PHP file upload (via Curl on the command line)

Question

I'm having a nightmare using PHP to upload files to my server, however when using this simple HTML form, it appears to work:

<html><body>
<form enctype="multipart/form-data" action="uploads.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Upload File" />
</form>

The PHP is then:

<?php
$target_path = "uploads/";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ".  basename( $_FILES['uploadedfile']['name']). 
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
?>

Is there any possible way to send a file via this technique using curl from the command line or a shell script? i.e something along the lines of:

curl -f "@/path/to/my/file;type=text/html" http://mywebserver.com/uploads.php

That particular line gives me: "curl: (22) Failed to connect to ::1: Permission denied" although there is no password on the site etc. I assume this is possible, but I'm getting the syntax wrong?

Answer 1

I think you want the argument to be a capital F (for Form). Lowercase f is for fail, and returns error code 22. Seriously, it's in the manual!

-f, --fail

(HTTP) Fail silently (no output at all) on server errors. This is mostly done to better enable scripts etc to better deal with failed attempts. In normal cases when an HTTP server fails to deliver a document, it returns an HTML document stating so (which often also describes why and more). This flag will prevent curl from outputting that and return error 22.

This method is not fail-safe and there are occasions where non-successful response codes will slip through, especially when authentication is involved (response codes 401 and 407).

-F, --form

(HTTP) This lets curl emulate a filled-in form in which a user has pressed the submit button. This causes curl to POST data using the Content-Type multipart/form-data according to RFC 2388. This enables uploading of binary files etc. To force the 'content' part to be a file, prefix the file name with an @ sign. To just get the content part from a file, prefix the file name with the symbol <. The difference between @ and < is then that @ makes a file get attached in the post as a file upload, while the < makes a text field and just get the contents for that text field from a file.

Also, you've not named your file variable. I think you want:

curl -F "uploadedfile=@/path/to/my/file" http://mywebserver.com/uploads.php