How to Direct Uploads to Certain Folders Html

Read Time: eleven mins Languages:

In this commodity, I'll explain the basics of file upload in PHP. Firstly, we'll go through the PHP configuration options that need to be in place for successful file uploads. Following that, nosotros'll develop a real-globe instance of how to upload a file.

Configure the PHP Settings

At that place are a couple of PHP configuration settings that yous'll want to bank check beforehand for successful file uploads. In this section, we'll go through every important pick in regards to PHP file upload. These options can be configured in the php.ini file.

If you're not sure where to find yourphp.ini file, you can use thephp_ini_loaded_file() to locate it. Just create a PHP file on your server with the following line, and open it from the browser.

<?php echo php_ini_loaded_file(); ?>

Here'south an excerpt from a setup file with some useful defaults.

; Whether to allow HTTP file uploads. file_uploads = On  ; Temporary directory for HTTP uploaded files. ; Will use organization default if not set. ;upload_tmp_dir =   ; Maximum allowed size for uploaded files. upload_max_filesize = 16M  ; Maximum number of files that can be uploaded via a single request max_file_uploads = xx  ; Maximum size of Mail information that PHP will accept. post_max_size = 20M  max_input_time = sixty memory_limit = 128M max_execution_time = 30

The Key Settings

file_uploads

The value of thefile_uploads directive should exist set toOn to allow file uploads. The default value of this directive isOn.

upload_max_filesize

Theupload_max_filesize directive allows you to configure the maximum size of the uploaded file. By default, it's prepare to2M (two megabytes), and you lot can override this setting using the.htaccess file also. Two megabytes isn't very much by today'southward standards, so yous might have to increase this. If you get an error thatfile exceeds upload_max_filesize when you try to upload a file, yous demand to increase this value. If you do, be sure to too increasepost_max_size (see below).

upload_tmp_dir

Sets a temporary directory which volition be used to store uploaded files. In well-nigh cases, you don't need to worry about this setting. If y'all don't prepare it, the system default temp directory will be used.

post_max_size

Thepost_max_size directive allows you to configure the maximum size of Postal service data. Since files are uploaded with Post requests, this value must be greater than what you've set for theupload_max_filesize directive. For example, if yourupload_max_filesize is16M (16 megabytes), you might want to gear uppost_max_size to20M.

max_file_uploads

Information technology allows yous to set the maximum number of files that can be uploaded at a time. The default isxx, a sensible amount.

max_input_time

It's the maximum number of seconds a script is immune to parse the input information. Yous should prepare it to a reasonable value if you're dealing with large file uploads.60 (60 seconds) is a good value for well-nigh apps.

memory_limit

Thememory_limit directive indicates the maximum amount of memory a script tin consume. If you're facing issues when uploading large files, you need to brand sure that the value of this directive is greater than what yous've ready for the post_max_size directive. The default value is128M (128 megabytes), so unless yous have a very bigpost_max_size andupload_max_filesize, you don't need to worry about this.

max_execution_time

It's the maximum number of seconds a script is allowed to run. If you're facing bug when uploading large files, you can consider increasing this value. 30 (30 seconds) should work well for most apps.

Now permit's build a real-world case to demonstrate file upload in PHP.

Create the HTML Form

In one case you've configured the PHP settings, you're ready to effort out the PHP file upload capabilities.

Our GitHub repo has some sample code which I'm going to discuss throughout this commodity. So, if you want to follow along, get ahead and download information technology from GitHub.

We're going to create two PHP files:index.php andupload.php. Theindex.php file holds code which is responsible for displaying the file upload form. On the other hand, theupload.php file is responsible for uploading a file to the server.

Also, a file will be uploaded in theuploaded_files directory, so you demand to make sure that this folder exists and is writable by theweb-server user.

In this department, we'll get through the cardinal parts of theindex.php file.

Let'due south accept a look at theindex.php file on GitHub:

<?php session_start();  ?> <!DOCTYPE html> <html> <head>   <championship>PHP File Upload</title> </head> <trunk>   <?php     if (isset($_SESSION['message']) && $_SESSION['message'])     {       echo '<p course="notification">'.$_SESSION['message']).'</p>';       unset($_SESSION['message']);     }   ?>   <course method="POST" action="upload.php" enctype="multipart/grade-data">     <div class="upload-wrapper">       <span class="file-proper name">Cull a file...</bridge>       <label for="file-upload">Scan<input type="file" id="file-upload" name="uploadedFile"></characterization>     </div>      <input type="submit" name="uploadBtn" value="Upload" />   </form> </body> </html>

You can use the post-obit CSS to give the course a more appealing expect.

div.upload-wrapper {   colour: white;   font-weight: bold;   display: flex; }  input[type="file"] {   position: absolute;   left: -9999px; }  input[blazon="submit"] {   border: 3px solid #555;   color: white;   background: #666;   margin: 10px 0;   border-radius: 5px;   font-weight: bold;   padding: 5px 20px;   cursor: pointer; }  input[type="submit"]:hover {   background: #555; }  characterization[for="file-upload"] {   padding: 0.7rem;   brandish: inline-block;   background: #fa5200;   cursor: arrow;   border: 3px solid #ca3103;   border-radius: 0 5px 5px 0;   border-left: 0; } label[for="file-upload"]:hover {   background: #ca3103; }  bridge.file-proper name {   padding: 0.7rem 3rem 0.7rem 0.7rem;   white-infinite: nowrap;   overflow: hidden;   background: #ffb543;   color: black;   border: 3px solid #f0980f;   edge-radius: 5px 0 0 5px;   border-right: 0; }        

The CSS basically hides the original fileinput and styles its accompanyingbridge andlabel elements.

Although it may wait similar a typical PHP form, there'south an of import divergence in the value of theenctype attribute of the<class> tag. Information technology needs to exist ready tomultipart/course-data since the class contains the file field.

Theenctype attribute specifies the type of encoding which should be used when the course is submitted, and information technology takes one of the following iii values:

• application/x-www-class-urlencoded: This is the default value when you don't ready the value of theenctype attribute explicitly. In this case, characters are encoded before information technology's sent to the server. If yous don't have the file field in your form, you should use this value for theenctype attribute.
• multipart/grade-data: When you apply themultipart/form-data value for theenctype aspect, it allows you to upload files using the POST method. Besides, it makes sure that the characters are not encoded when the form is submitted.
• text/plainly: This is mostly not used. With this setting, the data is sent unencoded.

Next, we output the file field, which allows you to select a file from your computer.

          <input type="file" proper noun="uploadedFile" />

Apart from that, nosotros've displayed a message at the superlative of the form. This message shows the status of the file upload, and it'll be set in a session variable by theupload.php script. Nosotros'll look more than at this in the adjacent section.

<?php     if (isset($_SESSION['message']) && $_SESSION['message'])     {       echo '<p class="notification">'.$_SESSION['message']).'</p>';       unset($_SESSION['message']);     }   ?>

So that sums upwardly theindex.php file. In the next section, we'll see how to handle the uploaded file on the server side.

Create the Upload Logic

In the previous section, nosotros created the HTML form which is displayed on the client side and allows you lot to upload a file from your computer. In this section, we'll see the server-side counterpart which allows you to handle the uploaded file.

Pull in the code from theupload.php file on GitHub. We'll go through the important parts of that file.

In theupload.php file, we've checked whether it's a valid POST request in the first place.

if (isset($_POST['uploadBtn']) && $_POST['uploadBtn'] == 'Upload') { ... }

In PHP, when a file is uploaded, the$_FILES superglobal variable is populated with all the data about the uploaded file. Information technology's initialized as an array and may contain the following information for successful file upload.

• tmp_name : The temporary path where the file is uploaded is stored in this variable.
• proper name : The bodily name of the file is stored in this variable.
• size : Indicates the size of the uploaded file in bytes.
• type : Contains the mime type of the uploaded file.
• error : If there'southward an error during file upload, this variable is populated with the appropriate error bulletin. In the case of successful file upload, it contains 0, which yous can compare by using theUPLOAD_ERR_OK constant.

After validating the Post request, we bank check that the file upload was successful.

if (isset($_FILES['uploadedFile']) && $_FILES['uploadedFile']['mistake'] === UPLOAD_ERR_OK) { ... }

Y'all tin can see that the$_FILES variable is a multi-dimensional assortment, the get-go element is the name of the file field, and the 2nd chemical element has the data virtually the uploaded file, as we've only discussed above.

If the file upload is successful, we initialize a few variables with information about the uploaded file.

// become details of the uploaded file $fileTmpPath = $_FILES['uploadedFile']['tmp_name']; $fileName = $_FILES['uploadedFile']['name']; $fileSize = $_FILES['uploadedFile']['size']; $fileType = $_FILES['uploadedFile']['type']; $fileNameCmps = explode(".", $fileName); $fileExtension = strtolower(end($fileNameCmps));

In the above snippet, we've too figured out the extension of the uploaded file and stored information technology in the$fileExtension variable.

As the uploaded file may contain spaces and other special characters, it's better to sanitize the filename, and that's exactly we've done in the post-obit snippet.

$newFileName = md5(time() . $fileName) . '.' . $fileExtension;

It's of import that you restrict the type of file which can be uploaded to certain extensions and don't allow everything using the upload form. We've done that by checking the extension of the uploaded file with a set of extensions that nosotros want to allow for uploading.

$allowedfileExtensions = array('jpg', 'gif', 'png', 'zip', 'txt', 'xls', 'doc'); if (in_array($fileExtension, $allowedfileExtensions)) { ... }

Finally, we utilize themove_uploaded_file function to motility the uploaded file to the specific location of our choice.

// directory in which the uploaded file will be moved $uploadFileDir = './uploaded_files/'; $dest_path = $uploadFileDir . $newFileName;  if(move_uploaded_file($fileTmpPath, $dest_path)) {   $message ='File is successfully uploaded.'; } else {   $message = 'At that place was some error moving the file to upload directory. Delight make sure the upload directory is writable by web server.'; }

Themove_uploaded_file function takes two arguments. The first statement is the filename of the uploaded file, and the second argument is the destination path where you want to move the file.

Finally, nosotros redirect the user to theindex.php file. Also, we set the advisable message in the session variable, which will be displayed to users after redirection in thealphabetize.php file.

How It All Works Together

Don't forget to create theuploaded_files directory and make it writable by thespider web-server user. Next, get alee and run thealphabetize.php file, which should display the file upload form which looks similar this:

Click on theScan button—that should open a dialog box which allows y'all to select a file from your computer. Select a file with 1 of the extensions immune in our script, and click on theUpload button.

That should submit the grade, and if everything goes well, you should see the uploaded file in theuploaded_files directory. You could likewise endeavour uploading other files with extensions that are not allowed, and check if our script prevents such uploads.

Resolving Common Errors

A lot of things can get wrong during a file upload which might result in errors. You lot can check the exact fault that occurred during the upload using$_FILES['uploadedFile']['error']. Here is the explanation of those errors:

File Is Besides Big

UPLOAD_ERR_INI_SIZE andUPLOAD_ERR_FORM_SIZE occur when the size of an uploaded file is more the value specified in php.ini or the HTML form respectively. You can get rid of this error by increasing the upload size limits or letting users know about them beforehand.

Temporary Binder Is Missing

UPLOAD_ERR_NO_TMP_DIR is reported when the temporary folder to upload the file is missing.UPLOAD_ERR_NO_FILE is reported when in that location is no file to upload.

Partial Upload or Tin can't Write to Deejay

You will getUPLOAD_ERR_PARTIAL if the file could but be uploaded partially andUPLOAD_ERR_CANT_WRITE if the file could non exist written to the deejay.

A PHP Extension Stopped the File Upload

Sometimes, you will get the errorUPLOAD_ERR_EXTENSION because some extension stopped the file upload. This i will require more investigation by you to figure out which extension acquired the problem.

Here is the full code fromupload.php which will testify users a message on the upload page in case of success or failure of the upload. The information near the success or failure of the upload is stored in the$_SESSION['bulletin'].

<?php session_start();  $message = '';  if (isset($_POST['uploadBtn']) && $_POST['uploadBtn'] == 'Upload') {   if (isset($_FILES['uploadedFile']) && $_FILES['uploadedFile']['mistake'] === UPLOAD_ERR_OK)   {     // get details of the uploaded file     $fileTmpPath = $_FILES['uploadedFile']['tmp_name'];     $fileName = $_FILES['uploadedFile']['proper noun'];     $fileSize = $_FILES['uploadedFile']['size'];     $fileType = $_FILES['uploadedFile']['type'];     $fileNameCmps = explode(".", $fileName);     $fileExtension = strtolower(end($fileNameCmps));      // sanitize file-proper name     $newFileName = md5(time() . $fileName) . '.' . $fileExtension;      // bank check if file has i of the following extensions     $allowedfileExtensions = array('jpg', 'gif', 'png', 'zip', 'txt', 'xls', 'medico');      if (in_array($fileExtension, $allowedfileExtensions))     {       // directory in which the uploaded file will be moved       $uploadFileDir = './uploaded_files/';       $dest_path = $uploadFileDir . $newFileName;        if(move_uploaded_file($fileTmpPath, $dest_path))        {         $message ='File is successfully uploaded.';       }       else        {         $bulletin = 'At that place was some error moving the file to upload directory. Delight make sure the upload directory is writable by web server.';       }     }     else     {       $bulletin = 'Upload failed. Allowed file types: ' . implode(',', $allowedfileExtensions);     }   }   else   {     $message = 'In that location is some error in the file upload. Please check the following error.<br>';     $message .= 'Error:' . $_FILES['uploadedFile']['mistake'];   } } $_SESSION['message'] = $message; header("Location: index.php");

Acquire PHP With a Free Online Grade

Today, we discussed the nuts of file upload in PHP. In the first half of the commodity, we discussed the different configuration options that need to be in place for file upload to work. Then we looked at a real-world example which demonstrated how file upload works in PHP.

If you lot want to acquire more PHP, check out our free online grade on PHP fundamentals!

In this course, y'all'll learn the fundamentals of PHP programming. You lot'll start with the basics, learning how PHP works and writing unproblematic PHP loops and functions. So you lot'll build up to coding classes for simple object-oriented programming (OOP). Forth the way, you'll acquire all the most important skills for writing apps for the spider web: you'll get a chance to practice responding to Become and POST requests, parsing JSON, authenticating users, and using a MySQL database.

Did you find this post useful?

Software Engineer, FSPL, India

I'm a software engineer by profession and I've done my engineering in estimator science. It'southward been around fourteen years I've been working in the field of website evolution and open up source technologies. Primarily, I work on PHP and MySQL based projects and frameworks. Among them, I've worked on web frameworks like CodeIgnitor, Symfony, and Laravel. Apart from that, I've as well got a run a risk to piece of work on different CMS systems like Joomla, Drupal and WordPress, and due east-commerce systems like Magento, OpenCart, WooCommerce and Drupal Commerce. I also like to nourish community tech conferences, and as a part of that, I attended 2016 Joomla World Conference held in Bangalore (India) and 2018 DrupalCon which was held in Mumbai (India). Apart from this, I like to travel to explore new places and listen music!

reyesaded1967.blogspot.com

Source: https://code.tutsplus.com/tutorials/how-to-upload-a-file-in-php-with-example--cms-31763

Share this post