We’ll talk about PHP-File Uploading today. It is simple to upload files to the server using PHP. But with convenience also comes risk, so use caution whenever allowing file uploads! Prior to these, we also covered Forms in PHP, PHP Session, PHP Operators, and PHP Cookies. If you don’t know about these, then act quickly!
What PHP-File Uploading
Users can upload files to the server using an HTML form and a PHP script. A PHP script first uploads files into a temporary directory, after which they are moved to the desired location.
The temporary directory used for file uploads is described as upload_tmp_dir on the phpinfo.php page, and upload_max _filesize specifies the largest file size that can be uploaded. These settings are made in the php.ini configuration file for PHP.
php.ini File Configuration In PHP-File Uploading
Make sure PHP is set up to support file uploads first.
Find the file_uploads directive in your “php.ini” file and turn it on:
file_uploads = On
These are the steps involved in uploading a file:−
- The user loads the page with the HTML form, which includes buttons for browsing and submitting text files.
- The user selects a file from their local PC by clicking the browse button.
- After the user clicks the submit button, the text field displays the complete path to the chosen file.
- The chosen file is transferred to the server’s temporary directory.
- In the form’s action attribute, the PHP script that was designated as the form handler verifies that the file has arrived before copying it into the desired directory.
- The PHP script notifies the user when it has succeeded.
It is usual to require file writing permissions for both temporary and final locations before writing files. A read-only setting on either will result in the process failing. Any document, including a text or image file, may be uploaded.
PHP $_FILES
All file-related information can be found in the global PHP variable $_FILES. We can retrieve file name, file type, file size, temp file name, and errors related to the file with the aid of the $_FILES global.
We’re assuming the filename in this situation.
$_FILES[‘filename’][‘name’]
gives the file name.
$_FILES[‘filename’][‘type’]
returns the file’s MIME type.
$_FILES[‘filename’][‘size’]
returns the file’s size (in bytes).
$_FILES[‘filename’][‘tmp_name’]
returns the temporary file name of the server-stored file.
$_FILES[‘filename’][‘error’]
returns the error code for this file.
Upload Form using HTML
An uploader form can be created using the HTML code below. This form’s method and enctype attributes are both set to POST and multipart/form-data, respectively.
<?php
if(isset($_FILES['image'])){
$errors= array();
$file_name = $_FILES['image']['name'];
$file_size =$_FILES['image']['size'];
$file_tmp =$_FILES['image']['tmp_name'];
$file_type=$_FILES['image']['type'];
$file_ext=strtolower(end(explode('.',$_FILES['image']['name'])));
$expensions= array("jpeg","jpg","png");
if(in_array($file_ext,$expensions)=== false){
$errors[]="extension not allowed, please choose a JPEG or PNG file.";
}
if($file_size > 2097152){
$errors[]='File size must be excately 2 MB';
}
if(empty($errors)==true){
move_uploaded_file($file_tmp,"images/".$file_name);
echo "Success";
}else{
print_r($errors);
}
}
?>
<html>
<body>
<form action="" method="POST" enctype="multipart/form-data">
<input type="file" name="image" />
<input type="submit"/>
</form>
</body>
</html>
OUTPUT
Example
The example below should enable image uploads and return the information about the uploaded file.
<?php
if(isset($_FILES['image'])){
$errors= array();
$file_name = $_FILES['image']['name'];
$file_size = $_FILES['image']['size'];
$file_tmp = $_FILES['image']['tmp_name'];
$file_type = $_FILES['image']['type'];
$file_ext=strtolower(end(explode('.',$_FILES['image']['name'])));
$expensions= array("jpeg","jpg","png");
if(in_array($file_ext,$expensions)=== false){
$errors[]="extension not allowed, please choose a JPEG or PNG file.";
}
if($file_size > 2097152) {
$errors[]='File size must be excately 2 MB';
}
if(empty($errors)==true) {
move_uploaded_file($file_tmp,"images/".$file_name);
echo "Success";
}else{
print_r($errors);
}
}
?>
<html>
<body>
<form action = "" method = "POST" enctype = "multipart/form-data">
<input type = "file" name = "image" />
<input type = "submit"/>
<ul>
<li>Sending file: <?php echo $_FILES['image']['name']; ?>
<li>uploaded_file size: <?php echo $_FILES['image']['size']; ?>
<li>uploaded_File type: <?php echo $_FILES['image']['type'] ?>
</ul>
</form>
</body>
</html>
OUTPUT
move_uploaded_file() function
The uploaded file is moved to a new location using the move_uploaded file() function. Internally, the move uploaded_file() function verifies that the file was uploaded using a POST request. If a file is uploaded using a POST request, it moves.
Syntax
bool move_uploaded_file ( string $filename , string $destination )
An Overview of the Subject
- PHP – File Uploading Users can upload files to the server using an HTML form and a PHP script.
- A PHP script first uploads files into a temporary directory, after which they are moved to the desired location.
- The temporary directory used for file uploads is described as upload_tmp_dir on the phpinfo.php page, and upload_max _filesize specifies the largest file size that can be uploaded.
- These settings are made in the php.ini configuration file for PHP.php.ini File ConfigurationMake sure PHP is set up to support file uploads first.
- Find the file_uploads directive in your “php.ini” file and turn it on:file_uploads = OnThese are the steps involved in uploading a file.
- It is usual to require file writing permissions for both temporary and final locations before writing files.
- PHP all file-related information can be found in the global PHP variable $_FILES.
- We can retrieve file name, file type, file size, temp file name, and errors related to the file with the aid of the $_FILES global.
