Steps of file upload
In order to learn PHP better, we have summarized the extremely complex PHP file upload into 6 steps.
In actual use, you can successfully complete PHP file upload by following these 6 steps:
1. Determine whether there is an error code
Detailed explanation of the error code returned by the system:
| Error code | Explanation |
|---|---|
| 0 | is correct and you can continue with subsequent operations of file upload. |
| 1 | Exceeds the maximum limit of uploaded files, upload_max_filesize = 2M is set in php.ini, and the default is 2M. It can be modified according to the actual needs of the project |
| 2 | If the specified file size is exceeded, specify the size limit of the uploaded file according to the business needs of the project |
| 3 | Only some files were uploaded |
| 4 | The files were not uploaded |
| 6 | The temporary folder cannot be found. The directory may not exist or has no permissions. |
| 7 | File writing failed. The disk may be full or there may be no permissions |
Note: There is no 5 in the error code.
2. Customize the judgment whether the file size exceeds the range
When developing the upload function. As developers, we, in addition to the maximum upload value specified in php.ini.
We usually also set a value, which is the upload size limit specified by the business.
For example:
Sina Weibo or QQ Zone only allows a single avatar picture of 2M. When uploading albums, you can upload more than 2M.
So, its system supports larger file uploads.
The judgment file size here is used to limit the uploaded file size we want to specify in actual business.
3. Determine whether the suffix name and mime type match
There are also bad people in the online world. They will insert viruses into pictures, upload viruses in attachments, and they will insert viruses or pornographic pictures into web pages.
We need to judge the suffix and mime type of the uploaded file.
MIME (Multipurpose Internet Mail Extensions) is a multipurpose Internet mail extension type. It is a type of method that sets a file with a certain extension to be opened by an application. When the file with the extension is accessed, the browser will automatically use the specified application to open it. It is mostly used to specify some client-defined file names and some media file opening methods.
When determining the suffix and MIME type, we will use a PHP function in_array(), which passes in two parameters.
The first parameter is the value to be judged;
The second parameter is the range array.
We use this function to determine whether the file extension and mime type are within the allowed range.
4. Generate file name
Our file was uploaded successfully, but it will not save its original name.
Because some people who have sensitive keywords in their original names will violate the relevant laws and regulations of our country.
We can use date(), mt_rand() or unique() to generate random file names.
5. Determine whether the file is uploaded
When the file is uploaded successfully, the system will upload the uploaded temporary file to the system's temporary directory. Create a temporary file.
At the same time, a temporary file name will be generated. What we need to do is move the temporary files to the specified directory on the system.
It is unscientific not to move blindly before moving, or to move wrongly. Before moving, we need to use relevant functions to determine whether the uploaded file is a temporary file.
is_uploaded_file() passes in a parameter (the cache file name in $_FILES) to determine whether the passed in name is an uploaded file.
6. Move temporary files to the specified location
Temporary files are real temporary files, we need to move them to our website directory.
Let others access the data in our website directory.
We use: move_uploaded_file().
This function moves the uploaded file to the specified location and names it.
Pass in two parameters:
The first parameter is the uploaded file that specifies the move;
The second parameter is the string concatenating the specified folder and name.
