PHP File Upload |
\n\nThrough PHP, you can upload files to the server.
\n\nThis chapter's example is completed under the test project, directory structure is:
\ntest\n|-----upload # File upload directory\n|-----form.html # Form file\n|-----upload_file.php # php Upload code\n\n\n\n\n\n
Create a File Upload Form
\n\nAllowing users to upload files from a form is very useful.
\n\nPlease see the HTML form for uploading files below:
\n<html><head><meta charset="utf-8"><title>()</title></head><body>\n<form action="upload_file.php" method="post" enctype="multipart/form-data">\n<label for="file">Filename:</label>\n<input type="file" name="file" id="file"><br>\n<input type="submit" name="submit" value="Submit>\n</form>\n</body></html>\nSave the above code to the form.html file.
\n\nSome notes about the above HTML form are listed as follows:
\n- \n
- The enctype attribute of the <form> tag specifies which content type to use when submitting the form. When the form needs binary data, such as file content, use "multipart/form-data". \n
- The type="file" attribute of the <input> tag specifies that the input should be processed as a file. For example, when previewing in a browser, you will see a browse button next to the input box. \n
Note: Allowing users to upload files is a huge security risk. Only allow trusted users to perform file upload operations.
\n\n\n\n
Create Upload Script
\n\n"upload_file.php" file contains the code for uploading files:
\n<?php\nif ($_FILES > 0){\n echo "Error: . $_FILES . "<br>";\n} else {\n echo "Uploaded filename: " . $_FILES . "<br>";\n echo "File type: " . $_FILES . "<br>";\n echo "File size: " . ($_FILES / 1024) . " kB<br>";\n echo "Temporary file storage location: " . $_FILES;\n}\n?>\nBy using PHP's global array $_FILES, you can upload files from the client computer to the remote server.
\n\nThe first parameter is the input name of the form, the second subscript can be "name", "type", "size", "tmp_name" or "error". As shown below:
\n- \n
- $_FILES - Name of the uploaded file \n
- $_FILES - Type of the uploaded file \n
- $_FILES - Size of the uploaded file, in bytes \n
- $_FILES - Name of the temporary copy of the file stored on the server \n
- $_FILES - Error code resulting from the file upload \n
This is a very simple file upload method. For security considerations, you should add restrictions on which users are allowed to upload files.
\n\n\n\n
Upload Limits
\n\nIn this script, we have added restrictions on file uploads. Users can only upload .gif, .jpeg, .jpg, .png files, and the file size must be less than 200 kB:
\n<?php\n// Allowed image extensions for upload\n$allowedExts = array("gif", "jpeg", "jpg", "png");\n$temp = explode(".", $_FILES);\n$extension = end($temp); // Get file extension\n\nif ((($_FILES == "image/gif")\n|| ($_FILES == "image/jpeg")\n|| ($_FILES == "image/jpg")\n|| ($_FILES == "image/pjpeg")\n|| ($_FILES == "image/x-png")\n|| ($_FILES == "image/png"))\n&& ($_FILES < 204800) // Less than 200 KB\n&& in_array($extension, $allowedExts)) {\n if ($_FILES > 0) {\n echo "Error:: " . $_FILES . "<br>";\n } else {\n echo "Uploaded filename: " . $_FILES . "<br>";\n echo "File type: " . $_FILES . "<br>";\n echo "File size: " . ($_FILES / 1024) . " kB<br>";\n echo "Temporary file storage location: " . $_FILES;\n }\n} else {\n echo "Invalid file format;\n}\n?>\n\n\n\n
Save the Uploaded File
\n\nThe example above creates a temporary copy of the uploaded file in the PHP temporary folder on the server.
\n\nThis temporary copy file disappears when the script ends. To save the uploaded file, we need to copy it to another location:
\n<?php\n// Allowed image extensions for upload\n$allowedExts = array("gif", "jpeg", "jpg", "png");\n$temp = explode(".", $_FILES);\necho $_FILES;\n$extension = end($temp); // Get file extension\n\nif ((($_FILES == "image/gif")\n|| ($_FILES == "image/jpeg")\n|| ($_FILES == "image/jpg")\n|| ($_FILES == "image/pjpeg")\n|| ($_FILES == "image/x-png")\n|| ($_FILES == "image/png"))\n&& ($_FILES < 204800) // Less than 200 KB\n&& in_array($extension, $allowedExts)) {\n if ($_FILES > 0) {\n echo "Error:: " . $_FILES . "<br>";\n } else {\n echo "Uploaded filename: " . $_FILES . "<br>";\n echo "File type: " . $_FILES . "<br>";\n echo "File size: " . ($_FILES / 1024) . " kB<br>";\n echo "Temporary file storage location: " . $_FILES . "<br>";\n\n // Check if the file exists in the upload directory under the current directory\n // If the upload directory does not exist, you need to create it. Set the upload directory permissions to 777\n if (file_exists("upload/" . $_FILES)) {\n echo $_FILES . " File already exists. ;\n } else {\n // If the file does not exist in the upload directory, upload it to the upload directory\n move_uploaded_file($_FILES, "upload/" . $_FILES);\n echo "File stored in: " . "upload/" . $_FILES;\n }\n }\n} else {\n echo "Invalid file format;\n}\n?>\nThe script above checks if the file already exists; if not, it copies the file to a directory named 'upload'.
\n\nThe file upload demonstration operation is as follows:
\n
YouTip