I've also been confused. The documentation is rather vague. It is the function move_uploaded_file that adds a step to check whether the file was uploaded via HTTP POST.
As for how to check, it is not mentioned.
I have googled for a while, but have not been able to solve this problem, and I don’t know where the problem lies. Later, I finally decided to look at the source code. Finally, I saw in the source code that the file name is compared with the upload_tmp_dir parameter in the
php configuration. If the file is in this directory, then move_uploaded_file will perform the move operation. Moreover, this comparison is case-sensitive, and / is also different under Windows. When the PHP configuration file is parsed, a realpath function will be called. That is to say, before you move_uploaded_file,
must pair $file['tmp_name'] = realpath($file[' tmp_name']); realpath.
There is another situation that everyone should pay attention to, that is, if move_uploaded_file is configured as an inaccessible path, then no matter how you handle it, move_uploaded_file will never successfully move the file.