Uploading Files with PHP

Uploading Files with PHP

The HTML Form
This script will allow you to upload files from your browser to your hosting, using PHP. The first thing we need to do is create an HTML form that allows people to choose the file they want to upload.

Please choose a file:

This form sends data to the file "upload.php", which is what we will be creating next to actually upload the file.

Uploading the File

The actual file upload is very simple:



This very small piece of code will upload files sent to it by your HTML form.

1. The first line $target = "upload/"; is where we assign the folder that files will be uploaded to. As you can see in the second line, this folder is relative to the upload.php file. So for example, if your file was at www.yours.com/files/upload.php then it would upload files to www.yours.com/files/upload/yourfile.gif. Be sure you remember to create this folder!

2. We are not using $ok=1; at the moment but we will later in the tutorial.

3. We then move the uploaded file to where it belongs using move_uploaded_file (). This places it in the directory we specified at the beginning of our script. If this fails the user is given an error message, otherwise they are told that the file has been uploaded.

Limit the File Size
if ($uploaded_size > 350000)
{
echo "Your file is too large.
";
$ok=0;
}

Assuming that you didn't change the form field in our HTML form (so it is still named uploaded), this will check to see the size of the file. If the file is larger than 350k, they are given a file too large error, and we set $ok to equal 0.

You can change this line to be a larger or smaller size if you wish by changing 350000 to a different number. Or if you don't care about file size, just leave these lines out.

Limit Files by Type

if ($uploaded_type =="text/php")
{
echo "No PHP files
";
$ok=0;
}

The code above checks to be sure the user is not uploading a PHP file to your site. If they do upload a PHP file, they are given an error, and $ok is set to 0.

if (!($uploaded_type=="image/gif")) {
echo "You may only upload GIF files.
";
$ok=0;
}

In our second example we only allow users to upload .gif files, and all other types are given an error before setting $ok to 0. You can use these basic examples to allow or deny any specific file types.

Putting It Together

350000)
{
echo "Your file is too large.
";
$ok=0;
}

//This is our limit file type condition
if ($uploaded_type =="text/php")
{
echo "No PHP files
";
$ok=0;
}

//Here we check that $ok was not set to 0 by an error
if ($ok==0)
{
Echo "Sorry your file was not uploaded";
}

//If everything is ok we try to upload it
else
{
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
}
else
{
echo "Sorry, there was a problem uploading your file.";
}
}
?>