PHP File Upload

Through PHP, files can be uploaded to the server.

The examples in this chapter are completed under the test project. The directory structure is:

test

|-----upload ??????????????? # Directory for file upload

|-----form.html ? ? ? ? ? ? ? ? # Form file

|-----upload_file.php ? ? # php upload code

Create a file upload form

Allowing users to upload files from a form is very useful.

Please look at the HTML form for uploading files below:

<html>
<head>
<meta charset="utf-8">
<title>php中文網(wǎng)（php.cn）</title>
</head>
<body>
<form action="upload_file.php" method="post" enctype="multipart/form-data">
         <label for="file">文件名：</label>
         <input type="file" name="file" id="file"><br>
         <input type="submit" name="submit" value="提交">
</form>
</body>
</html>

Save the above code into the form.html file.

Some notes on the above HTML form are listed below:

·????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????. Use "multipart/form-data" when your form requires binary data, such as file content.

·???????????????????????????????????????????????????????????????????????? The type="file" attribute of the <input> tag specifies that the input should be processed as a file. For example, when previewing in a browser, you'll see a browse button next to the input box.

Note: Allowing users to upload files is a huge security risk. Please allow only trusted users to perform file upload operations.

Create upload script

The "upload_file.php" file contains the code for uploading files:

<?php
if ($_FILES["file"]["error"] > 0)
{
         echo "錯誤：" . $_FILES["file"]["error"] . "<br>";
}
else
{
         echo "上傳文件名: " . $_FILES["file"]["name"] . "<br>";
         echo "文件類型: " . $_FILES["file"]["type"] . "<br>";
         echo "文件大小: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
         echo "文件臨時(shí)存儲的位置: " . $_FILES["file"]["tmp_name"];
}
?>

By using PHP The global array $_FILES allows you to upload files from the client computer to the remote server.

The first parameter is the input name of the form, and the second subscript can be "name", "type", "size", "tmp_name" or "error". As shown below:

· $_Files ["file"] ["name"] -The name of upload file

· $ _files ["file"] ["type"] Type

· $ _files ["file"] ["size"] -Play the size of the file. - The name of the temporary copy of the file stored on the server File upload method. For security reasons, you should add restrictions on who is allowed to upload files.

Upload restrictions

In this script, we have added restrictions on file uploads. Users can only upload .gif, .jpeg, .jpg, .png files, and the file size must be less than 200 kB:

<?php
// 允許上傳的圖片后綴
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);        // 獲取文件后綴名
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png"))
&& ($_FILES["file"]["size"] < 204800)    // 小于 200 kb
&& in_array($extension, $allowedExts))
{
         if ($_FILES["file"]["error"] > 0)
         {
                 echo "錯誤：: " . $_FILES["file"]["error"] . "<br>";
         }
         else
         {
                 echo "上傳文件名: " . $_FILES["file"]["name"] . "<br>";
                 echo "文件類型: " . $_FILES["file"]["type"] . "<br>";
                 echo "文件大小: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
                 echo "文件臨時(shí)存儲的位置: " . $_FILES["file"]["tmp_name"];
         }
}
else
{
         echo "非法的文件格式";
}
?>

The above example creates a temporary copy of the uploaded file in the server's PHP temporary folder.

This temporary copy file will disappear when the script ends. To save the uploaded file, we need to copy it to another location:

<?php
// 允許上傳的圖片后綴
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
echo $_FILES["file"]["size"];
$extension = end($temp);     // 獲取文件后綴名
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png"))
&& ($_FILES["file"]["size"] < 204800)   // 小于 200 kb
&& in_array($extension, $allowedExts))
{
         if ($_FILES["file"]["error"] > 0)
         {
                 echo "錯誤：: " . $_FILES["file"]["error"] . "<br>";
         }
         else
         {
                 echo "上傳文件名: " . $_FILES["file"]["name"] . "<br>";
                 echo "文件類型: " . $_FILES["file"]["type"] . "<br>";
                 echo "文件大小: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
                 echo "文件臨時(shí)存儲的位置: " . $_FILES["file"]["tmp_name"] . "<br>";
                
                 // 判斷當(dāng)期目錄下的 upload 目錄是否存在該文件
                 // 如果沒有 upload 目錄，你需要創(chuàng)建它，upload 目錄權(quán)限為 777
                 if (file_exists("upload/" . $_FILES["file"]["name"]))
                 {
                          echo $_FILES["file"]["name"] . " 文件已經(jīng)存在。 ";
                 }
                 else
                 {
                          // 如果 upload 目錄不存在該文件則將文件上傳到 upload 目錄下
                          move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);
                          echo "文件存儲在: " . "upload/" . $_FILES["file"]["name"];
                 }
         }
}
else
{
         echo "非法的文件格式";
}
?>

The above script detects whether the file already exists. If it does not exist, it copies the file to a directory named "upload" Down.