PHP File Upload

In this tutorial you'll learn how to upload a file to the remote web server with PHP.

Uploading Files with PHP

In this tutorial we will learn how to upload files on remote server using a Simple HTML form and PHP. You can upload any kind of file like images, videos, ZIP files, Microsoft Office documents, PDFs, as well as executables files and a wide range of other file types.

Crating a HTML form to upload the file

The following example will create an simple HTML form that will be used to upload files.

  • <!DOCTYPE html>
  • <html lang="en">
  • <head>
  •     <meta charset="UTF-8">
  •     <title>File Upload Form</title>
  • </head>
  • <body>
  •     <form action="upload_manager.php" method="post" enctype="multipart/form-data">
  •         <h2>Upload File</h2>
  •         <label for="fileSelect">Filename:</label>
  •         <input type="file" name="photo" id="fileSelect"><br>
  •         <input type="submit" name="submit" value="Upload">
  •     </form>
  • </body>
  • </html>
 

Note:In addition to a file-select field the upload form must use the post method and must contain an enctype="multipart/form-data" attribute. This attribute ensures that the form data is encoded as mulitpart MIME data — which is required for uploading the large quantities of binary data such as files.

Processing the uploaded file

Once the form is submitted information about the uploaded file can be accessed via PHP superglobal array called $_FILES. For example, our upload form contains a file select field called photo (i.e. name="photo"), if any user uploaded a file using this field, we can obtains its details like the name, type, size, temporary name or any error occurred while attempting the upload via the $_FILES["photo"] associative array, like this:

  • $_FILES["photo"]["name"] — This array value specifies the original name of the file, including the file extension. It doesn't include the file path.
  • $_FILES["photo"]["type"] — This array value specifies the MIME type of the file.
  • $_FILES["photo"]["size"] — This array value specifies the file size, in bytes.
  • $_FILES["photo"]["tmp_name"] — This array value specifies the temporary name including full path that is assigned to the file once it has been uploaded to the server.
  • $_FILES["photo"]["error"] — This array value specifies error or status code associated with the file upload.

The PHP code in the following example simply displays the details of the uploaded file and stores it in a temporary directory on the server.

Example

Download
  • <?php
  • if($_FILES["photo"]["error"] > 0){
  •     echo "Error: " . $_FILES["photo"]["error"] . "<br>";
  • } else{
  •     echo "File Name: " . $_FILES["photo"]["name"] . "<br>";
  •     echo "File Type: " . $_FILES["photo"]["type"] . "<br>";
  •     echo "File Size: " . ($_FILES["photo"]["size"] / 1024) . " KB<br>";
  •     echo "Stored in: " . $_FILES["photo"]["tmp_name"];
  • }
  • ?>
 

Tip:Once a file has been successfully uploaded, it is automatically stored in a temporary directory on the server. To use this file, or store it on a permanent basis, you need to move it from the temporary directory to a permanent location using the PHP's move_uploaded_file() function.

In the following example we will store the uploaded file in a upload folder on permanent basis as well as implement some basic security check like file type and file size to ensure that users upload the correct file type and within the allowed limit.

Example

Download
  • <?php
  • if(isset($_FILES["photo"]["error"])){
  •     if($_FILES["photo"]["error"] > 0){
  •         echo "Error: " . $_FILES["photo"]["error"] . "<br>";
  •     } else{
  •         $allowed = array("jpg" => "image/jpg", "jpeg" => "image/jpeg", "gif" => "image/gif", "png" => "image/png");
  •         $filename = $_FILES["photo"]["name"];
  •         $filetype = $_FILES["photo"]["type"];
  •         $filesize = $_FILES["photo"]["size"];
  •     
  •         // Verify file extension
  •         $ext = pathinfo($filename, PATHINFO_EXTENSION);
  •         if(!array_key_exists($ext, $allowed)) die("Error: Please select a valid file format.");
  •     
  •         // Verify file size - 5MB maximum
  •         $maxsize = 5 * 1024 * 1024;
  •         if($filesize > $maxsize) die("Error: File size is larger than the allowed limit.");
  •     
  •         // Verify MYME type of the file
  •         if(in_array($filetype, $allowed)){
  •             // Check whether file exists before uploading it
  •             if(file_exists("upload/" . $_FILES["photo"]["name"])){
  •                 echo $_FILES["photo"]["name"] . " is already exists.";
  •             } else{
  •                 move_uploaded_file($_FILES["photo"]["tmp_name"], "upload/" . $_FILES["photo"]["name"]);
  •                 echo "Your file was uploaded successfully.";
  •             } 
  •         } else{
  •             echo "Error: There was a problem uploading your file - please try again."; 
  •         }
  •     }
  • } else{
  •     echo "Error: Invalid parameters - please contact your server administrator.";
  • }
  • ?>
 
Close

Your Feedback:

 

We would love to hear from you! Please say something.