Wrox Programmer Forums
Go Back   Wrox Programmer Forums > PHP/MySQL > PHP FAQs
Reload this Page Q. How do I upload a file to a directory?
|
PHP FAQs This moderated forum is where our PHP experts answer some of the questions they see asked most frequently in the other PHP forums. You cannot post other messages here, use the other PHP forums for that.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the PHP FAQs section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old April 8th, 2004, 05:47 AM
richard.york's Avatar
Wrox Author
  
Join Date: Jun 2003
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
Default Q. How do I upload a file to a directory?
The following outlines all the necessary steps needed to upload a file to the server, and then relocate the file to another directory.

Also see the FAQ on permissions at:
http://p2p.wrox.com/topic.asp?TOPIC_ID=11962

Permissions must be set on the destination directory before this method will work.

Basically only two fields are required to upload a file, a 'file' input field, and a 'MAX_FILE_SIZE' hidden field. The latter isn't really required, but will prevent the user from trying to upload a file that is too large on the client-side. This can be easily circumvented by the user and should be accompanied by server-side file validation. It accepts a file size in Bytes, I have set this to accept a file of 10000 bytes, or roughly 10KB. One attribute *must* also appear in the form tag to trigger the browser to upload data, and that is: enctype='multipart/form-data'.

The following should be pretty straight forward:

Code:
<?php
    //upload2dir.php

        echo "<html>\n",
             "    <head>\n",
             "        <title>UPLOAD TO A DIRECTORY</title>\n",
             "    </head>\n",
             "    <body>\n";

    if (!isset($_POST['do_action']))
    {

        echo "        <form action='{$_SERVER['PHP_SELF']}' method='post' enctype='multipart/form-data'>\n",
             "            <input type='file' name='userfile' />\n",
             "            <input type='hidden' name='MAX_FILE_SIZE' value='10000' />\n",
             "            <input type='submit' name='do_action' value='Upload' />\n",
             "        </form>\n";
    }
    else
    {
        // You may also use if (is_uploaded_file($_FILES['userfile']['tmp_name']))
        // IMO using if isset is an identical test

        if (isset($_FILES['userfile']['tmp_name']))
        {
            // In this line I'm examining the file size and the MIME type of the file
            // to verify that the file is in the acceptable size range and is a jpeg
            // image.  MIME type testing isn't foolproof, it is possible to spoof this.
            // The size testing, however, is not spoofable.

            if (($_FILES['userfile']['size'] <= 10000) && ($_FILES['userfile']['type'] == 'image/jpeg' || $_FILES['userfile']['type'] == 'image/pjpeg'))
            {
                // Give the file a new name to prevent one user from overwriting files 
                // uploaded by another. mktime(), which creates a UNIX timestamp in 
                // addition to the user name is good for this.

                $new_file_name = mktime().'.jpg';

                // $_SERVER['DOCUMENT_ROOT'] will provide an absolute path to the base directory
                // fill in the rest of the path from there, if necessary.
                // echo the value of $_SERVER['DOCUMENT_ROOT'] to do this!

                $file_path     = '/images/users/'.$new_file_name;

                if (move_uploaded_file($_FILES['userfile']['tmp_name'], $_SERVER['DOCUMENT_ROOT'].$file_path))
                {
                    echo "Upload successful!<br /><br />\n";
                    echo 'File: '.$_FILES['userfile']['name'].' ('.$_FILES['userfile']['size'].") Bytes<br />\n";
                    echo "Renamed: $new_file_name<br />\n";
                }
                else
                {
                    echo 'Upload failed: There was likely a permissions error.';
                }
            }
            else
            {
                echo 'Upload failed: File must be a JPEG file type and 10KB or less in size';
            }
        }
        else
        {
            echo 'Upload failed: A valid file has not been uploaded!';
        }
    }

        echo "    </body>\n",
             "</html>";
?>
Also have a look at:
http://www.php.net/manual/en/feature...ad.post-method

Which explains the $_FILES superglobal and the information available in it.





Similar Threads
Thread Thread Starter Forum Replies Last Post
Filter File Types in ASP.NET File Upload ramuis78 ASP.NET 2.0 Basics 2 May 31st, 2007 10:50 AM
File Upload question - source directory turklet Beginning PHP 1 February 23rd, 2007 10:06 AM
Whole Folder upload(Multi file Upload) ramasamy_rams XML 1 September 9th, 2005 12:43 PM
JSP file upload and delete file pandjie JSP Basics 0 January 29th, 2005 10:49 PM
file/directory iteration nbryson C# 5 August 1st, 2003 05:30 PM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.