DevShed: Stream Me Up, Scotty (part 2)
"PHP also allows you to upload files via HTTP, assuming you have an RFC-1867 compliant browser (if you're using a relatively recent version of either Internet Explorer or Netscape Navigator, you're OK). There are two components to this: the form which accepts the file upload, and the server-side script which checks the file and decides where to put it."
"... Be warned: you should enforce strict rules about what can and can't be uploaded when using such a system in a production environment. Failure to do this would open up a security hole which would allow users to upload Perl scripts, C binaries and PHP documents to the server, and perhaps even execute them remotely." Over the next few pages, I'll be explaining how your PHP scripts can interact with a filesystem to display files and directories, copy and move data, and transfer files via the Web browser.
"... And once you're done, it might be worthwhile to go back to the equivalent file browser we built in the first part of this article. If you compare the two approaches, other things being equal, you'll notice that the HTTP file browser is much faster than the FTP file browser, and also allows more flexibility when manipulating files."