Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Mikko Koppanen's Blog:
Fake uploading files
Mar 06, 2009 @ 14:44:39

Mikko Koppanen has posted about an extension he's written up that has only one real purpose - to help with unit testing a script with a file upload involved (making a "fake upload" possible).

The extension is doing things that shouldn't be done, it probably doesn't even run anywhere else than on CLI, it is insecure, it might behave incorrectly but in this scenario it worked fine so I decided to share it.

This "use at your own risk" extension gives you a new function to use instead of the normal move_uploaded_file, appropriately named "fakeupload_file". It creates the fake file so that even calls to is_uploaded_file will see it as if it was correctly on the file system. An unlink is all that's needed to remove the "file".

tagged: fake file upload extension insecure fakeuploadfile isuploadedfile

Link:


Trending Topics: