PHP File Upload
Introduction
File uploading is an essential feature for many web applications. Whether you're building a social media platform that allows users to share images, a document management system, or a simple contact form with attachments, understanding how to handle file uploads in PHP is a valuable skill.
In this tutorial, we'll learn how to:
- Create HTML forms that support file uploads
- Process uploaded files using PHP
- Implement validation and security checks
- Save uploaded files to the server
- Handle common errors and edge cases
Prerequisites
Before diving into file uploads, you should have:
- Basic knowledge of HTML forms
- Familiarity with PHP syntax and server-side processing
- A web server with PHP installed
Creating a File Upload Form
To allow users to upload files, we need to create an HTML form with the following requirements:
- The form's
enctype
attribute must be set tomultipart/form-data
- The form's
method
must bePOST
- The form must include an
<input type="file">
element
Here's a basic file upload form:
<!DOCTYPE html>
<html>
<head>
<title>File Upload Form</title>
</head>
<body>
<h2>Upload a File</h2>
<form action="upload.php" method="post" enctype="multipart/form-data">
<label for="fileToUpload">Select file:</label>
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" name="submit" value="Upload File">
</form>
</body>
</html>
Key Form Attributes Explained
enctype="multipart/form-data"
: This attribute is crucial for file uploads as it specifies how the form data should be encoded when submitted to the server. Without this attribute, file data won't be transmitted properly.method="post"
: File uploads can be large, so we use POST rather than GET to avoid URL length limitations.<input type="file">
: This creates the file selection control that allows users to browse their device for files.
Processing File Uploads in PHP
When a user submits a form with a file, PHP stores the uploaded file information in the $_FILES
superglobal array. Let's create a PHP script (upload.php
) to handle the uploaded file:
<?php
// Check if the form was submitted
if(isset($_POST["submit"])) {
// Information about the uploaded file
$fileName = $_FILES["fileToUpload"]["name"];
$fileType = $_FILES["fileToUpload"]["type"];
$fileSize = $_FILES["fileToUpload"]["size"];
$fileTmpName = $_FILES["fileToUpload"]["tmp_name"];
$fileError = $_FILES["fileToUpload"]["error"];
// Display file information
echo "<h3>File Information:</h3>";
echo "File Name: " . $fileName . "<br>";
echo "File Type: " . $fileType . "<br>";
echo "File Size: " . ($fileSize / 1024) . " KB<br>";
// Check if there was an error during upload
if($fileError === 0) {
// Specify the directory where you want to save the uploaded file
$uploadDir = "uploads/";
// Create the directory if it doesn't exist
if(!file_exists($uploadDir)) {
mkdir($uploadDir, 0777, true);
}
// Generate the file path where the file will be saved
$filePath = $uploadDir . $fileName;
// Move the uploaded file from the temporary location to the desired location
if(move_uploaded_file($fileTmpName, $filePath)) {
echo "The file " . $fileName . " has been uploaded successfully.";
} else {
echo "Sorry, there was an error uploading your file.";
}
} else {
echo "Error: " . $fileError;
}
}
?>