Simple File Upload System with PHP
In this simple upload system we will just make a single upload with a verification for file extension and size, thus making it a secure way to upload files.
You can use this for Uploading image’s ,PDF’s, Doc any file types make sure you change the necessary parts in the script.
The HTML
This is a simple form with no styles applied to it, as we are mainly concerned with the PHP upload
Make sure to make add enctype="multipart/form-data
to form and type="file"
for the input.With those things all ready to go we are done with the HTML part.
PHP
We will use isset($_FILES['
to make sure some file is selected and we are good to go with the upload.
$_FILES[' ']
is an array with the file information, you can have a look at it with print_r($_FILES['
In $_FILES
This is the output when photo.jpg
was uploaded. The [name] => photo.jpg
is the name of the file. [type] => image/jpeg
is the type of the file, [tmp_name] => C:wamptmpphp8DCE.tmp
tmp_name is the temporary location where the file is uploaded , in what ever server you are running on, We will use move function to move the file to our desired location later. [error] => 0
Its the error variable, we are not using that in this tutorial, [size] => 25667
and the last one is the size of the file, we will use it to make sure that the files above the a certain limit is not uploaded.
if(isset($_FILES['image'])){
$file_name = $_FILES['image']['name'];
$file_size =$_FILES['image']['size'];
$file_tmp =$_FILES['image']['tmp_name'];
$file_type=$_FILES['image']['type'];
$name=$_POST['name'];
$codes=$_POST['code'];
}
Now to get started with verification.
$extensions = array("jpeg","jpg","png");
In here we having an image upload so we need to allow the image extensions. You can add the appropriate extensions that you need.
To get the extension we will use the name as it will have the extension, to extract it we will use PHP explode()
& use end()
. There won’t be any problem even if the file name has a dot in it.
$file_ext=explode('.',$_FILES['image']['name']) ;
$file_ext=end($file_ext);
Extensions can also be in UPPER case or LOWER case to overcome the problem we will get them converted into lower case or upper case as you mentioned in the $extensions
array.
$file_ext=strtolower(end(explode('.',$_FILES['image']['name'])));
With in_array()
you can get it checked extension is present in allowed extension
if(in_array($file_ext,$extensions ) === false){
$errors[]="extension not allowed";
}
We will make an array to store errors and check if the error is empty or not to confirm the upload or echo out the error at the end. To check for size we can use $file_size
to check but, make sure that the size is in bytes.
if($file_size > 2097152){
$errors[]='File size must be less tham 2 MB';
}
Now we have done with the verification part. Now lets move the uploaded file to another folder to user that file in future and display a confirmation message.
To move the file from the tmp_name
to another location we will be using move_uploaded_file()
, here we will move it to images
directory, make sure the directory exist, as move_uploaded_file()
cannot create a directory.
if(empty($errors)==true){
move_uploaded_file($file_tmp,"images/".$file_name);
echo "Success";
}else{
print_r($errors[]);
}
PHP File Upload
That is all, this is not a recommended upload script for any use as there are a lot of loopholes for spammers, this is just for demonstration purpose alone. Now let’s take a look at the full code once again.
2097152){
$errors[]='File size must be excately 2 MB';
}
if(empty($errors)==true){
move_uploaded_file($file_tmp,"images/".$file_name);
echo "Success";
}else{
print_r($errors);
}
}
?>