Php file upload details

HTML section:

 

The code is as follows:	Copy code
<Form action = "upload. php" method = "post" enctype = "multipart/form-data"> Upload: <input type = "file" name = "myfile"/> <Input type = "submit" name = "submit" value = "upload"/> </Form>

Note:

Action = "upload. php" in form indicates that when you click submit in form, the upload command will be sent to the page called upload. php for processing. Method = "post" refers to the post method. The enctype = "multipart/form-data" attribute specifies the content type to be used when submitting this form, when a form requires binary data, such as file content, use "multipart/form-data". This attribute is required to upload files. When type = "file" in input, it is stipulated that the input should be processed as a file, and there will be a browser button behind the input.

PHP section:

The code is as follows:	Copy code
<? Php If ($ _ FILES ['myfile'] ['name']! = ''){ If ($ _ FILES ['myfile'] ['error']> 0 ){ Echo "error status:". $ _ FILES ['myfile'] ['error']; } Else { Move_uploaded_file ($ _ FILES ['myfile'] ['tmp _ name'], "uploads /". $ FILES ['myfile'] ['name']); Echo "<script> alert (uploaded successfully !); </Script> "; } } Else { Echo "<script> alert (please upload a file !); </Script> "; } ?>

Note:

Before explaining this code, we need to understand the following knowledge.

$ _ FILES ['myfile'] ['name'] indicates the name of the uploaded file.

$ _ FILES ['myfile'] ['type'] indicates the type of the file to be uploaded.

$ _ FILES ['myfile'] ['size'] indicates the size of the uploaded file, in bytes (B)

$ _ FILES ['myfile'] ['tmp _ name'] indicates the name of the temporary copy file in the server where the uploaded file exists, after the file is moved to the specified directory, the temporary file will be automatically destroyed.

$ _ FILES ['myfile'] ["error"] indicates the status code of an error that may occur during File upload. The status code will be described later.

First, myfile in $ _ FILES ['myfile'] ['name'] indicates the name value of the file tag uploaded on the preceding HTML page, based on this, we can know which input file we are processing is submitted, and then judge whether $ _ FILES ['myfile'] ['name'] is not empty, based on this, we can know whether the user has uploaded files to perform different operations. If a file is uploaded and its status is 0, the upload is successful. We can use the move_uploaded_file method to store the uploaded file to the specified directory, the above example refers to moving the uploaded file to the uploads folder under the same directory. This path is relative to this php file (both upload. php. For example, we want to move the uploaded file to upload. in the above php folder named user, we can write: move_uploaded_file ($ _ FILES ['myfile'] ['tmp _ name'], ".. /user /". $ FILES ['myfile'] ['name']). This method is convenient and flexible, so that a file is uploaded to the server, you can open a directory on the server to view the file. Allowing users to upload files is a huge security risk. Therefore, we usually impose some restrictions on the files uploaded by users, as shown below:

 

The code is as follows:

Copy code

<? Php If ($ _ FILES ['myfile'] ['name']! = ''){ If ($ _ FILES ['myfile'] ['error']> 0 ){ Echo "error status:". $ _ FILES ['myfile'] ['error']; } Else { If ($ _ FILES ['myfile'] ['type'] = 'image/jpeg 'or $ _ FILES ['myfile'] ['type'] = 'Image/pjpeg 'or $ _ FILES ['myfile'] ['type'] = 'image/GIF '&& $ _ FILES ['myfile'] ['size'] <20480 ){ Move_uploaded_file ($ _ FILES ['myfile'] ['tmp _ name'], "uploads /". $ FILES ['myfile'] ['name']); Echo "<script> alert (uploaded successfully !); </Script> "; } Else { Echo "<script> alert (upload a jpeg or Gif attachment smaller than 2 MB); <script> "; } } } Else { Echo "<script> alert (please upload a file !); </Script> "; } ?>

From the code above, we can see that, we specify that the object to be uploaded must be of jpeg or Gif type and must be smaller than 2 MB (the default unit of $ _ FILES ['myfile'] ['size'] is byte ). It must be mentioned that for IE browsers, it must recognize the jpg file type as pjpeg, while for FireFox, it must be jpeg. Therefore, we must make judgments on both jpeg and pjpeg. In this way, we can restrict some dangerous Trojans or virus scripts uploaded by users to ensure the safe operation of the server. Now, a file upload program is basically formed. However, in some cases, considering the user experience, we can also remind users of errors during the upload process so that they can understand what is wrong, we will explain $ _ FILES ['myfile'] ['error, let's take a look at the definition of $ _ FILES ['myfile'] ['error'] Common 6 states in PHP.

The code is as follows:

Copy code

$ _ FILES ['teacher _ pic '] ['error'] = 1 the file size exceeds the file size limit in PHP. ini. $ _ FILES ['teacher _ pic '] ['error'] = 2. The file size exceeds the browser limit. $ _ FILES ['teacher _ pic '] ['error'] = 3. Part of the file is uploaded. $ _ FILES ['teacher _ pic '] ['error'] = 4 no file to be uploaded is found $ _ FILES ['teacher _ pic '] ['error'] = 5. The temporary folder on the server is lost. $ _ FILES ['teacher _ pic '] ['error'] = 6. An error occurred while writing the file to the temporary folder.

When the error message status is 1, it indicates that the uploaded file exceeds php. ini file size limit, which can be used in php. (Maximum allowed size for uploaded files. upload_max_filesize = 2 M), which is in row 516th. This statement defines the maximum number of bytes for uploading files in PHP. The default value is 2 MB, this setting is a PHP global Upload restriction with the highest permissions. Even if $ _ FILES ['myfile'] ['size'] is set to 10 MB, only FILES smaller than 2 MB can be uploaded. For example, if $ _ FILES ['myfile'] ['size'] <10 MB is specified by default, now $ _ FILES ['teacher _ pic '] ['error'] = 1. Generally, we need to set the value of $ _ FILES ['myfile'] ['size'] under the value of upload_max_filesize (it is useless if it is set to a large value ). Of course, you can use php. the value of upload_max_filesize in ini is more tuned. However, in actual application, we do not recommend that the value of upload_max_filesize exceed 20 MB considering the server load. This will increase the number of website attachments, this can be clearly seen in the forum community. After understanding this, we can define the error status, and then refine the code:

The code is as follows:

Copy code

<? Php If ($ _ FILES ['myfile'] ['name']! = ''){ If ($ _ FILES ['myfile'] ['error']> 0 ){ Switch ($ _ FILES ['myfile'] ['error']) { Case 1: Echo "the file size exceeds the file size limit in PHP. ini! "; Break; Case 2: Echo "the file size exceeds the browser limit! "; Break; Case 3: Echo "file part uploaded! "; Break; Case 4: Echo "the file to be uploaded is not found! "; Break; Case 5: Echo "the temporary folder on the server is lost. Please upload it again! "; Break; Case 6: Echo "an error occurred while writing the file to the temporary folder! "; Break; } } Else { If ($ _ FILES ['myfile'] ['type'] = 'image/jpeg 'or $ _ FILES ['myfile'] ['type'] = 'Image/pjpeg 'or $ _ FILES ['myfile'] ['type'] = 'image/GIF '&& $ _ FILES ['myfile'] ['size'] <20480 ){ Move_uploaded_file ($ _ FILES ['myfile'] ['tmp _ name'], "uploads /". $ FILES ['myfile'] ['name']); Echo "<script> alert (uploaded successfully !); </Script> "; } Else { Echo "<script> alert (upload a jpeg or Gif attachment smaller than 2 MB); <script> "; } } } Else { Echo "<script> alert (please upload a file !); </Script> "; } ?>

We can use the switch statement to define six error states. In this way, when an error occurs, the user will understand what went wrong. However, there is another case where the file uploaded by the user already exists in the specified directory. Here we can use the file_exists method to judge:

The code is as follows:

Copy code

<? Php If ($ _ FILES ['myfile'] ['name']! = ''){ If ($ _ FILES ['myfile'] ['error']> 0 ){ Switch ($ _ FILES ['myfile'] ['error']) { Case 1: Echo "the file size exceeds the file size limit in PHP. ini! "; Break; Case 2: Echo "the file size exceeds the browser limit! "; Break; Case 3: Echo "file part uploaded! "; Break; Case 4: Echo "the file to be uploaded is not found! "; Break; Case 5: Echo "the temporary folder on the server is lost. Please upload it again! "; Break; Case 6: Echo "an error occurred while writing the file to the temporary folder! "; Break; } } Else { If ($ _ FILES ['myfile'] ['type'] = 'image/jpeg 'or $ _ FILES ['myfile'] ['type'] = 'Image/pjpeg 'or $ _ FILES ['myfile'] ['type'] = 'image/GIF '&& $ _ FILES ['myfile'] ['size'] <20480 ){ If (! File_exists ("uploads/". $ _ FILES ["myfile"] ["name"]) { Move_uploaded_file ($ _ FILES ['myfile'] ['tmp _ name'], "uploads /". $ FILES ['myfile'] ['name']); Echo "<script> alert (uploaded successfully !); </Script> "; } Else { Echo "<script> alert (the file you uploaded already exists !); </Script> "; } } Else { Echo "<script> alert (upload a jpeg or Gif attachment smaller than 2 MB); <script> "; } } } Else { Echo "<script> alert (please upload a file !); </Script> "; } ?>

It's just the most primitive method for uploading files, which is easier to understand. You can consider writing it into a class during use. Now Let's summarize the logic judgment in the upload process.

1. First determine whether to upload a file

2. If yes, check whether an error occurs during the upload.

3. If an error occurs, an error message is displayed.

4. If no error is found, determine the file type.

5. If the type meets the condition, check whether the file exists in the specified directory.

6. If not, move the file to the specified directory.