This tutorial explains how to upload files to a remote server using a basic HTML form and PHP. You can upload various types of files such as images, videos, ZIP files, Microsoft Office documents, PDFs, executables, and more.
Below is an example of a straightforward HTML form designed for file uploads.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>File Upload Form</title>
</head>
<body>
<form action="upload-manager.php" method="post" enctype="multipart/form-data">
<h2>Upload File</h2>
<label for="fileSelect">Filename:</label>
<input type="file" name="photo" id="fileSelect">
<input type="submit" name="submit" value="Upload">
<p><strong>Note:</strong> Only .jpg, .jpeg, .gif, .png formats allowed to a max size of 5 MB.</p>
</form>
</body>
</html>Note: Alongside a file-select field, the upload form should utilize the HTTP post method and include the enctype="multipart/form-data" attribute. This attribute ensures that the form data is encoded as multipart MIME data, which is necessary for uploading large amounts of binary data such as images, audio, video, etc.
Below is the entire code for our "upload-manager.php" file. This script saves the uploaded file into an "upload" directory permanently. It also includes basic security measures to check file types and sizes, ensuring users upload the correct file types and stay within size limits.
<?php
// Check if the form was submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Check if file was uploaded without errors
if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0){
$allowed = array("jpg" => "image/jpg", "jpeg" => "image/jpeg", "gif" => "image/gif", "png" => "image/png");
$filename = $_FILES["photo"]["name"];
$filetype = $_FILES["photo"]["type"];
$filesize = $_FILES["photo"]["size"];
// Verify file extension
$ext = pathinfo($filename, PATHINFO_EXTENSION);
if(!array_key_exists($ext, $allowed)) die("Error: Please select a valid file format.");
// Verify file size - 5MB maximum
$maxsize = 5 * 1024 * 1024;
if($filesize > $maxsize) die("Error: File size is larger than the allowed limit.");
// Verify MYME type of the file
if(in_array($filetype, $allowed)){
// Check whether file exists before uploading it
if(file_exists("upload/" . $filename)){
echo $filename . " is already exists.";
} else{
move_uploaded_file($_FILES["photo"]["tmp_name"], "upload/" . $filename);
echo "Your file was uploaded successfully.";
}
} else{
echo "Error: There was a problem uploading your file. Please try again.";
}
} else{
echo "Error: " . $_FILES["photo"]["error"];
}
}
?>Note: The script above currently stops uploading files with the same name as existing ones in the folder. To allow this, you can modify the file name by adding a random string or timestamp, such as $filename = time() . '_' . $_FILES["photo"]["name"];
You might be curious about the purpose of this code. Let's walk through each part of this example code step by step to understand the process better.
When the form is submitted, information about the uploaded file can be accessed using PHP's superglobal array called $_FILES. For instance, if a user uploads a file using a file select field named "photo" (i.e., name="photo"), you can retrieve details such as the file's original name, type, size, temporary name, and any upload errors through the $_FILES["photo"] associative array. Here's how:
$_FILES["photo"]["name"] — The original name of the file, including the file extension. It does not include the file path.$_FILES["photo"]["type"] — The MIME type of the file.$_FILES["photo"]["size"] — The size of the file in bytes.$_FILES["photo"]["tmp_name"] — The temporary name assigned to the file, including the full path, once it is uploaded to the server.$_FILES["photo"]["error"] — An error or status code associated with the file upload. For example, it will be 0 if there is no error.The PHP code in the example below will display the uploaded file's details and store it in a temporary directory on the web server.
<?php
if($_FILES["photo"]["error"] > 0){
echo "Error: " . $_FILES["photo"]["error"] . "<br>";
} else{
echo "File Name: " . $_FILES["photo"]["name"] . "<br>";
echo "File Type: " . $_FILES["photo"]["type"] . "<br>";
echo "File Size: " . ($_FILES["photo"]["size"] / 1024) . " KB<br>";
echo "Stored in: " . $_FILES["photo"]["tmp_name"];
}
?>Tip: After a file is successfully uploaded, it is initially stored in a temporary directory on the server. To permanently store this file, you must move it from the temporary directory to a permanent location using PHP's move_uploaded_file() function.