"I am Saqib Jahangir. A passionate vlogger, software engineer, trainer and avid traveler with a deep love for exploring the hidden gems of our beautiful planet. With a strong foundation in Application Development, Application Architecture & Database Design and Product Management, I bring over a decade of hands-on experience building secure, scalable, and resilient web applications for a diverse range of industries."


Click Above to BOOK HOTEL NOW!

Uploading Files with PHP

 

Uploading files is one of the most useful features in web development. PHP makes it simple to handle file uploads securely and efficiently. For example, when you upload a profile picture or a PDF document, PHP processes the file and stores it on the server.

Basic Steps for File Upload in PHP

  1. Create an HTML form – where the user selects a file.
  2. Handle the file in PHP – using the $_FILES superglobal.
  3. Save the file – to a desired folder on the server.
  4. Apply validation – check file type, size, and errors.

📝 Example: Simple File Upload

HTML Form

<html>

<body>

    <h2>Upload a File</h2>

    <form action="upload.php" method="post" enctype="multipart/form-data">

        <input type="file" name="myfile">

        <input type="submit" value="Upload">

    </form>

</body>

</html>

PHP Script (upload.php)

<?php

if (isset($_FILES['myfile'])) {

    $targetDir = "uploads/"; // Folder to store files

    $targetFile = $targetDir . basename($_FILES["myfile"]["name"]);

 

    if (move_uploaded_file($_FILES["myfile"]["tmp_name"], $targetFile)) {

        echo "The file ". basename($_FILES["myfile"]["name"]). " has been uploaded.";

    } else {

        echo "Sorry, there was an error uploading your file.";

    }

}

?>

This code uploads the file to the uploads/ directory.

🔒 Validating the Upload

It’s important to validate uploads for security and performance reasons.

1. Check File Size

if ($_FILES["myfile"]["size"] > 2000000) { // 2MB limit

    echo "Sorry, your file is too large.";

}

2. Allow Only Specific File Types

$allowedTypes = ["jpg", "png", "jpeg", "gif", "pdf"];

$fileType = strtolower(pathinfo($targetFile, PATHINFO_EXTENSION));

 

if (!in_array($fileType, $allowedTypes)) {

    echo "Only JPG, PNG, GIF & PDF files are allowed.";

}

3. Check for Upload Errors

if ($_FILES['myfile']['error'] !== 0) {

    echo "Error uploading file. Code: " . $_FILES['myfile']['error'];

}

📌 Complete Example with Validation

<?php

if (isset($_FILES["myfile"])) {

    $targetDir = "uploads/";

    $targetFile = $targetDir . basename($_FILES["myfile"]["name"]);

    $uploadOk = 1;

    $fileType = strtolower(pathinfo($targetFile, PATHINFO_EXTENSION));

 

    // Check file size

    if ($_FILES["myfile"]["size"] > 2000000) {

        echo "File is too large.";

        $uploadOk = 0;

    }

 

    // Allow specific file formats

    $allowedTypes = ["jpg", "png", "jpeg", "gif", "pdf"];

    if (!in_array($fileType, $allowedTypes)) {

        echo "Only JPG, PNG, GIF & PDF files are allowed.";

        $uploadOk = 0;

    }

 

    // Upload if everything is fine

    if ($uploadOk == 1) {

        if (move_uploaded_file($_FILES["myfile"]["tmp_name"], $targetFile)) {

            echo "The file ". basename($_FILES["myfile"]["name"]). " has been uploaded.";

        } else {

            echo "Error uploading your file.";

        }

    }

}

?>

🎯 Best Practices for File Upload in PHP

  • Always validate file type and size.
  • Rename uploaded files to avoid conflicts (uniqid() or timestamp).
  • Store sensitive files outside the public folder.
  • Never trust file extensions alone (check MIME type if possible).
  • Use HTTPS to protect uploads.

 

Click Below to Shop Now at AMAZON

Click Below to Shop Now at AMAZON

Popular Posts

Operators (Arithmetic, Comparison, Logical)

  Operators in PHP are symbols that perform operations on variables and values. They are essential for performing calculations, comparing values, and making logical decisions in your code. PHP supports several types of operators, including arithmetic, comparison, and logical operators. Arithmetic Operators Arithmetic operators are used to perform basic mathematical operations. Example: <?php $a = 10; $b = 3;   echo $a + $b; // 13 echo $a - $b; // 7 echo $a * $b; // 30 echo $a / $b; // 3.3333 echo $a % $b; // 1 (modulus) echo $a ** $b; // 1000 (exponentiation) ?> Comparison Operators Comparison operators are used to compare two values. They return true or false . Example: <?php $x = 5; $y = 10;   var_dump($x == $y);   // false var_dump($x != $y);   // true var_dump($x === $y); // false (checks value and type) var_dump($x !== $y); // true var_dump($x > $y);    // false var_dum...
Read more

Functions (Built-in & User-defined)

  Functions in PHP are blocks of code designed to perform a specific task. They help make code reusable, organized, and easier to maintain. PHP provides built-in functions for common tasks, and also allows you to create your own user-defined functions . Built-in Functions PHP has hundreds of built-in functions that perform predefined operations such as string manipulation, mathematical calculations, and array handling. Example (Built-in Functions): <?php // String length echo strlen("Hello World"); // Outputs: 11   // Find maximum value in an array echo max(10, 20, 30); // Outputs: 30   // Convert string to uppercase echo strtoupper("php is awesome"); // Outputs: PHP IS AWESOME ?> User-defined Functions You can create your own functions to execute code whenever needed. This helps reduce repetition and makes programs easier to read. Syntax: function functionName($parameter1, $parameter2) {     // Code to...
Read more