So far we’ve looked at simple anatomy input. Browsers Netscape 2 or better and Internet Explorer 4 or bigger all abutment book uploads, and so, of course, does PHP. In this section, you will appraise the appearance that PHP makes available to accord with this affectionate of input.
First, we charge to actualize the HTML. HTML forms that accommodate book upload fields must accommodate an ENCTYPE argument:
PHP additionally works with an alternative hidden acreage that can be amid afore the file upload field. This should be alleged MAX_FILE_SIZE and should accept a value representing the best admeasurement in bytes of the book that you are accommodating to accept. This admeasurement cannot override the best admeasurement set in the upload_max_filesize acreage in your php.ini book that defaults to 2 megabytes. The MAX_FILE_SIZE acreage will be obeyed at the browser’s discretion, so you should await aloft the php.ini ambience to cap absurd uploads. After the MAX_FILE_SIZE acreage has been entered, you are accessible to add the upload field itself. This is artlessly an INPUT aspect with a TYPE altercation of ”file”. You can accord it any name you want. Listing 9.13 brings all this calm into an HTML upload form.
Notice that already afresh this anatomy calls the folio that contains it. This is because we are activity to add some PHP cipher to handle the uploaded file. We limited book uploads to 50KB on band 7 and called our upload field ”fupload” on band 8. As you ability expect, this name will anon become important.
When a book is auspiciously uploaded, it is accustomed a different name and stored in a acting directory. On Unix systems the absence acting agenda is /tmp, but you can set it with the upload_tmp_dir charge in php.ini.
Information about the uploaded book will become accessible to you in the $HTTP_POST_ FILES arrangement which will be indexed by the names of each upload acreage in the form. The agnate amount for anniversary of these keys will itself be an akin array. These fields are declared in Table 9.2.
Name of uploaded file
Path to acting file
Size (in bytes) of uploaded file
Mime blazon of uploaded file(where accustomed by client)
Armed with this information, we can address a quick and dirty script that displays advice about uploaded files (see Listing 9.14). If the uploaded book is in GIF format, the calligraphy will alike attack to affectation it.
In Listing 9.14, we aboriginal actualize the $file_dir and $file_url variables on lines 6 and 7 to abundance aisle information. Again we use a foreach account to loop through every aspect in the $HTTP_POST_FILES arrangement on band 9. This will be empty the aboriginal time the folio is loaded, so annihilation in the bend will be executed and our calligraphy will absence to autograph the upload form.
Once the anatomy has been submitted the $HTTP_POST_FILES arrangement will be populated. We are application a bend rather than an if account in adjustment to make our calligraphy able of ascent to accord with assorted uploads on the same page. The foreach bend on band 9 food the upload file’s name in the $file_name capricious and the book advice in the $file_ array variable. We can again achievement the advice we accept about the upload.
To move the uploaded book to a agenda aural our web space, we charge to run a brace of checks first. We are alone ambidextrous with GIF files in this archetype so test the mime blazon on band 16.
Also, use a new action to verify the book on band 15. The is_uploaded_file() action was re-introduced with PHP 4.03. It accepts a aisle to an uploaded book and allotment accurate alone if the book in catechism is a valid upload file. This action accordingly enhances the aegis of your scripts.
Assuming that all is well, archetype the book from its acting home to a new directory on band 17. We use addition function, move_uploaded_file() for this purpose. This will archetype a book from one abode to another, aboriginal performing the aforementioned aegis checks as those performed by is_uploaded_file(). move_uploaded_file() requires a aisle to the antecedent book and a aisle to the destination. It will acknowledgment accurate if the move was acknowledged and apocryphal if the file was not a accurate upload file, or if it could not be found.
Beware of the names of uploaded files. Operating systems such as MacOS and Windows are appealing airy back it comes to book naming, so apprehend uploaded files to appear complete with spaces, citation marks and all address of other unexpected characters. It is accordingly a acceptable abstraction to clarify book names. You can learn added about techniques for testing and blockage strings in Hour 17 ”Working with Strings” and Hour 18 “Working with Regular Expressions”.
When we created the $file_dir capricious on band 6 to abundance the file path to our upload directory, we additionally created a capricious called $file_url on band 7 to abundance the URL of the aforementioned directory. We blanket up the calligraphy by autograph an HTML angel aspect that references our anew written image.