In this tutorial we will learn how to use php to manage file uploads to the server.
First, build an HTML form that lets users select a file to upload.
upload.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>PHP Upload file example</title>
</head>
<body>
<form enctype="multipart/form-data" action="uploadProcess.php" method="POST">
Choose a image file to upload:
<input name="image" type="file">
<br>
<input type="submit" value="Upload">
</form>
</body>
</html>
PHP use a superglobal variable $_FILES to contains all the information of the uploaded file including file name,type,size etc.
$_FILES['image'] the image is the reference in the form <input name="image" type="file">
$_FILES['image']['name'] the original name of the file on the client machine.
$_FILES['image']['type'] the mime type of the file
$_FILES['image']['size'] file size,in bytes
$_FILES['image']['tmp_name'] The temporary filename of the file on the server
$_FILES['image']['error'] error code. 0 success
On the server side ,you must check the file uploaded by user for security:
When the file is uploaded successfully , it is stored in a temporary directory on the server.
If you want to save this file permanently, You should use move_uploaded_file() function to move it to a new permanent location and rename it.
uploadProcess.php
<?php
// Check if the form was submitted
if(isset($_FILES["image"])){
// Check if the file was uploaded without errors
if($_FILES["image"]["error"] == 0){
$allowed = array(
"gif" => "image/gif",
"jpeg" => "image/jpeg",
"jpg" => "image/jpg",
"png" => "image/png",
);
$filename = $_FILES["image"]["name"];
$filetype = $_FILES["image"]["type"];
$filesize = $_FILES["image"]["size"];
// Check if the file is too large or not
$maxsize = 10 * 1024 * 1024; // 10M
if($filesize > $maxsize)
die("Error: The file is too large.");
// Check the file extension
$ext = pathinfo($filename, PATHINFO_EXTENSION);
if(!array_key_exists($ext, $allowed))
die("Error: Wrong file extension.");
// Check the mime type of file
if(in_array($filetype, $allowed)){
// Prevent the file name is same as an existing file in the same folder.
$newFilename = "data/".date("YmdHi").$filename;
if(!file_exists("data/")){
mkdir("data/");
}
if(file_exists("data/" . $newFilename)){
echo "The file ".$newFilename. " is already exists.";
} else{
//
if(move_uploaded_file($_FILES["image"]["tmp_name"], $newFilename)){
echo "Success: The file was uploaded successfully.<br>";
}
else{
echo "Error: The file cannot be moved.";
}
echo "File Name: " . $_FILES["image"]["name"] . "<br>";
echo "File Type: " . $_FILES["image"]["type"] . "<br>";
echo "File Size: " . round($_FILES["image"]["size"] / 1024) . " KB<br>";
echo "Temporary file Name: " . $_FILES["image"]["tmp_name"];
}
} else{
echo "Error: This type of file is not allowed.";
}
} else{
echo "Error: " . $_FILES["image"]["error"];
}
}
else{
echo "Error: Please upload a image file.";
}
?>
Outputs:
Success: The file was uploaded successfully. File Name: life.png File Type: image/png File Size: 75 KB Temporary file Name: C:\Windows\Temp\php6776.tmp