Previous pages have dealt with changing file contents but you can also upload whole files.
To upload a file you need a form for the user to select the file. Create a new HTML page called upload.php (it's actually HTML so you don't need the PHP element):
<form enctype="multipart/form-data" method="post" action="upload2.php">
<p><input type="file" name="file01" /></p>
<p><input type="submit"></p>
</form>
The ENCTYPE sets the type of data to be sent by the form. Setting the field TYPE to file gives a button to launch the browser's file dialog.
Then create upload2.php to process the file:
echo "<pre>";
print_r($_FILES);
echo "</pre>";
$oldname=$_FILES["file01"]["name"];
$tempname=$_FILES["file01"]["tmp_name"];
move_uploaded_file($tempname, $oldname);
$_FILES is the super global which holds information about all uploaded files. It is an associative array which holds a number of other arrays (each one of these holds information about a single file). You need to tell PHP which of the files you want using the appropriate key (the name of the form file field). In this case there is only one file called 'file01' (because that was the name in the form). The PRINT_R is there for you to see the structure of the array and is not needed.
When the form is submitted to the server the file is uploaded. It is placed in a temporary location and information about it is stored in $_FILES. The middle two lines set up some variables. The first holds the name of the file which was uploaded. The second one holds the name it has been given temporarily.
The built-in PHP function move_uploaded_file() moves the temporary file to its intended location and renames it. Normally that would be in a special "uploads" directory for security.
You can improve this upload page a lot:
$type=$_FILES['file01']['type'];
$size=$_FILES['file01']['size'];
$oldname=$_FILES['file01']['name'];
$tempname=$_FILES['file01']['tmp_name'];
if($size<=50000 && $type=="text/html") {
if (move_uploaded_file($tempname, $oldname)){
echo "<p>The file was uploaded successfully</p>";
} else {
echo "<p>Sorry, no good</p>";
}
} else {
echo "<p>Sorry that file cannot be uploaded.</p>";
}
You should be able to spot:
- an IF statement which only allows the upload if a file is less than a certain size and is a text file
- an IF ELSE statement which checks whether the upload worked or not and gives a message in each case
Allowing uploads on your site is potentially dangerous as there is no control over what is uploaded or by who. By adding limits on the file size or type and allowing only logged on users to access the page risks can be reduced.
Tweaking
Practice your understanding by combining the form and processing into one PHP page which either shows the form or processes the uploaded data depending on an IF statement.
Change the form so that it can upload two files in one submission (by adding a second file field with a different name).
Change the PHP so that it only allows uploading of images (images are type image/jpeg, image/gif or image/png so you will need two ORs (||) in your IF statement for it to work well!).
When you have finished you might want to delete those files you have been uploading to your server!
