X
HOME HTML CSS JAVASCRIPT SQL PHP JQUERY ANGULAR BOOTSTRAP XML ASP.NET MORE...
REFERENCES | EXAMPLES | FORUM | ABOUT

PHP 5 File Upload


With PHP, it is easy to upload files to the server.

However, with ease comes danger, so always be careful when allowing file uploads!


Configure The "php.ini" File

First, ensure that PHP is configured to allow file uploads.

In your "php.ini" file, search for the file_uploads directive, and set it to On:

file_uploads = On


Create The HTML Form

Next, create an HTML form that allow users to choose the file they want to upload:

<form action="upload.php" method="post" enctype="multipart/form-data">
  Please choose a file: <input type="file" name="uploadFile"><br>
  <input type="submit" value="Upload File">
</form>

Some rules to follow for the HTML form above:

  • Make sure that the form uses method="post"
  • The form also needs the following attribute: enctype="multipart/form-data". It specifies which content-type to use when submitting the form

Without the requirements above, the file upload will not work.

Other things to notice:

  • The type="file" attribute of the <input> tag shows the input field as a file-select control, with a "Browse" button next to the input control

The form above sends data to a file called "upload.php", which we will create next.


Create The Upload File PHP Script

The "upload.php" file contains the code for uploading a file:

<?php
$target_dir = "uploads/";
$target_dir = $target_dir . basename( $_FILES["uploadFile"]["name"]);
$uploadOk=1;

if (move_uploaded_file($_FILES["uploadFile"]["tmp_name"], $target_dir)) {
    echo "The file ". basename( $_FILES["uploadFile"]["name"]). " has been uploaded.";
} else {
    echo "Sorry, there was an error uploading your file.";
}
?>

PHP script explained:

  • $target_dir = "uploads/" -  specifies the directory where the file is going to be placed
  • The next line adds the submitted filename to the target directory
  • $uploadOk=1 is not used yet (will be used later)
  • Next, the uploaded file is moved to where it belongs with move_uploaded_file(). The file will be placed in the directory specified at the beginning of the script ($target_dir). If it fails, an error message is displayed

Note: You will need to create a new directory in the directory where "upload.php" resides, called "uploads", as the uploaded files will be saved there.


Check if File Already Exists

Now we can add some restrictions.

First, we will check if the file already exists in the "uploads" folder. If it does, an error message is displayed, and $uploadOk is set to 0:

if (file_exists($target_dir . $_FILES["uploadFile"]["name"])) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}


Limit File Size

The file input field in our HTML form above is named "uploadFile".

We can now use $uploadFile_size to check the size of the file. If the file is larger than 500kb, an error message is displayed, and $uploadOk is set to 0:

if ($uploadFile_size > 500000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}


Limit File Type

The code below checks to be sure the user is NOT uploading a PHP file to your site. If they do upload a PHP file, an error message is displayed , and $uploadOk is set to 0:

if ($uploadFile_type == "text/php") {
    echo "Sorry, no PHP files allowed.";
    $uploadOk = 0;
}

The code below only allows users to upload .gif files. All other types are given an error before setting $uploadOk to 0:

if (!($uploadFile_type == "image/gif")) {
    echo "Sorry, only GIF files are allowed.";
    $uploadOk = 0;
}

Tip:  Use use these basic examples to allow or deny any specific file types.


Complete Upload File PHP Script

The complete "upload.php" file now looks like this:

<?php
$target_dir = "uploads/";
$target_dir = $target_dir . basename( $_FILES["uploadFile"]["name"]);
$uploadOk=1;

// Check if file already exists
if (file_exists($target_dir . $_FILES["uploadFile"]["name"])) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}

// Check file size
if ($uploadFile_size > 500000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}

// Only GIF files allowed
if (!($uploadFile_type == "image/gif")) {
    echo "Sorry, only GIF files are allowed.";
    $uploadOk = 0;
}

// Check if $uploadOk is set to 0 by an error
if ($ok==0) {
    echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["uploadFile"]["tmp_name"], $target_dir)) {
        echo "The file ". basename( $_FILES["uploadFile"]["name"]). " has been uploaded.";
    } else {
        echo "Sorry, there was an error uploading your file.";
    }
}
?>


Complete PHP Filesystem Reference

For a complete reference of filesystem functions, go to our complete PHP Filesystem Reference.



Your suggestion:

Close [X]

Thank You For Helping Us!

Your message has been sent to W3Schools.

Close [X]
Search w3schools.com:

WEB HOSTING

UK Reseller Hosting

WEB BUILDING

Download XML Editor FREE Website BUILDER Free HTML5 Templates

SHARE THIS PAGE

facebook