PHP
01/25/2010 2:32 am By Subhash Vithanapathirana | Articles: 9
Introduction
If you're a regular Internet user, in your everyday life the most common file upload scenario would be when you attach a file into an email. There you are able to browse a file within your file system and upload the file to the server.
If you're a web developer, there can be different instances in your web applications where you need to allow users to upload files to the system. You may want to let users to upload a photograph to complete their profiles in a social networking website, allow users to upload audios/videos/documents in a file sharing system etc. Let's see what it takes to develop such functionality.
File Upload Form
Just as you may have assumed, the first step of file upload functionality is to design the HTML form.
The major point to note in above HTML piece of code is the special “enctype” attribute in form tag. This basically determines how form data is encoded. In any of our examples in previous articles we did not define the “enctype”, the reason being its default value “application/x-www-form-urlencoded” is sufficient for many kinds of data. The exception in this case is having “multipart/form-data” to determine form accepts binary data.
By having above code saved as “upload.htm”, you'll see something like below in browser:
File Upload Script
The next step is the interesting one.. the form handling script; in other words file uploading PHP script which we name as “upload.php” in this example. Here you are able to access the uploaded file, using $_FILES[] superglobal associative array (in a similar way we accessed $_POST, $_SESSION).
Try uploading a simple file in upload.htm and submit. You will get to see the information such as original file name, size of file, MIME type of the file and temporary location of the file you requested to upload in upload.php.
Once you arrive into upload.php, in the background the file you uploaded is stored in a temporary location in the server. For future reference of the file, you will need to move the file into a different location; if not file will be simply destroyed. We make use of move_uploaded_file() PHP built-in function to achieve this.
You only need to specify the temporary path of the file and the destination path and PHP handles all the burden. move_uploaded_file() returns a boolean value, therefore, you're able to determine whether it was a successful upload or not.
If you're using working on a UNIX platform, make sure write permission is granted on your destination directory (i.e uploads/) to avoid errors.
You're free to modify this simple file upload script in many different ways. One important aspect to consider is security. Do not place a simple file upload form as above in a public website or else you'll end up with bulk of unnecessary files filling your server space. It is always wise to validate the file input for file size and file type.
I thought of wrapping up this article with a simple exercise. Imagine you're running a job application processing system and you only accept candidate CV's in MS Word/PDF formats and files not larger than 1MB. [Tips:- MIME-Type File Reference http://www.mimetype.org/ , PHP in_array() function http://php.net/manual/en/function.in-array.php]. In case you need any clarifications, contact me codekadiya at gmail dot com.
Happy coding!
Post new comment