(3.0.17 - 3.0.18 only, PHP 4 >= 4.0.3)
is_uploaded_file -- Tells whether the file was uploaded via HTTP POST.
Description
bool is_uploaded_file (string filename)
This function is available only in versions of PHP 3 after PHP 3.0.16, and in versions of
PHP 4 after 4.0.2.
Returns TRUE if the file named by filename was uploaded via HTTP
POST. This is useful to help ensure that a malicious user hasn't tried to trick the script into
working on files upon which it should not be working--for instance, /etc/passwd.
This sort of check is especially important if there is any chance that anything done with
uploaded files could reveal their contents to the user, or even to other users on the same
system.
See also move_uploaded_file(), and
the section Handling file uploads for a simple usage
example.
|
