Basic file upload using PHP

Source:www.opentechguides.com | Date Published: 2014-08-04 17:38:00

There are numerous instances where you need to allow your website users to upload pictures, videos, documents etc.,. This article shows you how to add a basic file upload functionality to your website using PHP.

Functional Description


Implementation Method

The steps to implement the above described functionality using PHP and HTML can be divided into three main sections.

1. Configure php.ini for file upload

The php.ini file contains a few directives that control the upload functionality. The most important directive is file_uploads.

Open php.ini file in a text editor and set the value of file_uploads directive to On to enable file uploads. The other parameters to be considered are :

The sample php.ini file shown below enables file upload, sets maximum file size to 2MB and maximum number of files that can be uploaded in a single request to 5. The upload_tmp_dir directive is disabled hence the system default temporary folder will be used.

php.ini file

; Whether to allow HTTP file uploads.
file_uploads = On

; Temporary directory for HTTP uploaded files (will use system default if not specified).
;upload_tmp_dir =

; Maximum allowed size for uploaded files.
upload_max_filesize = 2M

; Maximum number of files that can be uploaded via a single request
max_file_uploads = 5

2. HTML Page

The HTML page contains a label and two input elements, one of type file and another of type submit, inside a form element. The user input data is send to the server using HTTP post method.

The following is the HTML page we use for this illustration.

upload.html

<!DOCTYPE html>
<html>
<head>
	<title>Open Tech Guides - File Upload Demo</title>
</head>
<body>
<form enctype="multipart/form-data" action="file_upload.php" method="post" >
  <label for="file">Select file to upload :</label>
  <input name="fname" type="file" id="file">
  <input type="submit" value="Upload" name="submit" />
</form>
</body>
</html>

2. PHP Script

The PHP scripts first checks the error index of $_FILES array and if it is zero then the uploaded file is moved from its temporary location to a permanent location (In this case it is the same location where the PHP script resides). An upload successful message is displayed to the user along with the filename and size.

In case of error, i.e. , $_FILES['fname']['error'] > 0, the error code is analysed further and appropriate messages are displayed for file size greater than the upload_max_filesize in php.ini (2MB) and when user clicks the upload button without selecting a file. For all other kind of errors a "Upload failed" message is displayed.

file_upload.php

<?php
    if ($_FILES['fname']['error'] == 0 ) {
	move_uploaded_file($_FILES['fname']['tmp_name'], $_FILES['fname']['name']);
	echo "File uploaded successfully !!! <br />";
	echo "Filename : ". $_FILES['fname']['name'])."<br />";
	echo "Size : " . $_FILES['fname']['size']  . "<br />";
	}
    
    else {
	switch ($_FILES['fname']['error']) {
	     case UPLOAD_ERR_NO_FILE:
             	echo "Select a file to upload.";
         	break;
	 
	     case UPLOAD_ERR_INI_SIZE:
         	echo "The file size exceeds upload_max_filesize in php.ini";
         	break;
 	
 	     default:
	 	echo "Upload failed";
                break;
	}
    }
?>

The above PHP script is only for demo purpose and not recommended for production environments as the file upload feature poses various security threats which are not considered in this script.


Open Tech Guides | www.opentechguides.com