Tags in programming
Syndicate
Uploading Files with PHP
You can use a browser to upload files with PHP. The files can be either text and binary files. PHP has several file manipulation functions, that allow you to control what you do with a file once it has been uploaded, how large the file to be uploaded should be, where it should go after being uploaded etc.
To upload files, create a file upload form:
Example:
<FORM ENCTYPE="multipart/form-data" ACTION="somephpscript.php3" METHOD=POST> <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000"> Send this file: <INPUT NAME="userfile" TYPE="file"> <INPUT TYPE="submit" VALUE="Send File"> </FORM>
The MAX_FILE_SIZE hidden field must precede the file input field and its value is the maximum filesize accepted. The value is in bytes. (The MAX_FILE_SIZE cannot be larger than the file size that has been set for the upload_max_filesize directive in PHP.ini, or for php_upload_max_filesize directive in Apache .conf. The default is 2 Megabytes.)
If your file upload is successful you will then be able to access the value of the following variables:
$userfile - The temporary filename in which the uploaded file was stored on the server machine.
$userfile_name - The original name of the file on the sender's system.
$userfile_size - The size of the uploaded file in bytes.
$userfile_type - The mime type of the file if the browser provided this information. An example would be "image/gif".
Note that the "$userfile" part of the above variables is whatever the name of the INPUT field of TYPE=file is in the upload form. In the above upload form example, we chose to call it "userfile".
Files will by default be stored in the server's default temporary directory. This can be changed by setting the environment variable TMPDIR in the environment in which PHP runs. Setting it using a PutEnv() call from within a PHP script will not work though.
The PHP script which receives the uploaded file should implement whatever logic is necessary for determining what should be done with the uploaded file. You can for example use the $file_size variable to throw away any files that are either too small or too big. You could use the $file_type variable to throw away any files that didn't match a certain type criteria. Whatever the logic, you should either delete the file from the temporary directory or move it elsewhere.
The file will be deleted from the temporary directory at the end of the request if it has not been moved away or renamed. The directory that you want to move your files to should be read/write/executable by everyone - chmod=777
The upload script:
HTML and PHP Code:
<?php /* Uploads only GIF or JPEG images, checks to make sure the image you're trying to upload is the right file type.*/ function do_upload () { global $uploadfile, $uploadfile_name, $uploadfile_type, $uploadfile_size; global $local_file, $error_msg; //if a file name isn't in the input field on the HTML form, output error message if ( $uploadfile == "" ¦¦ $uploadfile == "none" ) { $error_msg .= "You did not specify a file for uploading."; } //if file specified isn't a gif/jpeg, output error message if (($uploadfile_type != "image/gif") && ($uploadfile_type != "image/jpeg") && ($uploadfile_type != "image/pjpeg")) { $error_msg .= "Your file is not a web graphic (GIF/JPG).\n"; } // Change $upload_dir to the directory that you have write permission (777) for on your server $upload_dir = "/usr/home/docs/somedir"; $local_uploadfile = "$upload_dir/$uploadfile_name"; //if there's no error, print info about the uploaded file if (!$error_msg && copy($uploadfile, $local_uploadfile)){ echo "Image: <p> Temporary Filename = $uploadfile ($uploadfile_name)<BR>File Size = $uploadfile_size bytes <BR>File Type = $uploadfile_type <BR>File Location on the server = $local_uploadfile<BR>\n"; } echo display_page($error_msg); } function display_page($error_msg){ global $uploadfile_name; $error_msg = ereg_replace("n","<BR>n ",$error_msg); $out = "Processing...<BR>\n"; if ($error_msg){ $out .= "Errors occurred with Image:<BR>\n" .$error_msg."n"; } else{ $out .= "Image upload successful.<P><a href=$uploadfile_name>$uploadfile_name</a>\n"; } return $out; } if (!$uploadfile){ ?>
<HTML> <HEAD> <TITLE>Upload Your File</TITLE> </HEAD> <BODY> <FORM ACTION="<? print $PHP_SELF; ?>" ENCTYPE="multipart/form-data" METHOD=POST> <INPUT TYPE="HIDDEN" NAME="MAX_FILE_SIZE" VALUE="2000000"> <INPUT TYPE="FILE" NAME="uploadfile" SIZE="24" MAXLENGTH="80"> <INPUT TYPE="SUBMIT" VALUE="Upload File!" NAME="sendit"> <INPUT TYPE="SUBMIT" VALUE="Cancel" NAME="cancelit"> </FORM> <I><FONT SIZE="2"> (You may notice a slight delay while we upload your file.) </FONT> </BODY> </HTML>
<?php } else { if ( $sendit ){ ?>
<HTML> <HEAD> <TITLE>Result of File Upload Attempt</TITLE> </HEAD> <BODY BGCOLOR='white' TEXT='black'>
<?php if ( $error_msg ){ echo "<B>$error_msg</B><BR>"; } do_upload(); ?> <code> </BODY> </HTML> </code> <?php } elseif ( $cancelit ){ //redirect to another page if cancel button is pressed instead of submit header ( "Location: $some_other_page" ); exit; } } ?>
See it in action. ¦ Get complete code.
Last updated 2009-02-26.