I am developing a script in PHP for uploading files to a MySQL database. There various things that need to selected in addition to the actual file that go into the database entry. The script needs to be designed so that it checks to make sure all of the proper selections have been made, and if they are not the script returns to the upload file stat开发者_StackOverflowe with the values the user had selected still populated. I have accomplished this for the select boxes of the from using session variables, however I can not figure out how to get the actual path of the file upload input to post. I can only seem to access the file name and not the actual path from the $_FILE array. I have also tried to do the following:
echo "<input type='hidden' name='MAX_FILE_SIZE' value='8000000'>";
echo "<input type='hidden' name='remote_file_path' value=''>";
echo "<input name='userfile'type='file'
onchange='document.uploadForm.remote_file_path.value=this.value;'>";
Naturally, the form name is "uploadForm". This works, but again when access the value of $_POST['remote_file_path'], I am only receiving the file name and not the path. After some investigation it appears that this is a security feature built into Fire Fox. I am starting to think it can't be done.
Thanks in advance.
You can't populate file select text box for security reasons, just as you discovered. However, you don't really need to populate file text box to retain the uploaded files.
Every time, a file is uploaded to your server, move it to a secure location and also link it with the current session or user. Now, when you redisplay the form because user made some mistake (or wants to edit something), display the filename along side the empty file box. That way, user can see what files they have already uploaded. With some JavaScript you can give user the option to cross off the filename upon which they can fill up the file text box again and submit another file which will be processed in the server. if the file box is empty, previously submitted file would be assumed to be the valid one and processed.
You don't receive complete file path (in some browsers), and can't change an <input type=file> value (through scripting) in any of them, since those actions poses as security problems.
You don't need the hidden fields, PHP will parse the posted data for you, and present it in the $_FILES array:
http://www.php.net/manual/en/features.file-upload.post-method.php
Like many have said, you can't it is a security issue via HTTP. What happens when you upload an image from a local machine is the function fires off and creates the tmp_name to be accessed on the server.
However if you truly want this functionality you can use pure Java via an applet to get a local path. However what are you trying to do, there may be a better way of going about it rather than what you are thinking.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论