```php
<?phpif(isset($_POST['Upload'])){// Where are we going to be writing to?$target_path=DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";$target_path.=basename($_FILES['uploaded']['name']);// File information$uploaded_name=$_FILES['uploaded']['name'];$uploaded_type=$_FILES['uploaded']['type'];$uploaded_size=$_FILES['uploaded']['size'];// Is it an image?if(($uploaded_type=="image/jpeg"||$uploaded_type=="image/png")&&($uploaded_size<100000)){// Can we move the file to the upload folder?if(!move_uploaded_file($_FILES['uploaded']['tmp_name'],$target_path)){// No$html.='<pre>Your image was not uploaded.</pre>';}else{// Yes!$html.="<pre>{$target_path} succesfully uploaded!</pre>";}}else{// Invalid file$html.='<pre>Your image was not uploaded. We can only accept JPEG or PNG images.</pre>';}}?>
