#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    2
    Rep Power
    0

    File Upload - Parsing Original Path


    In a table, I need to record the original fully qualified path of a file identified for upload. We are not going to do any uploads but merely record the path.

    I've been through variations of the $_FILE array with no success. We're using the $_POST method from a previous page.

    TIA,

    DataZZMan
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Jul 2003
    Posts
    3,453
    Rep Power
    594
    What do you mean by original path? The path specified in the browser or the path in $_FILE? The latter is just a temporary location until you move it. The former does not make much sense to me but if that is what you want and you are not uploading the file then just make it a text field in your form.
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  4. #3
  5. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    you mean the client's local file path like "C:\..."? No sane browser reveals that, because it would obviously cause massive security and privacy issues. The best you get is "C:\fakepath\<file name>", which is actually in the HTML5 standard.

    May I ask what you need that for? No offense, but this sounds pretty dubious.

    If you have a limited group of users, however, you can ask them to add you to the trusted sites. In this case it's in fact possible to get the local file path.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  6. #4
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    2
    Rep Power
    0
    We're hoping to use it within the confines of a corporate InfraNet. We have a request system with a file attachment field. We prefer not loading the actual file to the web server but rather identify the original location of the file.

    There is no malice intended but I can see where it could be misused.

    Thanks,

    DataZZMan
  8. #5
  9. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    In that case, the trusted sites should be an option.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".

IMN logo majestic logo threadwatch logo seochat tools logo