PHP file upload
Through PHP, files can be uploaded to the server.
The examples in this chapter are completed under the test project. The directory structure is:
|-----upload # 文件上传的目录 |-----form.html # 表单文件 |-----upload_file.php # php 上传代码source code download
Create a file Upload Form
It is very useful to allow users to upload files from a form.
Please look at the HTML form below for uploading files:
<html> <head> <meta charset="utf-8"> <title>php中文网(php.cn)</title> </head> <body> <form action="upload_file.php" method="post" enctype="multipart/form-data"> <label for="file">文件名:</label> <input type="file" name="file" id="file"><br> <input type="submit" name="submit" value="提交"> </form> </body> </html>Save the above code into the form.html file.
Some notes about the above HTML form are listed below:
##<form>enctype# of the tag ## Attribute specifies which content type to use when submitting the form. When a form requires binary data, such as file content, use "multipart/form-data".
- <input>
The type="file" attribute of the tag specifies that the input should be processed as a file. For example, when previewing in a browser, you'll see a browse button next to the input box.
Allowing users to upload files is a huge security risk. Please allow only trusted users to perform file upload operations.
The "upload_file.php" file contains the code for uploading files:
<?php
if ($_FILES["file"]["error"] > 0)
{
echo "错误:" . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "上传文件名: " . $_FILES["file"]["name"] . "<br>";
echo "文件类型: " . $_FILES["file"]["type"] . "<br>";
echo "文件大小: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
echo "文件临时存储的位置: " . $_FILES["file"]["tmp_name"];
}
?> by using PHP's global array $_FILES, you can upload files from the client computer to the remote server. - $_FILES["file"]["name"] - The name of the uploaded file
- $_FILES["file "]["type"] - The type of the uploaded file
- $_FILES["file"]["size"] -The size of the uploaded file, in bytes
- $_FILES["file"]["tmp_name"] - The name of the temporary copy of the file stored on the server
- $_FILES["file"] ["error"] - Error code caused by file upload
- This is a very simple way to upload files. For security reasons, you should add restrictions on who is allowed to upload files.
In this script, we have added restrictions on file uploads. Users can only upload .gif, .jpeg, .jpg, .png files and the file size must be less than 200 kB:
<?php
// 允许上传的图片后缀
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp); // 获取文件后缀名
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png"))
&& ($_FILES["file"]["size"] < 204800) // 小于 200 kb
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "错误:: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "上传文件名: " . $_FILES["file"]["name"] . "<br>";
echo "文件类型: " . $_FILES["file"]["type"] . "<br>";
echo "文件大小: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
echo "文件临时存储的位置: " . $_FILES["file"]["tmp_name"];
}
}
else
{
echo "非法的文件格式";
}
?>Save the uploaded file
The above example creates a temporary copy of the uploaded file in the server's PHP temporary folder.
This temporary copy file will disappear when the script ends. To save the uploaded file, we need to copy it to another location:
<?php
// 允许上传的图片后缀
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
echo $_FILES["file"]["size"];
$extension = end($temp); // 获取文件后缀名
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png"))
&& ($_FILES["file"]["size"] < 204800) // 小于 200 kb
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo "错误:: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "上传文件名: " . $_FILES["file"]["name"] . "<br>";
echo "文件类型: " . $_FILES["file"]["type"] . "<br>";
echo "文件大小: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
echo "文件临时存储的位置: " . $_FILES["file"]["tmp_name"] . "<br>";
// 判断当期目录下的 upload 目录是否存在该文件
// 如果没有 upload 目录,你需要创建它,upload 目录权限为 777
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " 文件已经存在。 ";
}
else
{
// 如果 upload 目录不存在该文件则将文件上传到 upload 目录下
move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);
echo "文件存储在: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "非法的文件格式";
}
?>The above script detects whether the file already exists. If it does not exist, it copies the file to a location named "upload " directory. The file upload demonstration operation is as follows:
## Recommended related practical tutorials:
《Upload simple files for PHP development to local files and save them (1)》
《Upload simple files for PHP development to local files and save them ( two)"
