HTTP POST
- rename() — Переименовывает файл или директорию
- Простой пример использования этой функции можно найти в разделе «Загрузка файлов на сервер»
How to move a file in Linux
Whether you’re new to moving files in Linux or experienced, you’ll learn something in this in-depth writeup.
Moving files in Linux can seem relatively straightforward, but there are more options available than most realize. This article teaches beginners how to move files in the GUI and on the command line, but also explains what’s actually happening under the hood, and addresses command line options that many experience users have rarely explored.
Moving what?
Before delving into moving files, it’s worth taking a closer look at what actually happens when moving file system objects. When a file is created, it is assigned to an inode, which is a fixed point in a file system that’s used for data storage. You can find what inode maps to a file with the ls command:
$ ls --inode example.txt 7344977 example.txt
When you move a file, you don’t actually move the data from one inode to another, you only assign the file object a new name or file path. In fact, a file retains its permissions when it’s moved, because moving a file doesn’t change or re-create it.
File and directory inodes never imply inheritance and are dictated by the filesystem itself. Inode assignment is sequential based on when the file was created and is entirely independent of how you organize your computer. A file «inside» a directory may have a lower inode number than its parent directory, or a higher one. For example:
$ mkdir foo $ mv example.txt foo $ ls --inode 7476865 foo $ ls --inode foo 7344977 example.txt
When moving a file from one hard drive to another, however, the inode is very likely to change. This happens because the new data has to be written onto a new filesystem. For this reason, in Linux the act of moving and renaming files is literally the same action. Whether you move a file to another directory or to the same directory with a new name, both actions are performed by the same underlying program.
This article focuses on moving files from one directory to another.
Moving with a mouse
The GUI is a friendly and, to most people, familiar layer of abstraction on top of a complex collection of binary data. It’s also the first and most intuitive way to move files on Linux. If you’re used to the desktop experience, in a generic sense, then you probably already know how to move files around your hard drive. In the GNOME desktop, for instance, the default action when dragging and dropping a file from one window to another is to move the file rather than to copy it, so it’s probably one of the most intuitive actions on the desktop:
The Dolphin file manager in the KDE Plasma desktop defaults to prompting the user for an action. Holding the Shift key while dragging a file forces a move action:
Move_uploaded_file() function is not working
I’m working on a website and I want the user to be able to upload files. So I’m trying to learn how to do that. I researched and it said that I had to use the function move_uploaded_file(). I wrote the code just like it was on the example (changing the data), but it wouldn’t work. Please help me, I’m new at these. Here’s what I’ve done so far:
«; echo $_FILES[«file»][‘tmp_name’].»
«; echo $_FILES[«file»][‘size’].»
«; echo $_FILES[‘file’][‘error’].»
«; move_uploaded_file($_FILES[‘file’][‘name’], $move); ?>
The solution everybody is posting on the manual, did you check there? php.net/manual/en/function.move-uploaded-file.php
I found the error ($move = «/Users/George/Desktop/uploads/»_.$_FILENAME[‘file’][‘name’]_;). It works now. Thankyou!
18 Answers 18
- Enable PHP error reporting in order to see the error message from move_uploaded_file() that explains the problem.
- Check the $_FILES[‘image’][‘error’] variable.
In your case it’s a wrong filename. The file will be stored in a temporary location, so use tmp_name instead of name :
move_uploaded_file($_FILES['image']['tmp_name'], __DIR__.'/../../uploads/'. $_FILES["image"]['name']); // echo "Uploaded";
You should also check for return value of the function. What about directory permissions for your destination?
Don’t use the given file name directly to store the upload files onto your file system. At least sanitize it.
Just to add to the comment by @Ja͢ck, you should also pass the name though basename(), as while PHP protects you at the moment, it’s done for compatibility with Internet Explorer. In the future, if that was to be removed, then Evil Hacker ™ could do curl -F ‘file=@example.php;filename=../../../example.php’ https://example.com/upload/
@CraigFrancis Removing the basename operation from the engine would violate RFC 7578, so I’ve updated that portion of the code to enforce this idea. Additionally, there’s an engine test on it to ensure that it won’t be arbitrarily removed from the engine.
Try using copy() function instead of move_uploaded_file() . It worked for me.
copy($_FILES['file']['tmp_name'], $path);
you will have a tmp folder full of unused files. if you are uploading multiple and big files you will be in trouble
This is a working example.
"; if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) < echo "File is valid, and was successfully uploaded.\n"; >else < echo "Upload failed"; >echo ""; echo '
'; echo 'Here is some more debugging info:'; print_r($_FILES); print ""; ?>
$move = "/Users/George/Desktop/uploads/".$_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], $move);
Check if the uploads dir is writeable
Return Values
Returns TRUE on success.
If filename is not a valid upload file, then no action will occur, and move_uploaded_file() will return FALSE.
If filename is a valid upload file, but cannot be moved for some reason, no action will occur, and move_uploaded_file() will return FALSE. Additionally, a warning will be issued.
Look at return value of the function.
maybe you need to grant more permissions to your files.
suppose your code are under /var/www/my_project
try chmod -R 777 /var/www/my_project
I strongly suggest you be aware of the security risks here. If you really need to do this, add php to the group that owns that folder and use 664 rather than 777
I’m doing testing on my local machine and changing the permissions of the upload folder was the fix that solved our teams issues for testing locally. Running sudo chmod 777 ./
allows for writing permissions from any user. This answer is late but it might help someone like it helped me
Just ensure you have given the user permission for the destination file
sudo chown -R www-data:www-data /Users/George/Desktop/uploads/
$ImageName = $_FILES['file']['name']; $fileElementName = 'file'; $path = 'Users/George/Desktop/uploads/'; $location = $path . $_FILES['file']['name']; move_uploaded_file($_FILES['file']['tmp_name'], $location);
You are not refering to the temporary location where the file is saved.
Use tmp_name to access the file.
You can always see what’s getting posted using :
If you see this files array you will have an better understanding and idea of what’s going on.
@Lewistrick it means that you might have forgot to mention the enctype attribute of form. Refer to this question : stackoverflow.com/questions/3586919/…
move_uploaded_file($_FILES['file']['tmp_name'], $move);
And you cannot move it anywhere in your system .youcan move it in only in your project directory which must be in htdocs or www depends on what you are using wampp ,lampp or vertrgo.
If you are on a windows machine, there won’t be any problems with uploading or writing to the specified folder path, except the syntactical errors.
But in case of Linux users, there is a workaround to this problem, even if there are no syntactical errors visible.
First of all, I am assuming that you are using this in a Linux environment and you need to upload something to your project folder in the public directory.
Even if you are having the write and read access to the project folder, PHP is not handled by the end user. It is and can be handled by a www-data user, or group.
So in order to make this www-data get access first type in;
sudo chgrp "www-data" your_project_folder
once its done, if there is no write access to the following as well;
sudo chown g+w your_project_folder
That will do the trick in Linux.
Please, not that this is done in a Linux environment, with phpmyadmin, and mysql running.