Взято из мана.
<form enctype="multipart/form-data" action="_URL_" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="1000">
Send this file: <input name="userfile" type="file">
<input type="submit" value="Send File">
</form>
<?php
// In PHP earlier then 4.1.0, $HTTP_POST_FILES should be used instead of $_FILES.
if (is_uploaded_file($_FILES[\'userfile\'][\'tmp_name\'])) {
copy($_FILES[\'userfile\'][\'tmp_name\'], "/place/to/put/uploaded/file");
} else {
echo "Possible file upload attack. Filename: " . $_FILES[\'userfile\'][\'name\'];
}
/* ...or... */
move_uploaded_file($_FILES[\'userfile\'][\'tmp_name\'], "/place/to/put/uploaded/file");
?>
ЗЫ
мануал прочел бы