PHP File Upload

PHP can be used to receive files from any RFC-1867 compliant browser. This can be used to upload both text and binary files from browsers. See the file upload html form below:

<form enctype=”multipart/form-data” action=”handle_upload.php” method=”post”>
 <input type=”hidden” name=”MAX_FILE_SIZE” value=”30000″>
 Select File: <input name=”myfile” type=”file”>
 <input type=”submit” value=”Upload”>

  • MAX_FILE_SIZE hidden field restrict the maximum filesize accepted in bytes and must precede the file input field
  • enctype=”multipart/form-data” is used to handle file uploads and file will be uploaded as MIME data streams. Otherwise the file upload will not work.

The Variables, in PHP script which receives file upload, differs depending on the PHP version and configuration. The $_FILES exists as of PHP 4.1.0 The $HTTP_POST_FILES array has existed since PHP 4.0.0. These arrays hold uploaded file information. Using $_FILES is preferred.
The contents of $_FILES from above script is as follows.

  • $_FILES[‘myfile’][‘name’] The original name of the file on the client machine.
  • $_FILES[‘myfile’][‘type’] The mime type of the file, if the browser provided this information. An example would be “image/gif”.
  • $_FILES[‘myfile’][‘size’] The size, in bytes, of the uploaded file.
  • $_FILES[‘myfile’][‘tmp_name’] The temporary filename of the file in which the uploaded file was stored on the server.
  • $_FILES[‘myfile’][‘error’] Since PHP 4.2.0, PHP returns an appropriate following error code along with the file array
    UPLOAD_ERR_OK – Value: 0; There is no error, the file uploaded with success.
    UPLOAD_ERR_INI_SIZE Value: 1; The uploaded file exceeds the upload_max_filesize directive in php.ini.
    UPLOAD_ERR_FORM_SIZE Value: 2; The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.
    UPLOAD_ERR_PARTIAL Value: 3; The uploaded file was only partially uploaded.
    UPLOAD_ERR_NO_FILE Value: 4; No file was uploaded.

Uploaded Files will by default be stored in the server’s default temporary directory. Variable $_FILES[‘myfile’][‘tmp_name’] will hold the info about where it is stored. The move_uploaded_file function needs to be used to store the uploaded file to the correct location. See the code below:

$uploaddir = “uploads/”;
$uploadfile = $uploaddir . basename( $_FILES[‘myfile’][‘name’]);

if(move_uploaded_file($_FILES[‘myfile’][‘tmp_name’], $uploadfile))
  echo “The file has been uploaded successfully”;
  echo “There was an error uploading the file”;


12 Responses to PHP File Upload

  1. Hey, good article, i didn’t know about MAX_FILE_SIZE.. I always thought that we have to check file size at the server side, suddenly life has became so much easier.. 🙂

  2. avinash lakhan says:

    $allowed_ext = “jpg, JPG, gif, GIF, png, PNG, jpeg, JPEG, bmp, BMP”;
    $extension = pathinfo($_FILES[‘image_name’][‘name’]);
    $extension = $extension[extension];
    $allowed_paths = explode(“, “, $allowed_ext);
    for($i = 0; $i $max_size) {
    $error[]=”File Size is too Big!”;
    // Check Height & Width
    if ($max_width && $max_height) {
    list($width, $height, $type, $w) = getimagesize($_FILES[‘image_name’][‘tmp_name’]);
    if($width > $max_width || $height > $max_height) {
    $error[]=”File Height and/or Width are too Big!”;
    }else {
    if($extension) {
    $error[]=”.$extension is not a proper extension!”;
    }else $error[]=”Select File to Upload”;
    }else {
    if(empty($action)) {
    //$error[]=”Select Product File to Upload”;
    $error[]=’* All Fields are Mandetory’;

    if($error) return $error=implode(”,$error);

  3. atanok says:

    Abhijeet Pathak, yeah, because client side size checks are *totally* not going to be bypassed, right?

    Keep doing server-side checks, client-side is there to avoid unintentional mistakes.

  4. Prvi bosansko-hercegovački forum za web dizajn i web razvoj……

    […]PHP File Upload « PHP Programming[…]…

  5. hosting, webhosting, webspace, webserver, backup, file exchange, bandwidth, free download, free downloads, free upload, upload, uploading, download, downloads, mp3, movies, music, videos, shareware, remote desktop, file synchronization, flirt, downlo…

    […]PHP File Upload « PHP Programming[…]…

  6. THE CATS | Intenet marketing agencija…

    […]PHP File Upload « PHP Programming[…]…

  7. Millie says:

    Attractive section of content. I just stumbled upon your blog and in accession
    capital to assert that I acquire in fact enjoyed account your blog posts.

    Anyway I will be subscribing to your feeds and even I achievement you access consistently quickly.

  8. I’m gone to tell my little brother, that he should also pay a visit this web site on regular basis to get updated from latest information.

  9. It’s a shame you don’t have a donate button! I’d most certainly donate to this brilliant blog! I guess for now i’ll settle for book-marking and adding your RSS feed to my Google account.
    I look forward to brand new updates and will talk about this
    website with my Facebook group. Chat soon!

  10. WalterSek says:

    On top of the full array of purses, there exists a difference between

    United states Roulette and Western Roulette. The values from the greeting cards is set

    when purchased in American citizen roulette. In such cases, game enthusiasts have potato chips

    that share the same value. But Western Roulette chips keep unaffected

    standard. Thereby, a player could have a range of ideals french fries.

    The casino site game of roulette is usually to do you know what wide variety do drop primarily

    the golf ball and set how many paris. The car dealership spins the wheel and

    droplets the baseball at the contrary direction in the spinning tire. The tennis ball

    to a particular wide variety as soon as the tire prevents. Players who depend upon these

    numbers to succeed in the around.

  11. softorLibre says:

    На практике переход на операционную платформу Виндовс “десятку” на персональном компьютере или ноутбуке (нетбуке) может быть обусловлен разными причинами. А это видал?
    Например, такого рода переход на OS Windows “десятку” получается в том разе, если был приобретен новенький PC или нетбук/ноутбук.

  12. Selina says:

    Once you’re receiving these within set, not only are you currently getting products by which matched
    up, it is additionally affordable as a result.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: