Reputation: 18511
Read uploaded file into variable instead saving it
I want to be able to read an uploaded file, but I don't want the file to be saved on the server because of security concerns... Is it possible just to directly read a file into a variable?
If not, how does the Temp file thing work, how secure is it to save a temp file on the server, and when is it deleted?
Upvotes: 0
Views: 99
Answers (2)
Reputation: 9347
So far as I'm aware it has to be stored somewhere in order to interact with it, but it's deleted as soon as your script finishes executing. See PHP: When does the temporary uploaded files get deleted?
Upvotes: 0
Reputation: 9540
You're going to have to save the upload to a file, otherwise any large file will cause an error because it'll overload available memory pretty easily.
Temp is VERY insecure, generally anybody on the system can read/write/delete your temp file.
The best way to go about this is just do a normal file upload, and in your submission script either read the file and process it or move it to a more permanent location. You can now issue a delete command to the tmp copy.
Since you may not have delete permission and/or the file could be auto deleted, it's best to issue the command this way (the @ symbol suppresses any errors, because you don't really care if the file is already deleted or what not, this is a "just in case" scenario)
@unlink($filename);
Upvotes: 2
Related Questions
- Read a .php file using php
- PHP Upload file from Image variable
- Variable storing incorrect data
- Reading file contents into a var and adding value from form to it
- Read file and store into a variable
- Retain file value in <input type="file">
- Get the contents of an uploaded file without storing it
- PHP storing file name from HTML for and saving to variable
- form post wipes out a file-scoped variable
- PHP, accept an uploaded file and then store its contents into a variable?