设置安全文件上传目的地php

I am using the following php file upload class to upload my files in relative security. I'll be adding more security features later:

http://www.verot.net/php_class_upload.htm

My problem is though, I would like to upload my file to the folder www.mysite.com/upload which I've already pre-created ready to take the files.

The only problem is I don't know how to set it properly to do that. I've confirmed the form is submitting fine. Here's what I tried to use:

$handle = new class_upload($_FILES['image_upload']);
  if ($handle->uploaded) {
      $handle->file_new_name_body   = 'image_resized';
      $handle->image_resize         = true;
      $handle->image_x              = 100;
      $handle->image_ratio_y        = true;
      $handle->process('/home/user/upload');
      if ($handle->processed) {
          echo 'image resized';
          $handle->clean();
      } else {
          echo 'error : ' . $handle->error;
      }
  }

I get the error:

"Destination directory can't be created. Can't carry on a process."

What do I set for $handle->process('/home/user/upload'); so that it will upload into the correct directory?

The error message suggests that the user your webserver is running under may not have permissions to create directories... so it would imply the directory you've created is not being targeted.

You'll need full path to this folder... one way to get it would be to use:

$handle->process($_SERVER['DOCUMENT_ROOT'] . '/upload/');

I'd try and avoid this though as the $_SERVER variable can be tampered with or can be inaccurate in general.

The better approach imho would be:

$handle->process(realpath(dirname(__FILE__) . '/upload/');

And ensure the folder you've created has writable permissions for the web-server's user/group.

I suspect, what you are looking for is $handle->process(dirname(__FILE__).'/home');, assuming the calling script is directly in the web root folder.