It’s easy to upload your files to server but with ease it comes danger so be careful when allowing file uploads.
Set Up “php.ini” File
Search for file_uploads directive in your “php.ini” File and make it On :
file_uploads = On
And now,
Create HTML FORM : which allows user to choose the file they want to upload
For the HTML upload form make sure that you use method=”post” and enctype=”multipart/form-data”. Because without these file upload won’t work.
<!DOCTYPE html> <html> <body> <form action="fileToupload.php" method="post" enctype="multipart/form-data"> Select an Image To Upload:- <input type="file" name="fileToUpload" id="fileToUpload"> <input type="submit" value="Upload Image" name="submit"> </form> </body> </html>
Output :
Make Upload File PHP Script
<?php $target_dir = "uploads/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION); // Check if image file is a actual image or fake image if(isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if($check !== false) { echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { echo "File is not an image."; $uploadOk = 0; } } ?>
In above code,
- “$target_file” defines path of file to be uploaded
- “$uploadOk=1” will be used later.
- “$target_dir = uploads/” – defines directory where file is going to be placed
- “$imageFileType” holds file extension of the file.
Check If File Already Exists
At first, lets check if file already exists in “uploads” folder. If it exists then, Error Message is shown, and $uploadOk is set to 0:
//To check if file already exists or not if (file_exists($target_file)) { echo "Sorry, the file already exists."; $uploadOk = 0; }
Limit File Size & Type
Now to check size of the file if its greater than 500kb; error message will be shown and $uploadOk is set to 0.
// To check file size if ($_FILES["fileToUpload"]["size"] > 500000) { echo "Sorry, your file is too large."; $uploadOk = 0; }
Given Code allows users to upload only JPEG, JPG, GIF, & PNG files. If other file types are uploaded then it shows error message before setting $uploadOk to 0:
// To allow certain file formats if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) { echo "Sorry, only JPEG, JPG, GIF & PNG files are allowed."; $uploadOk = 0; }
At Last, Combining all those above code. Here’s a full Fill Upload PHP Script:
<?php $target_dir = "uploads/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION); // To check if image file is actual or fake image if(isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if($check !== false) { echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { echo "File is not an image."; $uploadOk = 0; } } // To check if file already exists if (file_exists($target_file)) { echo "Sorry, the file already exists."; $uploadOk = 0; } //To check the file size if ($_FILES["fileToUpload"]["size"] > 500000) { echo "Sorry, your file is too large."; $uploadOk = 0; } // To allow certain file formats if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) { echo "Sorry, only JPEG, JPG, GIF & PNG files are allowed."; $uploadOk = 0; } // To check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Sorry, your file was not uploaded."; } else { if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded."; } else { echo "Sorry, there was an error uploading your file."; } } ?>