Uploading a file, PHP

With PHP you have the power to upload files to the server.


An example code(The client side) :
<html>
<body>

<form action="upload_file.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>

In the HTML code above :

• The enctype attribute of the tag specifies which content-type to use when submitting the form. "multipart/form-data" is used when a form requires binary data, like the contents of a file, to be uploaded
• The type="file" attribute of the input tag specifies that the input should be processed as a file. For example, when viewed in a browser, there will be a browse-button next to the input field

****
An example for the "server side" script

The "upload_file.php" file contains the code for uploading a file:

<?php
 if ($_FILES["file"]["error"] > 0)
  {
  echo "Error: " . $_FILES["file"]["error"] . "<br />";
  }
else
  {
  echo "Upload: " . $_FILES["file"]["name"] . "<br />";
  echo "Type: " . $_FILES["file"]["type"] . "<br />";
  echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
  echo "Stored in: " . $_FILES["file"]["tmp_name"];
  }
?>


By using the global PHP $_FILES array you can upload files from a client computer to the remote server.

The first parameter is the form's input name and the second index can be either "name", "type", "size", "tmp_name" or "error". Like this:

• $_FILES["file"]["name"] - the name of the uploaded file
• $_FILES["file"]["type"] - the type of the uploaded file
• $_FILES["file"]["size"] - the size in bytes of the uploaded file
• $_FILES["file"]["tmp_name"] - the name of the temporary copy of the file stored on the server
• $_FILES["file"]["error"] - the error code resulting from the file upload

This is a very simple way of uploading files. You better add restrictions on what the user is allowed to upload to your sever. Down here you can also see a code which saves the uploaded file to a physical place on server. If you do not save the file, the temporary file will be deleted after the script ends. It also checks if the file already exist.


<?php
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
    if (file_exists("upload/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "upload/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
      }
    }
  }
else
  {
  echo "Invalid file";
  }
?>



Source : W3Schools