<form action="" method="post" enctype="multipart/form-data">
Select file to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="password" name="filepassword" id="filepassword">
<input type="submit" value="Upload File" name="submit">
</form>
PHP:
if(isset($_POST["submit"])) {
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$valueOne =trim($_POST["filepassword"]);
if($valueOne != "1212"){
move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file);
echo "file uploaded successfully !";
}
else{
echo "file is not entered !";
}
}
No matter what the code inside the if(check) statement, file get uploaded. Even if the password is not correct, or even the file has not been uploaded.
Aucun commentaire:
Enregistrer un commentaire