PHP Advanced Tutorial-File Upload

PhpFile Upload

With PHP, you can upload files to the server.

The example of this chapter is completed under the test project and the directory structure is:

Test|-----upload             #  file uploaded directory |-----form.html          #  form File |----- upload_file.php    #  php upload code

SOURCE download

Create a File Upload form

It is very useful to allow users to upload files from a form.

Take a look at the following HTML form for uploading files:

= " File "> FileName:</label>    <input type=" file "name=" file "id=" file "><br>    <input type=" Submit "Name=" Submission "value=" ></form></body>
Save the above code in the form.html file.
Some of the considerations for the above HTML form are listed below:

 
 

  
  
 
   
The enctype attribute of the <form> tag specifies what type of content to use when submitting a form. Use "multipart/form-data" When the form requires binary data, such as the contents of a file.
 
   
The type= "file" attribute of the <input> tag specifies that the input should be processed as a file. For example, when previewing in a browser, you'll see a browse button next to the input box.
 
  
 
 
Note: allowing users to upload files is a huge security risk. Please allow only trusted users to perform file upload operations.

 
  
 Create an upload script
The "upload_file.php" file contains the code for uploading the file:
<?PHPif($_files["File"] ["error"] > 0){    Echo"Error:".$_files["File"] ["Error"]. "<br>";}Else{    Echo"Upload file name:".$_files["File"] ["Name"]. "<br>"; Echo"File type:".$_files["File"] ["Type"]. "<br>"; Echo"File Size:". ($_files["File"] ["Size"]/1024). "Kb<br>"; Echo"File temporary storage location:".$_files["File"] ["Tmp_name"];}?>
By using PHP's global array $_files, you can upload files from a client computer to a remote server.
The first parameter is the input name of the form, and the second subscript can be "name", "type", "Size", "tmp_name", or "error". As shown below:

 
 

  
  
 
   
$_files["File" ["Name"]-the name of the uploaded file
 
   
$_files["File" ["Type"]-type of upload file
 
   
$_files["File" ["Size"]-the size of the uploaded file, measured in bytes
 
   
$_files["File" ["Tmp_name"]-the name of the temporary copy of the file stored on the server
 
   
$_files["File" ["Error"]-error code caused by file upload
 
  
 
 
This is a very simple way to upload files. For security reasons, you should increase the restrictions on which users are allowed to upload files.

 
  
 Upload limit
In this script, we have added restrictions on file uploads. The user can only upload. gif,. jpeg,. jpg,. png files, and the file size must be less than KB:
<?PHP//allow uploading of picture suffixes$allowedExts=Array("GIF", "JPEG", "JPG", "PNG");$temp=Explode(".",$_files["File"] ["Name"]);$extension=End($temp);//get file suffix nameif((($_files["File"] ["type"] = = "Image/gif")|| ($_files["File"] ["type"] = = "Image/jpeg")|| ($_files["File"] ["type"] = = "Image/jpg")|| ($_files["File"] ["type"] = = "Image/pjpeg")|| ($_files["File"] ["type"] = = "Image/x-png")|| ($_files["File"] ["type"] = = "Image/png"))&& ($_files["File"] ["Size"] < 204800)//Less than KB&&In_array($extension,$allowedExts)){    if($_files["File"] ["error"] > 0)    {        Echo"Error::".$_files["File"] ["Error"]. "<br>"; }    Else    {        Echo"Upload file name:".$_files["File"] ["Name"]. "<br>"; Echo"File type:".$_files["File"] ["Type"]. "<br>"; Echo"File Size:". ($_files["File"] ["Size"]/1024). "Kb<br>"; Echo"File temporary storage location:".$_files["File"] ["Tmp_name"]; }}Else{    Echo"Illegal file format";}?>

 
  
 Save the uploaded file
The above example creates a temporary copy of the uploaded file in the server's PHP Temp folder.
This temporary copy file disappears at the end of the script. To save the uploaded file, we need to copy it to another location:
<?PHP//allow uploading of picture suffixes$allowedExts=Array("GIF", "JPEG", "JPG", "PNG");$temp=Explode(".",$_files["File"] ["Name"]);Echo $_files["File"] ["Size"];$extension=End($temp);//get file suffix nameif((($_files["File"] ["type"] = = "Image/gif")|| ($_files["File"] ["type"] = = "Image/jpeg")|| ($_files["File"] ["type"] = = "Image/jpg")|| ($_files["File"] ["type"] = = "Image/pjpeg")|| ($_files["File"] ["type"] = = "Image/x-png")|| ($_files["File"] ["type"] = = "Image/png"))&& ($_files["File"] ["Size"] < 204800)//Less than KB&&In_array($extension,$allowedExts)){    if($_files["File"] ["error"] > 0)    {        Echo"Error::".$_files["File"] ["Error"]. "<br>"; }    Else    {        Echo"Upload file name:".$_files["File"] ["Name"]. "<br>"; Echo"File type:".$_files["File"] ["Type"]. "<br>"; Echo"File Size:". ($_files["File"] ["Size"]/1024). "Kb<br>"; Echo"File temporary storage location:".$_files["File"] ["Tmp_name"]. "<br>"; //determine if the upload directory in the current directory exists for the file//if there is no upload directory, you need to create it, upload directory permissions for 777        if(file_exists("upload/".$_files["File"] ["Name"]))        {            Echo $_files["File"] ["Name"]. "The file already exists. "; }        Else        {            //If the file is not present in the upload directory, upload the file to the upload directory            Move_uploaded_file($_files["File"] ["Tmp_name"], "upload/".$_files["File"] ["Name"]); Echo"File is stored in:". " Upload/".$_files["File"] ["Name"]; }    }}Else{    Echo"Illegal file format";}?>
The script above detects if the file already exists, and if it does not, copies the file to a directory named "Upload".
The File Upload demo operation looks like this:
PHP Advanced Tutorial-File Upload