raksa/test-upload-file.php

## test-upload-file.php
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field  -->
    <input type="hidden" name="MAX_FILE_SIZE" value="300000" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="user_file" type="file" />
    <br>
    <input type="submit" value="Send File" />
</form>
<?php
if (isset($_FILES['user_file'])) {
    echo 'error: ' . [
        0 => 'UPLOAD_ERR_OK',
        1 => 'UPLOAD_ERR_INI_SIZE',
        2 => 'UPLOAD_ERR_FORM_SIZE',
        3 => 'UPLOAD_ERR_PARTIAL',
        4 => 'UPLOAD_ERR_NO_FILE',
        6 => 'UPLOAD_ERR_NO_TMP_DIR',
        7 => 'UPLOAD_ERR_CANT_WRITE',
        8 => 'UPLOAD_ERR_EXTENSION',
    ][$_FILES['user_file']['error']];
    $uploadDir = __DIR__ . DIRECTORY_SEPARATOR . 'uploads';
    $uploadFile = $uploadDir . DIRECTORY_SEPARATOR .
    \basename($_FILES['user_file']['name']);

    print "<br><br><br>";
    echo $_FILES['user_file']['type'];
    echo '<br>';
    $valid_file_extensions = array(".jpg", ".jpeg", ".gif", ".png");
    $file_extension = \strrchr($_FILES["user_file"]["name"], ".");
    echo $file_extension;
    print "<br>";
    if (@getimagesize($_FILES["user_file"]["tmp_name"]) !== false) {
        \print_r(getimagesize($_FILES["user_file"]["tmp_name"]));
    }
    print "<br>";
    echo '<pre>';
    if (\move_uploaded_file($_FILES['user_file']['tmp_name'], $uploadFile)) {
        echo "File is valid, and was successfully uploaded.\n";
    } else {
        echo "Possible file upload attack!\n";
    }
    echo 'Here is some more debugging info:';
    \print_r($_FILES);
    print "</pre>";
}
	<!-- The data encoding type, enctype, MUST be specified as below -->
	<form enctype="multipart/form-data" method="POST">
	<!-- MAX_FILE_SIZE must precede the file input field -->
	<input type="hidden" name="MAX_FILE_SIZE" value="300000" />
	<!-- Name of input element determines name in $_FILES array -->
	Send this file: <input name="user_file" type="file" />
	<br>
	<input type="submit" value="Send File" />
	</form>
	<?php
	if (isset($_FILES['user_file'])) {
	echo 'error: ' . [
	0 => 'UPLOAD_ERR_OK',
	1 => 'UPLOAD_ERR_INI_SIZE',
	2 => 'UPLOAD_ERR_FORM_SIZE',
	3 => 'UPLOAD_ERR_PARTIAL',
	4 => 'UPLOAD_ERR_NO_FILE',
	6 => 'UPLOAD_ERR_NO_TMP_DIR',
	7 => 'UPLOAD_ERR_CANT_WRITE',
	8 => 'UPLOAD_ERR_EXTENSION',
	][$_FILES['user_file']['error']];
	$uploadDir = __DIR__ . DIRECTORY_SEPARATOR . 'uploads';
	$uploadFile = $uploadDir . DIRECTORY_SEPARATOR .
	\basename($_FILES['user_file']['name']);

	print "<br><br><br>";
	echo $_FILES['user_file']['type'];
	echo '<br>';
	$valid_file_extensions = array(".jpg", ".jpeg", ".gif", ".png");
	$file_extension = \strrchr($_FILES["user_file"]["name"], ".");
	echo $file_extension;
	print "<br>";
	if (@getimagesize($_FILES["user_file"]["tmp_name"]) !== false) {
	\print_r(getimagesize($_FILES["user_file"]["tmp_name"]));
	}
	print "<br>";
	echo '<pre>';
	if (\move_uploaded_file($_FILES['user_file']['tmp_name'], $uploadFile)) {
	echo "File is valid, and was successfully uploaded.\n";
	} else {
	echo "Possible file upload attack!\n";
	}
	echo 'Here is some more debugging info:';
	\print_r($_FILES);
	print "</pre>";
	}