features/file-upload.xml
3944dc63330edde959cfd3e7d113c999cbec10ff
3944dc63330edde959cfd3e7d113c999cbec10ff
...
...
@@ -132,6 +132,15 @@
132
132
</para>
133
133
</listitem>
134
134
</varlistentry>
135
+
<varlistentry>
136
+
<term><varname>$_FILES['userfile']['full_path']</varname></term>
137
+
<listitem>
138
+
<para>
139
+
The full path as submitted by the browser. This value does not always contain a real directory structure, and cannot be trusted.
140
+
Available as of PHP 8.1.0.
141
+
</para>
142
+
</listitem>
143
+
</varlistentry>
135
144
</variablelist>
136
145
</para>
137
146
...
...
@@ -252,80 +261,11 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
252
261
during the file upload by PHP. In other words, the error might be
253
262
found in <varname>$_FILES['userfile']['error']</varname>.
254
263
</simpara>
255
-
<para>
256
-
<variablelist>
257
-
<varlistentry>
258
-
<term><constant>UPLOAD_ERR_OK</constant></term>
259
-
<listitem>
260
-
<para>
261
-
Value: 0; There is no error, the file uploaded with success.
262
-
</para>
263
-
</listitem>
264
-
</varlistentry>
265
-
<varlistentry>
266
-
<term><constant>UPLOAD_ERR_INI_SIZE</constant></term>
267
-
<listitem>
268
-
<para>
269
-
Value: 1; The uploaded file exceeds the
270
-
<link linkend="ini.upload-max-filesize">upload_max_filesize</link>
271
-
directive in &php.ini;.
272
-
</para>
273
-
</listitem>
274
-
</varlistentry>
275
-
<varlistentry>
276
-
<term><constant>UPLOAD_ERR_FORM_SIZE</constant></term>
277
-
<listitem>
278
-
<para>
279
-
Value: 2; The uploaded file exceeds the <emphasis>MAX_FILE_SIZE</emphasis>
280
-
directive that was specified in the HTML form.
281
-
</para>
282
-
</listitem>
283
-
</varlistentry>
284
-
<varlistentry>
285
-
<term><constant>UPLOAD_ERR_PARTIAL</constant></term>
286
-
<listitem>
287
-
<para>
288
-
Value: 3; The uploaded file was only partially uploaded.
289
-
</para>
290
-
</listitem>
291
-
</varlistentry>
292
-
<varlistentry>
293
-
<term><constant>UPLOAD_ERR_NO_FILE</constant></term>
294
-
<listitem>
295
-
<para>
296
-
Value: 4; No file was uploaded.
297
-
</para>
298
-
</listitem>
299
-
</varlistentry>
300
-
<varlistentry>
301
-
<term><constant>UPLOAD_ERR_NO_TMP_DIR</constant></term>
302
-
<listitem>
303
-
<para>
304
-
Value: 6; Missing a temporary folder. Introduced in PHP 5.0.3.
305
-
</para>
306
-
</listitem>
307
-
</varlistentry>
308
-
<varlistentry>
309
-
<term><constant>UPLOAD_ERR_CANT_WRITE</constant></term>
310
-
<listitem>
311
-
<para>
312
-
Value: 7; Failed to write file to disk. Introduced in PHP 5.1.0.
313
-
</para>
314
-
</listitem>
315
-
</varlistentry>
316
-
<varlistentry>
317
-
<term><constant>UPLOAD_ERR_EXTENSION</constant></term>
318
-
<listitem>
319
-
<para>
320
-
Value: 8; A PHP extension stopped the file upload. PHP does not
321
-
provide a way to ascertain which extension caused the file upload to
322
-
stop; examining the list of loaded extensions with <function>phpinfo</function> may help.
323
-
Introduced in PHP 5.2.0.
324
-
</para>
325
-
</listitem>
326
-
</varlistentry>
327
-
</variablelist>
328
-
</para>
264
+
<simpara>
265
+
The value of this error code is one of the
266
+
<constant>UPLOAD_ERR_<replaceable>*</replaceable></constant>
267
+
constants.
268
+
</simpara>
329
269
</sect1>
330
270
331
271
<sect1 xml:id="features.file-upload.common-pitfalls">
...
...
@@ -363,7 +303,7 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
363
303
<link linkend="ini.max-input-time">max_input_time</link> sets the maximum
364
304
time, in seconds, the script is allowed to receive input; this includes
365
305
file uploads. For large or multiple files, or users on slower connections,
366
-
the default of <literal>60 seconds</literal> may be exceeded.
306
+
the default of <literal>60</literal> seconds may be exceeded.
367
307
</simpara>
368
308
</warning>
369
309
<simpara>
...
...
@@ -372,7 +312,7 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
372
312
<literal>post_max_size</literal> large enough.
373
313
</simpara>
374
314
<simpara>
375
-
As of PHP 5.2.12, the
315
+
The
376
316
<link linkend="ini.max-file-uploads">max_file_uploads</link> configuration
377
317
setting controls the maximum number of files that can uploaded in one
378
318
request. If more files are uploaded than the limit, then
...
...
@@ -386,12 +326,6 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
386
326
Not validating which file you operate on may mean that users can access
387
327
sensitive information in other directories.
388
328
</simpara>
389
-
<simpara>
390
-
Please note that the <productname>CERN httpd</productname> seems to strip off everything
391
-
starting at the first whitespace in the content-type mime header
392
-
it gets from the client. As long as this is the case, <productname>CERN httpd</productname>
393
-
will not support the file upload feature.
394
-
</simpara>
395
329
<simpara>
396
330
Due to the large amount of directory listing styles we cannot guarantee
397
331
that files with exotic names (like containing spaces) are handled properly.
...
...
@@ -456,13 +390,49 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
456
390
</simpara>
457
391
<warning>
458
392
<simpara>
459
-
As of PHP 5.2.12, the
393
+
The
460
394
<link linkend="ini.max-file-uploads">max_file_uploads</link>
461
395
configuration setting acts as a limit on the number of files that can be
462
396
uploaded in one request. You will need to ensure that your form does not
463
397
try to upload more files in one request than this limit.
464
398
</simpara>
465
399
</warning>
400
+
<para>
401
+
<example>
402
+
<title>Uploading an entire directory</title>
403
+
<simpara>
404
+
In HTML file upload fields, it is possible to upload an entire directory with the <literal>webkitdirectory</literal> attribute.
405
+
This feature is supported in most modern browsers.
406
+
</simpara>
407
+
<simpara>
408
+
With the <literal>full_path</literal> information, it is possible to store the relative paths,
409
+
or reconstruct the same directory in the server.
410
+
</simpara>
411
+
<programlisting role="html">
412
+
<![CDATA[
413
+
<form action="file-upload.php" method="post" enctype="multipart/form-data">
414
+
Send this directory:<br />
415
+
<input name="userfile[]" type="file" webkitdirectory multiple />
416
+
<input type="submit" value="Send files" />
417
+
</form>
418
+
]]>
419
+
</programlisting>
420
+
</example>
421
+
422
+
<warning>
423
+
<simpara>
424
+
The <literal>webkitdirectory</literal> attribute is non-standard and is not on a standards track.
425
+
Do not use it on production sites facing the Web: it will not work for every user.
426
+
There may also be large incompatibilities between implementations and the behavior may change in the future.
427
+
</simpara>
428
+
<simpara>
429
+
PHP only parses the relative path information submitted by the browser/user-agent,
430
+
and passes that information to the <varname>$_FILES</varname> array.
431
+
There is no guarantee that the values in the <literal>full_path</literal> array contains a real directory structure,
432
+
and the PHP application must not trust this information.
433
+
</simpara>
434
+
</warning>
435
+
</para>
466
436
</sect1>
467
437
468
438
<sect1 xml:id="features.file-upload.put-method">
...
...
@@ -502,7 +472,7 @@ Script PUT /put.php
502
472
<simpara>
503
473
This tells Apache to send all PUT requests for URIs that match the
504
474
context in which you put this line to the <filename>put.php</filename> script. This
505
-
assumes, of course, that you have PHP enabled for the <filename>.php</filename>
475
+
assumes, of course, that you have PHP enabled for the <filename class="extension">.php</filename>
506
476
extension and PHP is active. The destination resource for all PUT
507
477
requests to this script has to be the script itself, not a filename the
508
478
uploaded file should have.
509
479