In this lesson, you will learn about File Upload in PHP, its usage, and examples to better understand the topic.
Have you ever wondered how PHP-based websites construct their file-uploading systems? You could think of the question, “Can we upload any kind of file with this system?” Yes, we can upload files with various extension types. It is simple to upload files to the server using PHP. But with convenience sometimes comes risk, so use caution if accepting file uploads! We shall learn more about the file-uploading procedure here.
Make sure PHP is set up to support File uploads first. Find the file uploads directive in your php.ini File and turn it on:uploads files = On
Below is the HTML source code to upload the File to the server using php scripts. We use the encoding type multipart/form-data
in the HTML <form>
tag to enable the sending of files via the POST method. The files cannot be transmitted via the POST method without this encoding. We must utilize this encrypt if we wish to allow people to upload files using a form.
A simple HTML form example:
<!DOCTYPE HTML> <HTML> <body> <form action="uploadfile.php" method="post" enctype="multipart/form-data"> Upload Image: <input type="file" name="Upload_file" id="Upload_file"> <input type="submit" value="Upload Image" name="submit"> </form> </body> </HTML>
Here are some guidelines for the HTML form:
method="post"
is used on the form.enctype
is set up correctly: enctype=”multipart/form-data.” The content type to use when submitting the form is specified. The file upload won’t function if the above conditions are not met.type="file"
property of the <input>
tag is present. As mentioned above, the input from the form is sent to a file called uploadfile.php, which we’ll make next.The uploading code is located in the uploadfile.php file:
<?php $directory_name = "uploads/"; $file_name = $directory_name . basename($_FILES["Upload_file"]["name"]); $upload_file = 1; $imageFileType = strtolower(pathinfo($file_name, PATHINFO_EXTENSION)); // Determine whether the image file contains real or false images. if (isset($_POST["submit"])) { $img_chk = getimagesize($_FILES["Upload_file"]["tmp_name"]); if ($img_chk !== false) { echo "Check image - " . $img_chk["mime"] . "."; $upload_file = 1; } else { echo "It’s not an image."; $upload_file = 0; } } ?>
Explanation
The stored File’s location is specified by the value of $directory_name
, which is “uploads/.”
The $file_name
specifies the uploading file’s path. Yet to be utilized is $upload_file =1
(will be used later). Variable $imageFileType
(in lowercase) that stores the file extension. Next, verify whether the image file contains an actual or bogus image.
We can include certain constraints as we want. For Example:
We can check if the file already exists in the “uploads” folder. If it does, $upload_file
is set to 0, and an error message is displayed. Also, we can limit the uploaded file size to prevent larger files from being uploaded. $upload_file
is set to 0, and an error message is displayed if the File is more extensive than 400 KB.