- Drop me a line! Contact me here.
Handling File Uploads
Handling File Uploads
Something that comes up over and over in PHP forums is how you should handle file uploads. Allowing users to upload files from their PC is quite a simple thing to write code for, but there are a few conceptual barriers that often put people off and make it appear harder than it really is.
To enable a user to upload files to a ebsite you must specify a particular sort of form encoding to use. This is the 'multipart/form-data' type. Without this the web browser software doesn't know to encode the uploaded file into the users response in such a way that PHP will be able to understand. You should also include a browser directive to let the users browser know the maximum file upload size. This won't actually stop the user trying to upload a larger file, but at some point in the future browsers may actually start obeying it, so its a good idea to include it now.
When the user uploads a file it is copied from their PC to the web server via the web browser. There is no need for FTP or other file transfer protocols.
Information about uploaded files is stored in the predefined $_FILES array. This is made up of an array of arrays, one per file upload in the web form. The array has 5 fields:
$_FILES['upload']['name'] - The original filename.
$_FILES['upload']['type'] - The uploaded file's MIME type.
$_FILES['upload']['size'] - The filesize in bytes.
$_FILES['upload']['tmp_name'] - The filename on the web server.
$_FILES['upload']['error'] - Any error if one occured.
When the file has been uploaded our PHP script has to do something with it. Generally PHP will upload to a directory on the server designated for storing temporary files. Because of this we ought to move the file to a more permanent location in case the temporary storage area is cleared out.
In order to move the uploaded file from the temporary storage area to a more suitable location we use the move_uploaded_file() function.
By default the maximum file upload size PHP will allow is 2 megabytes. For most web sites this is more than enough, but occasionally there are reasons why it is useful to be able to upload larger files via the web browser. In order to increase the maximum allowed upload there are several settings that must be altered.
The first php.ini setting to alter is the "upload_max_filesize" option. This setting is the hard limit PHP will even bother with. The default setting is "2M", shorthand for 2 megabytes. You can set this to either an int to specify the maximum size in bytes, or else use the shorthand notation defined in the PHP manual.
The second option to look at is "post_max_size". This is the maximum size of POSTed data that PHP will work with. As uploaded files are placed into POST data this value should be larger than "upload_max_filesize". There is also the "memory_limit" configuration option to check too. Uploaded files are loaded into PHPs memory area, so if your upload is greater than the amount of memory PHP is allowed to use then it will fail. This value should be increased so that it is more than "post_max_size".
Finally there is the "max_input_time" value. When a uploads a file the PHP upload script has to run too. If the "max_input_time" is too low then the script will time out before the user has finished uploading their data. The default value of 60 is enough for most uploads under a few megabytes if the web site users are using broadband internet connections, but this should be increased if there will be users attempting to upload large files via a dial-up connection.
To enable a user to upload files to a ebsite you must specify a particular sort of form encoding to use. This is the 'multipart/form-data' type. Without this the web browser software doesn't know to encode the uploaded file into the users response in such a way that PHP will be able to understand. You should also include a browser directive to let the users browser know the maximum file upload size. This won't actually stop the user trying to upload a larger file, but at some point in the future browsers may actually start obeying it, so its a good idea to include it now.
<form action="upload.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="30000">
<input type="file" name="upload"> <input type="submit" name="submit" value="Go">
</form>When the user uploads a file it is copied from their PC to the web server via the web browser. There is no need for FTP or other file transfer protocols.
Information about uploaded files is stored in the predefined $_FILES array. This is made up of an array of arrays, one per file upload in the web form. The array has 5 fields:
$_FILES['upload']['name'] - The original filename.
$_FILES['upload']['type'] - The uploaded file's MIME type.
$_FILES['upload']['size'] - The filesize in bytes.
$_FILES['upload']['tmp_name'] - The filename on the web server.
$_FILES['upload']['error'] - Any error if one occured.
When the file has been uploaded our PHP script has to do something with it. Generally PHP will upload to a directory on the server designated for storing temporary files. Because of this we ought to move the file to a more permanent location in case the temporary storage area is cleared out.
In order to move the uploaded file from the temporary storage area to a more suitable location we use the move_uploaded_file() function.
<?php
move_uploaded_file($_FILES['upload']['tmp_name'],"files/".basename($_FILES['upload']['name']));
?>
By default the maximum file upload size PHP will allow is 2 megabytes. For most web sites this is more than enough, but occasionally there are reasons why it is useful to be able to upload larger files via the web browser. In order to increase the maximum allowed upload there are several settings that must be altered.
The first php.ini setting to alter is the "upload_max_filesize" option. This setting is the hard limit PHP will even bother with. The default setting is "2M", shorthand for 2 megabytes. You can set this to either an int to specify the maximum size in bytes, or else use the shorthand notation defined in the PHP manual.
The second option to look at is "post_max_size". This is the maximum size of POSTed data that PHP will work with. As uploaded files are placed into POST data this value should be larger than "upload_max_filesize". There is also the "memory_limit" configuration option to check too. Uploaded files are loaded into PHPs memory area, so if your upload is greater than the amount of memory PHP is allowed to use then it will fail. This value should be increased so that it is more than "post_max_size".
Finally there is the "max_input_time" value. When a uploads a file the PHP upload script has to run too. If the "max_input_time" is too low then the script will time out before the user has finished uploading their data. The default value of 60 is enough for most uploads under a few megabytes if the web site users are using broadband internet connections, but this should be increased if there will be users attempting to upload large files via a dial-up connection.
Comments
Comments are not currently being accepted for this article.
Sidebar
- © Ooer.com Chris Neale 2007
- PHPGD.com
- Powered by PHP
- Database by MySQL
- DB Queries: 7
- DB Time: 0.0020 seconds
