This site is mobile accessible. Press the "Tap Here" button to use a different font-size.


Smartphone icons created by Freepik - Flaticon

  • 6.1 PHP Date and Time
  • 6.2 PHP Include Files
  • 6.3 PHP File Handling
  • 6.4 PHP File Open/Read
  • 6.5 PHP File Create/Write
  • 6.6 PHP File Upload
  • 6.7 PHP Cookies
  • 6.8 PHP Sessions
  • 6.9 PHP Filters
  • 6.10 PHP Filters Advanced
  • 6.11 PHP Callback Functions
  • 6.12 PHP JSON
  • 6.13 PHP Exceptions
    •

    6.6 PHP File Upload

  • 1.1 PHP Intro
  • 1.2 PHP Install
  • 1.3 PHP Syntax
  • 1.4 PHP Comments
  • 1.5 PHP Variables
  • 1.5.1 Variables Scope
  • 1.6 PHP Echo / Print
    •
  • 2.1 PHP Data Types
  • 2.2 PHP Strings
  • 2.3 PHP Numbers
  • 2.4 PHP Math
  • 2.5 PHP Constants
  • 2.6 PHP Casting
  • 2.7 PHP Magic Constants
    •
  • 3.1 PHP Operators
  • 3.2 PHP If Else Elseif
  • 3.3 PHP Switch
  • 3.4 PHP Loops
  • 3.4.1 While Loop
  • 3.4.2 Do While Loop
  • 3.4.3 For Loop
  • 3.4.4 Foreach Loop
  • 3.4.5 Break/Continue
  • 3.5 PHP Functions
    •
  • 4.1 PHP Arrays
  • 4.1.1 Indexed Arrays
  • 4.1.2 Associative Arrays
  • 4.1.3 Multidimensional Arrays
  • 4.1.4 Sorting Arrays
  • 4.2 PHP Superglobals
  • 4.2.1 $GLOBALS
  • 4.2.2 $_SERVER
  • 4.2.3 $_REQUEST
  • 4.2.4 $_POST
  • 4.2.5 $_GET
  • 4.3 PHP RegEx
    •
  • 5.1 PHP Form Handling
  • 5.2 PHP Form Validation
  • 5.3 PHP Form Required
  • 5.4 PHP Form URL / E-mail
  • 5.5 PHP Form Complete
    •
  • 6.1 PHP Date and Time
  • 6.2 PHP Include Files
  • 6.3 PHP File Handling
  • 6.4 PHP File Open/Read
  • 6.5 PHP File Create/Write
  • 6.6 PHP File Upload
  • 6.7 PHP Cookies
  • 6.8 PHP Sessions
  • 6.9 PHP Filters
  • 6.10 PHP Filters Advanced
  • 6.11 PHP Callback Functions
  • 6.12 PHP JSON
  • 6.13 PHP Exceptions
    •
  • 7.1 PHP What is OOP
  • 7.2 PHP Classes / Objects
  • 7.3 PHP Constructor
  • 7.4 PHP Destructor
  • 7.5 PHP Access Modifiers
  • 7.6 PHP Inheritance
  • 7.7 PHP Class Constants
  • 7.8 PHP Abstract Classes
  • 7.9 PHP Interfaces
  • 7.10 PHP Traits
  • 7.11 PHP Static Methods
  • 7.12 PHP Static Properties
  • 7.13 PHP Namespaces
  • 7.14 PHP Iterables
    •
  • 8.1 MySQL Database
  • 8.2 MySQL Connect
  • 8.3 MySQL Create DB
  • 8.4 MySQL Create Table
  • 8.5 MySQL Insert Data
  • 8.6 MySQL Get Last ID
  • 8.7 MySQL Insert Multiple
  • 8.8 MySQL Prepared
  • 8.9 MySQL Select Data
  • 8.10 MySQL Where
  • 8.11 MySQL Order By
  • 8.12 MySQL Delete Data
  • 8.13 MySQL Update Data
  • 8.14 MySQL Limit Data
    •
  • 9.1 PHP XML Parsers
  • 9.2 PHP SimpleXML Parser
  • 9.3 PHP SimpleXML - Get
  • 9.4 PHP XML Expat
  • 9.5 PHP XML DOM
    •
  • 10.1 AJAX Intro
  • 10.2 AJAX PHP
  • 10.3 AJAX Database
  • 10.4 AJAX XML
  • 10.5 AJAX Live Search
  • 10.6 AJAX Poll
  • My Poll
    •
    • With PHP, it is easy to upload files to the server.
    • However, with ease comes danger, so always be careful when allowing file uploads!

    Configure The "php.ini" File

    • First, ensure that PHP is configured to allow file uploads.
    • In your "php.ini" file, search for the file_uploads directive, and set it to On:
    file_uploads = On

    Create The HTML Form

    Next, create an HTML form that allow users to choose the image file they want to upload:

    <!DOCTYPE html>
<html>
<body>

<form action="upload.php" method="post" enctype="multipart/form-data">
  Select image to upload:
  <input type="file" name="fileToUpload" id="fileToUpload">
  <input type="submit" value="Upload Image" name="submit">
</form>

</body>
</html>
    • Some rules to follow for the HTML form above:
      • Make sure that the form uses method="post"
      • The form also needs the following attribute: enctype="multipart/form-data". It specifies which content-type to use when submitting the form
    • Without the requirements above, the file upload will not work.
    • Other things to notice:
      • The type="file" attribute of the <input> tag shows the input field as a file-select control, with a "Browse" button next to the input control
    • The form above sends data to a file called "upload.php", which we will create next.

    Create The Upload File PHP Script

    The "upload.php" file contains the code for uploading a file:

    <?php
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
  $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
  if($check !== false) {
    echo "File is an image - " . $check["mime"] . ".";
    $uploadOk = 1;
  } else {
    echo "File is not an image.";
    $uploadOk = 0;
  }
}
?>
    • PHP script explained:
      • $target_dir = "uploads/" - specifies the directory where the file is going to be placed
      • $target_file specifies the path of the file to be uploaded
      • $uploadOk=1 is not used yet (will be used later)
      • $imageFileType holds the file extension of the file (in lower case)
      • Next, check if the image file is an actual image or a fake image
    • Note: You will need to create a new directory called "uploads" in the directory where "upload.php" file resides. The uploaded files will be saved there.

    Check if File Already Exists

    • Now we can add some restrictions.
    • First, we will check if the file already exists in the "uploads" folder. If it does, an error message is displayed, and $uploadOk is set to 0:
    // Check if file already exists
if (file_exists($target_file)) {
  echo "Sorry, file already exists.";
  $uploadOk = 0;
}

    Limit File Size

    • The file input field in our HTML form above is named "fileToUpload".
    • Now, we want to check the size of the file. If the file is larger than 500KB, an error message is displayed, and $uploadOk is set to 0:
    // Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
  echo "Sorry, your file is too large.";
  $uploadOk = 0;
}

    Limit File Type

    The code below only allows users to upload JPG, JPEG, PNG, and GIF files. All other file types gives an error message before setting $uploadOk to 0:

    // Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
  echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
  $uploadOk = 0;
}

    Complete Upload File PHP Script

    The complete "upload.php" file now looks like this:

    <?php
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
  $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
  if($check !== false) {
    echo "File is an image - " . $check["mime"] . ".";
    $uploadOk = 1;
  } else {
    echo "File is not an image.";
    $uploadOk = 0;
  }
}

// Check if file already exists
if (file_exists($target_file)) {
  echo "Sorry, file already exists.";
  $uploadOk = 0;
}

// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
  echo "Sorry, your file is too large.";
  $uploadOk = 0;
}

// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
  echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
  $uploadOk = 0;
}

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
  echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
  if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
    echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
  } else {
    echo "Sorry, there was an error uploading your file.";
  }
}
?>

    Try the PHP File Upload

    Complete PHP Filesystem Reference

    For a complete reference of filesystem functions, go to W3Schools.com complete PHP Filesystem Reference.

    PHP Fundamentals course home
    Module 6. PHP Advanced

    Navigate this module
  • 6.1 PHP Date and Time
  • 6.2 PHP Include Files
  • 6.3 PHP File Handling
  • 6.4 PHP File Open/Read
  • 6.5 PHP File Create/Write
  • 6.6 PHP File Upload
  • 6.7 PHP Cookies
  • 6.8 PHP Sessions
  • 6.9 PHP Filters
  • 6.10 PHP Filters Advanced
  • 6.11 PHP Callback Functions
  • 6.12 PHP JSON
  • 6.13 PHP Exceptions
    •

    Eventually the navigation links, above, will be replaced by these << (previous) and >> (next) buttons below.



    Animated PHP icons used in the buttons provided by ICONS8.COM. Smartphone icons created by Freepik - Flaticon

    Module 6 quiz

    Example files created in this module:
    The PHP Date() Function - Get a Date The PHP Date() Function - Automatic Copyright Year The PHP Date() Function - Get a Time The PHP Date() Function - Get Your Time Zone The PHP Date() Function - Create a Date With mktime() The PHP Date() Function - Create a Date From a String With strtotime() part 1 The PHP Date() Function - Create a Date From a String With strtotime()part 2 The PHP Date() Function - Create Dates From Strings With strtotime() The PHP Date() Function - Count The Number of Days To July 4 With strtotime() PHP Include Files - PHP include Example part 1 PHP Include Files - PHP include Example part 2 PHP Include Files - PHP include Example part 3 PHP Include Files - PHP include Example part 4 PHP Include Files - PHP require Example readfile() fopen() fgets() feof() fgetc() PHP File Handling - PHP readfile() Function PHP File Open/Read - PHP Open File - fopen() PHP File Open/Read - fgets() Read Single Line PHP File Open/Read - feof() Check End-Of-File PHP File Open/Read - fgetc() Read Single Character PHP File Upload PHP Cookies - Create/Retrieve a Cookie PHP Cookies - Modify a Cookie Value PHP Cookies - Delete a Cookie PHP Cookies - Check if Cookies are Enabled PHP Sessions - Start a PHP Session PHP Sessions - Get PHP Session Variable Values part 1 PHP Sessions - Get PHP Session Variable Values part 2 PHP Sessions - Modify a PHP Session Variable PHP Sessions - Destroy a PHP Session PHP Filters - The PHP Filter Extension PHP Filters - Sanitize a String PHP Filters - Validate an Integer PHP Filters - filter_var() and Problem With 0 PHP Filters - Validate an IP Address PHP Filters - Sanitize and Validate an Email Address PHP Filters - Sanitize and Validate a URL PHP Filters Advanced - Validate an Integer Within a Range PHP Filters Advanced - Validate IPv6 Address PHP Filters Advanced - Validate URL That Must Contain QueryString PHP Filters Advanced - Remove Characters With ASCII Value > 127 PHP Callback Functions PHP Callback Functions - Anonymous Function PHP Callback Functions - Callbacks in User Defined Functions PHP and JSON - json_encode() part 1 PHP and JSON - json_encode() part 2 PHP and JSON - json_decode() part 1 PHP and JSON - json_decode() part 2 PHP and JSON - Accessing the Decoded Values part 1 PHP and JSON - Accessing the Decoded Values part 2 PHP and JSON - Looping Through the Values part 1 PHP and JSON - Looping Through the Values part 2 PHP Exceptions - Throwing an Exception PHP Exceptions - The try...catch Statement PHP Exceptions - The try...catch...finally Statement part 1 PHP Exceptions - The try...catch...finally Statement part 2 PHP Exceptions - The Exception Object