You want to process a file uploaded by a user.

Use the $_FILES array:

// from <input name="event" type="file">
if (is_uploaded_file($_FILES['event']['tmp_name'])) {
    readfile($_FILES['event']['tmp_name']); // print file on screen
}

Starting in PHP 4.1, all uploaded files appear in the $_FILES superglobal array. For each file, there are four pieces of information:

If you’re using an earlier version of PHP, you need to use $HTTP_POST_FILES instead.

After you’ve selected a file from that array, use is_uploaded_file( ) to confirm that the file you’re about to process is a legitimate file resulting from a user upload, then process it as you would other files on the system. Always do this. If you blindly trust the filename supplied by the user, someone can alter the request and add names such as /etc/passwd to the list for processing.

You can also move the file to a permanent location; use move_uploaded_file( ) to safely transfer the file:

// move the file: move_uploaded_file() also does a check of the file's
// legitimacy, so there's no need to also call is_uploaded_file()
move_uploaded_file($_FILES['event']['tmp_name'], '/path/to/file.txt');

Note that the value stored in tmp_name is the complete path to the file, not just the base name. ...