13

I am initializing file upload using the following HTML:

<form enctype="multipart/form-data" action="PHPScripts/upload.php" method="POST">
    <input type="file" id="browseButton" name="image" onchange="this.form.submit();" />
</form>

Upload.php script looks like this: 

<?php
$file = $_FILES["image"];
$filepath = $file["name"];
$filetmp = $file["tmp_name"];
$filesize = $file["size"];
$filename = basename($filepath);
$filetype = substr($filename, strrpos($filename, ".") + 1);
...
?>

I need to pass one more parameter to my php script, but I don't know how. HTTP method is POST (as can be seen in the code above), but where should I put the parameter? Is that even possible? Thanks for clarifying this to me.

Boris
  • 9,986
  • 34
  • 110
  • 147

2 Answers2

18

Just add another input element of your choice. No additional magic required.

 <input type="hidden" name="info" value="Test">

...

$info = $_POST["info"];
Pekka
  • 442,112
  • 142
  • 972
  • 1,088
  • Is hidden secure? I can edit the info of hidden field and submit the form – Daric Feb 15 '11 at 12:50
  • @Who yes, it's possible to edit the info. You can never trust it if it comes from client side. What are you trying to do exactly? – Pekka Feb 15 '11 at 12:51
  • If the info can be edited how hidden fields are useful? I am not getting from hidden field what I am using for – Daric Feb 15 '11 at 12:54
  • 2
    @WhoAmI anything can be manipulated on the client side. Always. `hidden` just doesn't show a control to the user, but there is no way to have an unchangeable parameter coming from client side. If you need to pass data that must not be altered by the client, use sessions instead – Pekka Feb 15 '11 at 12:56
  • Thanks @Pekka I am always in doubt whether to use hidden or not I am still not in the favour of hidden Session is good in the case. – Daric Feb 15 '11 at 13:03
  • @WhoAmI so, use whatever else. What's the problem? If you have any question - start you own, but what's your point here, dude? – Your Common Sense Feb 15 '11 at 13:04
  • @Who it's unclear what the OP wants to do, so hidden may or may not be the solution - we can't tell really – Pekka Feb 15 '11 at 13:15
  • use hidden and check it on the server side to make sure its what you want. fin! – Drewdin Feb 15 '11 at 14:25
0

Just put one element inside the same form where the file input is?

Nikoloff
  • 4,050
  • 1
  • 17
  • 19