features/file-upload.xml
fc174e8d6162091550edde46159917ee7e5a2e73
...
...
@@ -132,6 +132,15 @@
132
132
</para>
133
133
</listitem>
134
134
</varlistentry>
135
+
<varlistentry>
136
+
<term><varname>$_FILES['userfile']['full_path']</varname></term>
137
+
<listitem>
138
+
<para>
139
+
The full path as submitted by the browser. This value does not always contain a real directory structure, and cannot be trusted.
140
+
Available as of PHP 8.1.0.
141
+
</para>
142
+
</listitem>
143
+
</varlistentry>
135
144
</variablelist>
136
145
</para>
137
146

...
...
@@ -301,7 +310,7 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
301
310
<term><constant>UPLOAD_ERR_NO_TMP_DIR</constant></term>
302
311
<listitem>
303
312
<para>
304
-
Value: 6; Missing a temporary folder. Introduced in PHP 5.0.3.
313
+
Value: 6; Missing a temporary folder.
305
314
</para>
306
315
</listitem>
307
316
</varlistentry>
...
...
@@ -309,7 +318,7 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
309
318
<term><constant>UPLOAD_ERR_CANT_WRITE</constant></term>
310
319
<listitem>
311
320
<para>
312
-
Value: 7; Failed to write file to disk. Introduced in PHP 5.1.0.
321
+
Value: 7; Failed to write file to disk.
313
322
</para>
314
323
</listitem>
315
324
</varlistentry>
...
...
@@ -320,7 +329,6 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
320
329
Value: 8; A PHP extension stopped the file upload. PHP does not
321
330
provide a way to ascertain which extension caused the file upload to
322
331
stop; examining the list of loaded extensions with <function>phpinfo</function> may help.
323
-
Introduced in PHP 5.2.0.
324
332
</para>
325
333
</listitem>
326
334
</varlistentry>
...
...
@@ -363,7 +371,7 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
363
371
<link linkend="ini.max-input-time">max_input_time</link> sets the maximum
364
372
time, in seconds, the script is allowed to receive input; this includes
365
373
file uploads. For large or multiple files, or users on slower connections,
366
-
the default of <literal>60 seconds</literal> may be exceeded.
374
+
the default of <literal>60</literal> seconds may be exceeded.
367
375
</simpara>
368
376
</warning>
369
377
<simpara>
...
...
@@ -372,7 +380,7 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
372
380
<literal>post_max_size</literal> large enough.
373
381
</simpara>
374
382
<simpara>
375
-
As of PHP 5.2.12, the
383
+
The
376
384
<link linkend="ini.max-file-uploads">max_file_uploads</link> configuration
377
385
setting controls the maximum number of files that can uploaded in one
378
386
request. If more files are uploaded than the limit, then
...
...
@@ -387,12 +395,6 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
387
395
sensitive information in other directories.
388
396
</simpara>
389
397
<simpara>
390
-
Please note that the <productname>CERN httpd</productname> seems to strip off everything
391
-
starting at the first whitespace in the content-type mime header
392
-
it gets from the client. As long as this is the case, <productname>CERN httpd</productname>
393
-
will not support the file upload feature.
394
-
</simpara>
395
-
<simpara>
396
398
Due to the large amount of directory listing styles we cannot guarantee
397
399
that files with exotic names (like containing spaces) are handled properly.
398
400
</simpara>
...
...
@@ -456,13 +458,49 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {
456
458
</simpara>
457
459
<warning>
458
460
<simpara>
459
-
As of PHP 5.2.12, the
461
+
The
460
462
<link linkend="ini.max-file-uploads">max_file_uploads</link>
461
463
configuration setting acts as a limit on the number of files that can be
462
464
uploaded in one request. You will need to ensure that your form does not
463
465
try to upload more files in one request than this limit.
464
466
</simpara>
465
467
</warning>
468
+
<para>
469
+
<example>
470
+
<title>Uploading an entire directory</title>
471
+
<simpara>
472
+
In HTML file upload fields, it is possible to upload an entire directory with the <literal>webkitdirectory</literal> attribute.
473
+
This feature is supported in most modern browsers.
474
+
</simpara>
475
+
<simpara>
476
+
With the <literal>full_path</literal> information, it is possible to store the relative paths,
477
+
or reconstruct the same directory in the server.
478
+
</simpara>
479
+
<programlisting role="html">
480
+
<![CDATA[
481
+
<form action="file-upload.php" method="post" enctype="multipart/form-data">
482
+
Send this directory:<br />
483
+
<input name="userfile[]" type="file" webkitdirectory multiple />
484
+
<input type="submit" value="Send files" />
485
+
</form>
486
+
]]>
487
+
</programlisting>
488
+
</example>
489
+

490
+
<warning>
491
+
<simpara>
492
+
The <literal>webkitdirectory</literal> attribute is non-standard and is not on a standards track.
493
+
Do not use it on production sites facing the Web: it will not work for every user.
494
+
There may also be large incompatibilities between implementations and the behavior may change in the future.
495
+
</simpara>
496
+
<simpara>
497
+
PHP only parses the relative path information submitted by the browser/user-agent,
498
+
and passes that information to the <varname>$_FILES</varname> array.
499
+
There is no guarantee that the values in the <literal>full_path</literal> array contains a real directory structure,
500
+
and the PHP application must not trust this information.
501
+
</simpara>
502
+
</warning>
503
+
</para>
466
504
</sect1>
467
505

468
506
<sect1 xml:id="features.file-upload.put-method">
469
507