Simple File Upload System with PHP

In this tutorial we'll create simple image upload with PHP.
Single File Upload  With PHP

In this simple upload system we will just make a single upload with a verification for file extension and size, thus making it a secure way to upload files.

You can use this for Uploading image's ,PDF's, Doc any file types make sure you change the necessary parts in the script.

The HTML

This is a simple forum with no styles applied to it, as we are mainly concerned with the PHP upload


<form action="" method="POST" enctype="multipart/form-data">
    <input type="file" name="image" />
    <input type="submit"/>
</form>

Make sure to make add enctype="multipart/form-data to forum and type="file" for the input.With those things all ready to go we are done with the HTML part.

PHP

We will use isset($_FILES['<name of input>']) to make sure some file is selected and we are good to go with the upload.

$_FILES[' '] is an array with the file information, you can have a look at it with print_r($_FILES['<name of input>'])

In $_FILES

$_FILES description

This is the output when photo.jpg was uploaded. The [name] => photo.jpg is the name of the file. [type] => image/jpeg is the type of the file, [tmp_name] => C:\wamp\tmp\php8DCE.tmp tmp_name is the temporary location where the file is uploaded , in what ever server you are running on, We will use move function to move the file to our desired location later. [error] => 0 Its the error variable, we are not using that in this tutorial, [size] => 25667 and the last one is the size of the file, we will use it to make sure that the files above the a certain limit is not uploaded.


if(isset($_FILES['image'])){
    $file_name = $_FILES['image']['name'];
    $file_size =$_FILES['image']['size'];
    $file_tmp =$_FILES['image']['tmp_name'];
    $file_type=$_FILES['image']['type'];
    $name=$_POST['name'];
    $codes=$_POST['code'];	
}            

Now to get started with verification.


$extensions = array("jpeg","jpg","png");            
            

In here we having an image upload so we need to allow the image extensions. You can add the appropriate extensions that you need.

To get the extension we will use the name as it will have the extension, to extract it we will use PHP explode() & use end(). There won't be any problem even if the file name has a dot in it.


$file_ext=explode('.',$_FILES['image']['name'])	;
$file_ext=end($file_ext);            
            

Extensions can also be in UPPER case or LOWER case to overcome the problem we will get them converted into lower case or upper case as you mentioned in the $extensions array.


$file_ext=strtolower(end(explode('.',$_FILES['image']['name'])));          
            

With in_array() you can get it checked extension is present in allowed extension


if(in_array($file_ext,$extensions ) === false){
	$errors[]="extension not allowed";
}            
            

We will make an array to store errors and check if the error is empty or not to confirm the upload or echo out the error at the end. To check for size we can use $file_size to check but, make sure that the size is in bytes.


if($file_size > 2097152){
	$errors[]='File size must be less tham 2 MB';
}	            
            

Now we have done with the verification part. Now lets move the uploaded file to another folder to user that file in future and display a confirmation message.

To move the file from the tmp_name to another location we will be using move_uploaded_file(), here we will move it to images directory, make sure the directory exist, as move_uploaded_file() cannot create a directory.

if(empty($errors)==true){
    move_uploaded_file($file_tmp,"images/".$file_name);
    echo "Success";
}else{
	print_r($errors[]);
}

PHP File Upload

That is all, this is not a recommended upload script for any use as there are a lot of loopholes for spammers, this is just for demonstration purpose alone. Now let's take a look at the full code once again.


<?php
if(isset($_FILES['image'])){
    $errors= array();
    $file_name = $_FILES['image']['name'];
    $file_size =$_FILES['image']['size'];
    $file_tmp =$_FILES['image']['tmp_name'];
    $file_type=$_FILES['image']['type'];   
    $file_ext=strtolower(end(explode('.',$_FILES['image']['name'])));
    $extensions = array("jpeg","jpg","png"); 		
    if(in_array($file_ext,$extensions )=== false){
     $errors[]="extension not allowed, please choose a JPEG or PNG file."
    }
    if($file_size > 2097152){
    $errors[]='File size must be excately 2 MB';
    }				
    if(empty($errors)==true){
        move_uploaded_file($file_tmp,"images/".$file_name);
        echo "Success";
    }else{
        print_r($errors);
    }
}
?>
<form action="" method="POST" enctype="multipart/form-data">
    <input type="file" name="image" />
    <input type="submit"/>
</form>
Previous:
Next:
Anush

Anush

Anush is a freelance web designer and developer with a passion for interaction design. He founded Tech Stream in mid 2011 to spread the art of web design and programing Skills.

  • Social Links:
comments powered by Disqus