I have a form page that posts to another page where multiple fields as well as file uploads are processed. Just wondering what happens to the 'tmp_name' files when/if the user enters some incorrect info and I send them back to the form page with a meta refesh?
If successful, I move the file to a new location. But if not successful, do the files get unset or erased if the user gets redirected? If they don't, can I reaccess them again so the user doesnt have to reupload? OTOH if there is a problem with the file, say it is not the expected MIME type, should I unlink($_FILES['userFile']['tmp_name']? Its easy to force the user to re-upload again, i think, but I dont want the server being filled up with files that will never be used? If the form passes inspection, and I use rename() to move the file, is the temp file really gone? Did it ever exist on the server's hard drive, or was it only in RAM? Whats the best practice here?
do the files get unset or erased if the user gets redirected?
The uploaded files are stored in the /tmp directory (or whatever is specified as PHP's temporary location). Once your script has run, files left there are subject to deletion any time. I don't think they usually get deleted straight away, but the contents of /tmp will be automatically purged by the OS when necessary.
/tmp is usually located on a hard drive, not in RAM.
Managing this is usually nothing you need to worry about.
If the form passes inspection, and I use rename() to move the file, is the temp file really gone?
Yes, but you must use move_uploaded_file() on uploaded files instead of rename() for security reasons.
The file is stored in the tmp folder and if you don't move it elsewhere it will stay there. It will be removed automatically by the OS on next cleanup.
Edit: Please look at Marc's comment below.
http://www.php.net/manual/en/features.file-upload.post-method.php
The file will be deleted from the temporary directory at the end of the request if it has not been moved away or renamed.