News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Mikko Koppanen's Blog:
Fake uploading files
March 06, 2009 @ 08:44:39

Mikko Koppanen has posted about an extension he's written up that has only one real purpose - to help with unit testing a script with a file upload involved (making a "fake upload" possible).

The extension is doing things that shouldn't be done, it probably doesn't even run anywhere else than on CLI, it is insecure, it might behave incorrectly but in this scenario it worked fine so I decided to share it.

This "use at your own risk" extension gives you a new function to use instead of the normal move_uploaded_file, appropriately named "fakeupload_file". It creates the fake file so that even calls to is_uploaded_file will see it as if it was correctly on the file system. An unlink is all that's needed to remove the "file".

0 comments voice your opinion now!
fake file upload extension insecure fakeuploadfile isuploadedfile


blog comments powered by Disqus

Similar Posts

Christopher Jones' Blog: Temporary LOBS in PHP's OCI8 Extension. Instant Client.

Zend Developer Zone: Working with RAR, LZF and BZ2 Compression Formats in PHP

PHPMaster.com: More Bulletproofing with PHPUnit’s Database Extension

Secunia.com: CMS Mundo SQL Injection and File Upload Vulnerabilities

Robert Basic's Blog: Creating a chat bot with PHP and Dbus


Community Events











Don't see your event here?
Let us know!


release package framework introduction performance install project unittest example language composer security facebook symfony2 component database podcast hack application hhvm

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework