demosthenes.info

I’m Dudley Storey, the author of Pro CSS3 Animation. This is my blog, where I talk about web design and development with , and . To receive more information, including news, updates, and tips, you should follow me on Twitter or add me on Google+.

web developer guide

my books

Book cover of Pro CSS3 AnimationPro CSS3 Animation, Apress, 2013

my projects

CSSslidy: an auto-generated #RWD image slider. 3.8K of JS, no JQuery. Drop in images, add a line of CSS. Done.

tipster.ioAutomatically provides local tipping customs and percentages for services anywhere.

Enabling User Uploads: Transferring The File

php / file uploads

Estimated reading time: 2 minutes, 9 seconds

If we have created a form to receive a file, the next part is to create a PHP script to process the data. For the sake of simplicity and clarity, I'll keep this script as a separate file, called uploader.php. Start that page with a simple script in the body, upload the page, and test the form by uploading a file and pressing submit:

<?php
$upload_tmp_dir = “/tmp”;
print_r ($_FILES['upload']);
?>

The first variable we set, $upload_tmp_dir, is a little bit of a hack. In most cases, PHP should recognize that it has a tmp folder, where uploaded and cached files are temporarily stored. However, installations of PHP and Apache on Windows tend to get a little confused, and we must “remind” it that the directory exists. If your server does not run on Windows, this reminder does no harm. (We will be looking at the tmp folder in a moment).

The details of any uploaded file are held in a system variable called $_FILES, addressed by the value of the name attribute associated with the file input in the original form. After you attempt to upload the file via the form, you’ll see that the array has a number of parts: it contains the file type, any error associated with the file upload, the temporary name and location of the file, etc. We'll be using some of this information next.

If we want to bypass any interrogation of the file and trust it implicitly – which we should never do – we can move the file into our images folder directly. First, we need to specify where the file will go by appending the $uploadedfile variable to the directory we wish to store it in our website. In this case, I will use the images directory:

$uploadedfile = “images/{$_FILES['upload']['name']}”;

Note that the braces around the $_FILES variable is simply a way of concatenating the images directory with the file name: it could also be written as follows: $uploadedfile = “images/”.$_FILES['upload']['name'];

Then, to move the file from our tmp directory, we'll use an if statement:

if (move_uploaded_file ($_FILES['upload'] ['tmp_name'], $uploadedfile )) {
echo "File successfully uploaded";
} else {
echo "Failure to upload";
}

There are many tests we could and should do to the file in order to determine if it is the kind we want: we should be double-checking the file size; checking that the name of the file does not have the same name as a file already present in the destination folder, since PHP will overwrite any such file; and checking the file type. We'll do those tests in the next article in this series.

comments powered by Disqus

This site helps millions of visitors while remaining ad-free. For less than the price of a cup of coffee, you can help pay for bandwidth and server costs while encouraging further articles.