thexchord
May 2 '02, 09:23 PM
PHP Uploads...
General things you need to know:
* On the HTML form, where the user specifies the file to upload, you will put up a "File" control
that shows up as a textbox with a Browse button.
* A form with an option to upload files, needs to have an encoding of multipart/form-data (see
form declaration below)
* When uploaded, files get copied to the server's temp directory. It is your problem to copy the
file from there, within your php script, to whereever you want, and then delete the one in the
temp folder to free up space.
* The max size of files that can be uploaded may be specified within the form as well as within
the PHP configuration file
* It is possible to upload multiple files in one go.
------------
The Tute:
Users specify the file to upload by using the "Browse" button on your html form. This button and
the accompanying textbox are actually a single "File" Control. Here's an example of such a button within a form:
<form enctype="multipart/form-data" action="file_submit.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="1000">
Upload: <input name="thefile" type="file"><input type="submit" value="Upload!"> </form>
Note the form enctype value - keep it that way. The action value (file_submit.php) is the target
php script that accepts the form submission.
MAX_FILE_SIZE is an advice to the browser to limit the size of the file being uploaded - note
that browsers may chose to ignore this limit.
The "File" control is named "thefile" in this example. Lastly, there's a submit button to submit
the form, and upload the file.
When the user specifies a file, and submits the form, the browser starts sending the file over HTTP to your server. The server accepts the file, saves it to the "temp" folder, and starts
execution of your target php script ("file_submit.php" in our e.g.).
Your PHP script now needs to copy the file from the temp folder to where you need it. For this, you need the complete path of the uploaded file. This path is available in a variable that php makes for your script, which is:
$HTTP_POST_FILES['thefile']['tmp_name'] - note that 'thefile' is the name we specified for the "File" control, and 'tmp_name' is a keyword.
So within file_submit.php, do :
copy ($HTTP_POST_FILES['thefile']['tmp_name'], $new_path);
There! You've uploaded a file, and saved it to the required location on your server!
More:
* Like the variable mentioned above, php makes other variables available for you to manipulate the upload, which are:
1. $HTTP_POST_FILES['thefile']['name'] - the original name of the file on the user's machine
2. $HTTP_POST_FILES['thefile']['type'] - the mime type of the file. For e.g. text/plain, image/gif. Note that it is upto the browser to provide the server this mime information.
3. $HTTP_POST_FILES['thefile']['size'] - size of the uploaded file in bytes.
------------
FAQ:
Q: I want to specify a different default folder where files should be uploaded instead of the server "temp" folder -
A: Use the "upload_tmp_dir" directive within php.ini - set it to your target folder.
Q: What does the function move_uploaded_file() do?
A: Handles moving the uploaded file to your custom target location. Only available upwards of PHP ver. 4.0.3.
Q: I want to find out whether the user uploaded a document or an image!
A: Use the $HTTP_POST_FILES['thefile']['type'] variable - whether it contains the string "image/" (the top level mime-type for images) or "text/" (plain text files/html files etc) or "application/" (documents like pdf, word...)
Q: I also want to check whether a file was uploaded at all, within my php script!
A: Use:
if ($HTTP_POST_FILES['thefile']["size"] > 0)
{
// file was uploaded
}
Q: What are the available mime types?
A: Look here : http://www.isi.edu/in-notes/iana/assignments/media-types/media-types
---------------
References:
http://www.php.net/manual/en/features.file-upload.php
http://www.php.net/manual/en/function.copy.php
http://www.php.net/manual/en/function.move-uploaded-file.php
http://www.phpbuilder.com/columns/bealers20000904.php3
And while you are at it, do visit my site: Lyra Computing (http://www.lyracomputing.com)
ERRATA
scoutt on VBF pointed out the following that i overlooked:
1. $HTTP_POST_FILES is deprecated - instead use the $_FILES array - this variable is a SuperGlobal always - don't use the global keyword with it within functions. Introduced in 4.1.0
2. Using upload_tmp_dir to set the target folder for uploaded files is deemed a temporary directory by PHP, and will be cleaned by the server during cleanup. So be careful whlie using it. Haven't checked this out myself, but trying to get more information...
General things you need to know:
* On the HTML form, where the user specifies the file to upload, you will put up a "File" control
that shows up as a textbox with a Browse button.
* A form with an option to upload files, needs to have an encoding of multipart/form-data (see
form declaration below)
* When uploaded, files get copied to the server's temp directory. It is your problem to copy the
file from there, within your php script, to whereever you want, and then delete the one in the
temp folder to free up space.
* The max size of files that can be uploaded may be specified within the form as well as within
the PHP configuration file
* It is possible to upload multiple files in one go.
------------
The Tute:
Users specify the file to upload by using the "Browse" button on your html form. This button and
the accompanying textbox are actually a single "File" Control. Here's an example of such a button within a form:
<form enctype="multipart/form-data" action="file_submit.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="1000">
Upload: <input name="thefile" type="file"><input type="submit" value="Upload!"> </form>
Note the form enctype value - keep it that way. The action value (file_submit.php) is the target
php script that accepts the form submission.
MAX_FILE_SIZE is an advice to the browser to limit the size of the file being uploaded - note
that browsers may chose to ignore this limit.
The "File" control is named "thefile" in this example. Lastly, there's a submit button to submit
the form, and upload the file.
When the user specifies a file, and submits the form, the browser starts sending the file over HTTP to your server. The server accepts the file, saves it to the "temp" folder, and starts
execution of your target php script ("file_submit.php" in our e.g.).
Your PHP script now needs to copy the file from the temp folder to where you need it. For this, you need the complete path of the uploaded file. This path is available in a variable that php makes for your script, which is:
$HTTP_POST_FILES['thefile']['tmp_name'] - note that 'thefile' is the name we specified for the "File" control, and 'tmp_name' is a keyword.
So within file_submit.php, do :
copy ($HTTP_POST_FILES['thefile']['tmp_name'], $new_path);
There! You've uploaded a file, and saved it to the required location on your server!
More:
* Like the variable mentioned above, php makes other variables available for you to manipulate the upload, which are:
1. $HTTP_POST_FILES['thefile']['name'] - the original name of the file on the user's machine
2. $HTTP_POST_FILES['thefile']['type'] - the mime type of the file. For e.g. text/plain, image/gif. Note that it is upto the browser to provide the server this mime information.
3. $HTTP_POST_FILES['thefile']['size'] - size of the uploaded file in bytes.
------------
FAQ:
Q: I want to specify a different default folder where files should be uploaded instead of the server "temp" folder -
A: Use the "upload_tmp_dir" directive within php.ini - set it to your target folder.
Q: What does the function move_uploaded_file() do?
A: Handles moving the uploaded file to your custom target location. Only available upwards of PHP ver. 4.0.3.
Q: I want to find out whether the user uploaded a document or an image!
A: Use the $HTTP_POST_FILES['thefile']['type'] variable - whether it contains the string "image/" (the top level mime-type for images) or "text/" (plain text files/html files etc) or "application/" (documents like pdf, word...)
Q: I also want to check whether a file was uploaded at all, within my php script!
A: Use:
if ($HTTP_POST_FILES['thefile']["size"] > 0)
{
// file was uploaded
}
Q: What are the available mime types?
A: Look here : http://www.isi.edu/in-notes/iana/assignments/media-types/media-types
---------------
References:
http://www.php.net/manual/en/features.file-upload.php
http://www.php.net/manual/en/function.copy.php
http://www.php.net/manual/en/function.move-uploaded-file.php
http://www.phpbuilder.com/columns/bealers20000904.php3
And while you are at it, do visit my site: Lyra Computing (http://www.lyracomputing.com)
ERRATA
scoutt on VBF pointed out the following that i overlooked:
1. $HTTP_POST_FILES is deprecated - instead use the $_FILES array - this variable is a SuperGlobal always - don't use the global keyword with it within functions. Introduced in 4.1.0
2. Using upload_tmp_dir to set the target folder for uploaded files is deemed a temporary directory by PHP, and will be cleaned by the server during cleanup. So be careful whlie using it. Haven't checked this out myself, but trying to get more information...