<?php

# Full path to uploads, end with forward slash
$target_path = "/path/to/uploads/";

if( !is_uploaded_file($_FILES['uploadedfile']['tmp_name']) ) {
	die("Invalid upload.");
}

$target_path = $target_path .$_FILES['uploadedfile']['tmp_name']; 

# Valid characters in filename are a-z, 0-9, or a dot
$tempfilename = preg_replace('/[^a-z0-9\.]+/i','',$_FILES['uploadedfile']['tmp_name']);
# Uncomment below if desiring a unique string filename instead
# $tempfilename = uniqid('upload-');

$target_path = $target_path . $tempfilename; 

if( move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path) ) {
    echo "The file ".$_FILES['uploadedfile']['tmp_name']." has been uploaded to: ".basename($target_path);
} else {
    echo "There was an error uploading the file, please try again!";
}

?>