With PHP, you may already know, it is possible to upload files on the server with PHP. This lesson will show you in detail how this can happen.
Initially you will need an HTML form for selecting a file such as the example:
Upload Files with PHP
|
<html>
<body>
<form action="upload_file.php" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>
Note:
- Property with a value of enctype "multipart / form-data" should be added to the tag <form>, when we transfer what binary code files.
- Property with a value of type "file" has a browser that field will contain the path to a file and automatically adds button Browse.
Important:
To allow users to upload files to the server holds enormous risks.For this you have to restrict users that can do this or check whether the file type is before being uploaded to the server.
Taking file information
Information to a file stored in the global array $ _FILE. Here is example to better understand how it works:
- Property with a value of enctype "multipart / form-data" should be added to the tag <form>, when we transfer what binary code files.
- Property with a value of type "file" has a browser that field will contain the path to a file and automatically adds button Browse.
Important:
To allow users to upload files to the server holds enormous risks.For this you have to restrict users that can do this or check whether the file type is before being uploaded to the server.
Taking file information
Information to a file stored in the global array $ _FILE. Here is example to better understand how it works:
<? php
if ($ _FILES["file"]["error"]>0) (
echo "Error:". $_FILES["File"]["error"]."<br/>";
) else (
echo "Filename:".$_FILES["File"]["name"]."<br/>";
echo "Type:". $_FILES["File"]["type"]."<br/>";
echo "Size:". ($_FILES["File"]["size"]/1024)."Kb <br />";
echo "Saved in:". $_FILES["File"]["tmp_name"];
)
?>
The first parameter is the name of the array of tag <input>, while the second may be a "name", "type", "size", "tmp_name" or "error" as follows:
$_FILES["File"]["name"]
- name of file uploads
$_FILES["File"]["type"]
- contains the type of file uploads
$_FILES["File"]["size"]
- contains the size of file uploads
$_FILES["File"]["tmp_name"]
- name of the temporary file stored on the server
$_FILES["File"]["error"]
- error (if any) is obtained by uploading a file
This is a very easy way of making information about uploaded files, and therefore for greater security is better to restrict the possible formats for uploading to a few.
Restrictions on upload
Like I said above you should restrict file formats to a few in the following code as the user can upload only gif, png and jpeg images to 80kb:
$_FILES["File"]["name"]
- name of file uploads
$_FILES["File"]["type"]
- contains the type of file uploads
$_FILES["File"]["size"]
- contains the size of file uploads
$_FILES["File"]["tmp_name"]
- name of the temporary file stored on the server
$_FILES["File"]["error"]
- error (if any) is obtained by uploading a file
This is a very easy way of making information about uploaded files, and therefore for greater security is better to restrict the possible formats for uploading to a few.
Restrictions on upload
Like I said above you should restrict file formats to a few in the following code as the user can upload only gif, png and jpeg images to 80kb:
<?php
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 80000)) {
if ($_FILES["file"]["error"] > 0) {
echo "Error: " . $_FILES["file"]["error"]."<br/>";
} else {
echo "File name: ".$_FILES["file"]["name"]."<br/>";
echo "File type: ".$_FILES["file"]["type"]."<br/>";
echo "File size: ".($_FILES["file"]["size"]/1024)." Kb<br/>";
echo "Temp file: ".$_FILES["file"]["tmp_name"];
}
} else {
echo "Unauthorized file type!";
}
?>
Save the uploaded file
The following code containing the above two source codes plus saving of the file. This code also checking if the file already exists on the server and if it does not upload it.
The following code containing the above two source codes plus saving of the file. This code also checking if the file already exists on the server and if it does not upload it.
<?php
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 80000)) {
if ($_FILES["file"]["error"] > 0) {
echo "Error: " . $_FILES["file"]["error"]."<br/>";
} else {
echo "File name: ".$_FILES["file"]["name"]."<br/>";
echo "File type: ".$_FILES["file"]["type"]."<br/>";
echo "File size: ".($_FILES["file"]["size"]/1024)." Kb<br/>";
echo "Temp file: ".$_FILES["file"]["tmp_name"];
if (file_exists("upload/" . $_FILES["file"]["name"])) {
echo $_FILES["file"]["name"] . " already exists!";
} else {
move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);
echo ": " . "upload/" . $_FILES["file"]["name"];
}
}
} else {
echo "Unauthorized file type!";
}
?>
Next Tutorials
Post Comment
Need a specific tutorial? Do not hesitate and submit a request!
