Php upload image to remote server with cURL
I would like to use cURL in php to upload an image to a remote image server. I have this piece of code, it's on the webserver:
<form enctype="multipart/form-data" encoding="multipart/form-data" method="post" action="webform.php">
<input name="somevar" type=hidden value='.$somevar.'>
<input name="uploadfile" type="file" value="choose">
<input type="submit" value="Upload">
</form>
and:
if (isset($_FILES['uploadfile']) ) {
$filename = $_FILES['uploadfile']['tmp_name'];
$handle = fopen($filename, "r");
$data = fread($handle, filesize($filename));
$POST_DATA = array(
'somevar' => $somevar,
'uploadfile' => $data
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://1.1.1.1/receiver.php');
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $POST_DATA);
$response = curl_exec($curl);
curl_close ($curl);
echo $response;
}
On the image server I've got an image upload handling php file, which worked very well on localhost, but I would like to use it on the remote server. This is how I handled the uploaded image file in the receiver.php:
move_uploaded_file($_FILES['uploadfile']['tmp_name'], $file)
I want to directly pass the image file to the remote server script, so this way I don't need to rewrite the whole upload script. I tried to post the image name, type, size as post variables, but I haven't got the ['tmp_name'] since it's not on localhost.
How can I solve this? Thank you guys for any help!
Answer
Here's a possible solution;
- Handle the upload on your web server and move the uploaded file to a local temp location
- Then make a curl POST request to remote server and tell it what the uploaded file name & data is; as base64_encoded string
- Remote server script receives the upload as a standard http post
- All it now has to do is decode the file data, save it as the specified file name
So, this is how the solution looks like:
Sorry, i did not test this, but it should work.
index.php
<?php
// Handle upload
if(isset($_POST["submit"]))
{
// Move uploaded file to a temp location
$uploadDir = '/var/www/uploads/';
$uploadFile = $uploadDir . basename($_FILES['userfile']['name']);
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadFile))
{
// Prepare remote upload data
$uploadRequest = array(
'fileName' => basename($uploadFile),
'fileData' => base64_encode(file_get_contents($uploadFile))
);
// Execute remote upload
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://1.1.1.1/receiver.php');
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $uploadRequest);
$response = curl_exec($curl);
curl_close($curl);
echo $response;
// Now delete local temp file
unlink($uploadFile);
}
else
{
echo "Possible file upload attack!\n";
}
}
?>
<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="index.php" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
<!-- Name of input element determines name in $_FILES array -->
Send this file: <input name="userfile" type="file" />
<input type="submit" value="Send File" />
</form>
Then, on the receiver.php, you can do the following:
// Handle remote upload
if (isset($_POST['fileName']) && $_POST['fileData'])
{
// Save uploaded file
$uploadDir = '/path/to/save/';
file_put_contents(
$uploadDir. $_POST['fileName'],
base64_decode($_POST['fileData'])
);
// Done
echo "Success";
}