source code of upload.php
<html>
<head>
<title>Image Upload</title>
</head>
<body>
<strong>Image Upload</strong><br>
<br>
<?php
error_reporting (E_ALL);
$uploaddir = "/examples/upload";
if (
!file_exists($_SERVER["DOCUMENT_ROOT"].$uploaddir) ||
2 != (fileperms($_SERVER["DOCUMENT_ROOT"].$uploaddir) & 2) ||
1 != (fileperms($_SERVER["DOCUMENT_ROOT"].$uploaddir) & 1)
)
{
?>
<FONT COLOR="#FF0000">ERROR: To make this script work, a subdirectory "<b><?php echo $uploaddir; ?></b>" of your web-root directory (httpdocs) must exist, and the rights of that directory must be set to 777 (read/write and execute for everybody).</FONT><br>
<?php
}
elseif (isset($_POST['submit']))
{
echo "temporary file: <b>".$_FILES['userfile']['tmp_name']."</b><br>";
echo "original filename: <b>".$_FILES['userfile']['name']."</b><br>";
$fileext = substr($_FILES['userfile']['name'], -4);
if (strtolower($fileext) != ".jpg" and strtolower($fileext) != ".gif")
{
print "<b>For security reasons only the uploading of .jpg and .gif files is allowed.</b><br>\n";
print "<a href=\"javascript:history.back();\">Click here to go back.</a><br>";
exit;
};
$loc = $uploaddir."/".$_FILES['userfile']['name'];
$fullloc = $_SERVER["DOCUMENT_ROOT"].$loc;
$upfile = $_FILES['userfile']['tmp_name'];
echo "new location: <b>$fullloc</b><br>";
if(move_uploaded_file($upfile, $fullloc))
{
chmod($fullloc, 0644);
echo "<br>Uploaded file: <a href=\"$loc\">$loc</a><br>";
}
else
{
die("Error moving \"$upfile\" to \"$fullloc\".");
}
}
else
{
?>
<FORM ENCTYPE="multipart/form-data" METHOD=POST>
Send this image: <INPUT NAME="userfile" TYPE="file">
<INPUT NAME="submit" TYPE="submit" ID="submit" VALUE="Upload">
</FORM>
<?php
}
?>
</body>
</html>