Mjhd Mjhd - 4 months ago 33
PHP Question

simple upload form & double extension

I made a simple upload form, but when I try to upload something, the name of the file changes (ex :

- double extension).

My code:

$place = realpath($_SERVER["PHP_SELF"]);
$name = $place.$_FILES['file']['name'];
$f1 = strchr($name,'.');
$f2 = strtolower($f1);
$name = $place.$name.$f2;

if ($_POST['up']) {

if (file_exists($name)) {
echo '[-] The File Already Exist ! ';
} else {
$upload = move_uploaded_file($_FILES['file']['tmp_name'],$name);
if (isset($upload)) {
echo '[+] The File "'.$_FILES['file']['name'].'" uploaded succsessfully';


This is because how you create the $name variable.

You first create $name = $place.$_FILES['file']['name']; Where $_FILES['file']['name'] is the full name of the file. With the extension.

After that you say that $name is the path (which makes no logic) and you add the full name of the file and the extension again. Just remove the second $name = $place.$name.$f2;