PHP File Upload

So many people want to learn how to allow users to upload files to their server- well now’s your chance!

First off, let me say that before you blindly allow everyone to upload any type of file to your server, think twice. Potentially damaging files can be uploaded reeking havoc on your server!

As stated before, you should already be familiar with HTML before attempting to tackle PHP, and that is because HTML is often needed to display or gather certain objects from your site visitors- and uploading files using PHP is one good example.

Creating The Form

First off, you need to create a form which will allow your visitor to select which file they wish to upload and submit it for processing. Here is the simplest type of such a form:

<form action=”upload.php” method=”post” enctype=”multipart/form-data”>
Select a file for uploading: <input type=”file” name=”newfile” /><br />
<input type=”submit” value=”Submit” />
</form>

Before continuing, you should fully understand the form we’re using.

First, we are assigning an action to the form, which is to send the contents of the form to “upload.php” when submitted. Also, we have specified that the enctype be “multipart/form-data”. This is a required attribute in order for our upload.php file to process the form.

Then we have an input type of “file”. This will give the user the famous “Browse” button in the form where they can click and select a file on their local computer.

Lastly, we have the submit button which will send the inputted data to your upload.php file.

Creating The File

Now that we’ve created the HTML form used to gather the information, we now need to create the PHP page that will process the form.

We will use $_FILES array to store certain information on the uploaded file. For the purposes of this tutorial, we’re going to keep things simple and use the following arrays:

$_FILES['newfile']['name'] – This is the name and local path of the original file.
$_FILES['newfile']['tmp_name'] – This is the name of a temporary file that is created while the form is being processed.

Notice that on our HTML form, we assigned the input file field the name “newfile”, which is why we’re using it here.

The data we’re going to save is the original name of the file and the temporary name assigned to the file while it’s being processed.

Saving Uploads

To save uploaded files, we need to do a few things. One is to specify where the file should be saved on the server. We can do this using the following code:

$target_path = “uploads/”;

Next, we actually perform the upload:

$target_path = $target_path . basename( $_FILES['newfile']['name']);

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo “The file “. basename( $_FILES['newfile']['name']). ” has been uploaded!”;
} else{
echo “We never received your file!”;
}

To recap, we set the target path as “uploads/”. In other words, you need to have a directory named “uploads” for all the uploaded files to be stored. Of course, this can be changed to any name you wish.

Next, we upload the file to the target path, saving it with the original filename. (Note the explanation of $_FILES['newfile']['name'] above).

Then, we take the temporary file (what we’re working with thus far), and turn it into a permanent file in the target path.

Using if/else, we specify that if the permanent file has been uploaded to the target path successfully, we echo “The file [filename] has been uploaded!”.

Or else we echo “We never received your file!”.

Again, this is a bare bones upload file. It can be expanded in far too many ways to explain in one tutorial, but this simple upload form and PHP file will get the job done.