DJ Mike's Tutorials: PHP

< ^ >

Uploading Files Pt.2

When files are submitted to an upload form, they are uploaded into a temporary directory and a multidimensional array containing information about them is returned. These files are temporary and must be copied to another location. The form below would return an array something like the array below it.



<form method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="600000">
<input type="file" name="file_upload">
<input type="submit">
</form>


Array 

    [file_upload] => Array 
        ( 
            [name] => picture.jpeg 
            [type] => image/jpeg 
            [tmp_name] => /tmp/phpqvQGM2 
            [error] => 0 
            [size] => 101598 

        ) 
)


$_FILES Array
Index Meaning
name Original name of the file
type MIME type of the file
size Size of file in bytes
tmp_name Temporary file name used by server.
error Error code


Error Code Meanings
Value Meaning
0 There is no error
1 The uploaded file exceeds the upload_max_filesize directive in php.ini.
2 The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.
3 The uploaded file was only partially uploaded.
4 No file was uploaded.
5 (not used)
6 Missing a temporary folder. Introduced in PHP 4.3.10 and PHP 5.0.3.
7 Failed to write file to disk. Introduced in PHP 5.1.0.
8 File upload stopped by extension. Introduced in PHP 5.2.0.


You can if ( $_FILES[file_name][error] > 0 ) to see if there was an error followed by a switch statement to tell the user what the error was. If the files passes the error check, you can use the values in the $_FILES array to filter user input. For example, if you only want image files entered into the form above, you can make an array of image MIME types and reject any file that doesn't have a MIME type in that array.



<?
if ( $_FILES[file_upload][type] )
{
$type strtolower($_FILES[file_upload][type]);
echo "MIME = <br>";
$allowed = array( "image/jpeg""image/jpg""image/gif""image/png""image/x-png""image/pjpeg" );
if ( !in_array$type$allowed) )
{ die("<center><h1>File type  is not allowed</h1></center>"); }
}
?>



Example
<?
######################################
# change password to your own.
# set path to your uploads directory.
# upload directory must have 777 permissions.
######################################
$password "your_password";
$path "uploads/";
######################################
session_start();

#### log out
$self "$_SERVER[PHP_SELF]";
if ( isset($_POST[logout]) )
{
$_SESSION[pass] = "";
header("location:$self");
exit;
}
####

#### log in
if ( $_POST[pass] == "$password
{
$_SESSION[pass] = "$password";
header("location:$self");
exit;
}
?>
<html>
<head>
<style>
.error { color:red; font-weight:bold; text-align:center; }
</style>
</head>
<body>
<form method="post">
<center>
<input type="password" name="pass" value="<? echo $_SESSION[pass]; ?>" />
<input type="submit" value="Log In" />
<input type="submit" name="logout" value="Log Out" />
</center>
</form>
<?
# Hide upload form if not logged in.
if ( $_SESSION[pass] != "$password
{
echo "</body></html>";
exit;
}
?>
<hr>
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="600000">
<input type="file" name="file_upload"><br />
Rename to: <input type="text" name="file_name"><br />
<input type="submit">
</form>

<?
######## start file check ########
if ( $_FILES )

######## check for errors ########
if ( $_FILES[file_upload][error] > )
{
echo "<div class=\"error\">
The file could not be upoaded because ";
switch ( $_FILES[file_upload][error] )
{
case 1:
echo "the file is too big.";
break;
case 2:
echo "the file is too big.";
break;
case 3:
echo "the file was only partially uploaded.";
break;
case 4:
echo "no file was uploaded.";
break;
case 6:
echo "no temporary folder was available.";
break;
case 7:
echo "unable to write to disk.";
break;
case 8:
echo "file upload stopped";
break;
default:
echo "a system error occured.";
# end of switch
echo "</div></body></html>";
exit;
}  # end if files > 0
################

#### check file type ####
$type strtolower($_FILES[file_upload][type]);
$allowed = array( "image/jpeg""image/jpg""image/gif""image/png""image/x-png""image/pjpeg" );
if ( !in_array$type$allowed) )

echo "<div class=\"error\">File type $type is not allowed</h1></div>
</body></html>";
exit; 
# end allowed check
####

#### check original file name ####
$old_name trim($_FILES[file_upload][name]);
$old_name preg_replace("@[^\w\.]@""_"$old_name );
####

#### check new file name ####
if ( !empty($_POST[file_name]) )
{
$file_name trim("$_POST[file_name]");
$file_name preg_replace("@[^\w\.]@""_"$file_name);
}
# if no new name then name = original name
else { $file_name $old_name; }
####

#### end file check

#### move temporary file ####
if ( move_uploaded_file$_FILES[file_upload][tmp_name], "$path$file_name) )

echo "<a href=\"$path$file_name\">$path$file_name</a>";
}
################
}
?>

</body>
</html>

< ^ >


Created by DJ Mike from Santa Barbara

DJ Mike


Dance Away Santa Barbara's Home Page
<a href="http://www.statcounter.com/" target="_blank"> <img src="http://c5.statcounter.com/counter.php?sc_project=1321035&java=0&security=da2193dc" alt="counter free hit invisible" border="0" /></a>