tkv
01-09-2008, 04:09 PM
The HTML Form
Uploading the File
Limit the File Size
Limit Files by Type
Putting It Together
Final ThoughtsThe HTML Form
This script will allow you to upload files from your browser to your hosting, using PHP. The first thing we need to do is create an HTML form that allows people to choose the file they want to upload.
<form enctype="multipart/form-data" action="upload.php" method="POST">
Please choose a file: <input name="uploaded" type="file" /><br />
<input type="submit" value="Upload" />
</form>
The first thing we must do, is allow the user to upload a file. We can do that by placing this HTML on any page we want to allow them to upload from. This code is in a file separate from our PHP. It points to a file called upload.php, however if you save your PHP by a different name you should change it here.
Finding the Extention
Next we will use a function explained,
Finding the file extention in the file name
function findexts ($filename)
{
$filename = strtolower($filename) ;
$exts = split("[/\\.]", $filename) ;
$n = count($exts)-1;
$exts = $exts[$n];
return $exts;
}
This function is used to find the file extension. If you wanted to rename a file upload you would still need to keep the extension. We can use this function to find it. Once found it can be appended to the end of a random number or a timestamp (or other naming system you choose) to use as the file name. Basically what the code is doing is first using strtolower to change the extension (and the whole file name) into lower case, just to keep it clean. Next we are splitting the filename into an array using split.
By splitting it at the [.] the extension will be the last element in the array, which we then return.
to look at the file name and take off the extension for us to use later when we reassign it a new name.
<?php
//This function separates the extension from the rest of the file name and returns it
function findexts ($filename)
{
$filename = strtolower($filename) ;
$exts = split("[/\\.]", $filename) ;
$n = count($exts)-1;
$exts = $exts[$n];
return $exts;
}
//This applies the function to our file
$ext = findexts ($_FILES['uploaded']['name']) ;
A Random File Name
//This line assigns a random number to a variable. You could also use a timestamp here if you prefer.
$ran = rand () ;
//This takes the random number (or timestamp) you generated and adds a . on the end, so it is ready of the file extension to be appended.
$ran2 = $ran.".";
//This assigns the subdirectory you want to save into... make sure it exists!
$target = "images/";
//This combines the directory, the random file name, and the extension
$target = $target . $ran2.$ext;
This code uses the rand () function to generate a random number as the file name. Another idea is to use the time () function so that each file is named after its timestamp.
It then combines this name with the extension from the original file. We also assign the subdirectory... make sure this actually exists!
Definition: The rand () function is used to generate a random number in PHP. It can also be used to generate a random number within a specific range (for example a number between 10 and 30.) On a some platforms, Windows for example, if unspecified the largest number that will be generated is 32768, however you can set a specific range to include higher numbers.
Examples:
<?php
print rand() . "<br>";
//generates and prints a random number
print rand(10, 30);
//generates and prints a random number between 10 and 30 (10 and 30 ARE included)
print rand(1, 1000000);
//generates and prints a random number between on and one million
?>
Time and Date
PHP has the ability to dynamically generate the time and date. Using a simple line of code we are able to include this on our site, however it is important to know how the formatting works.
<?php print time(); ?>
The above code outputs a long string of numbers. What these numbers represent is the time based in the amount of seconds that have passed since January 1 1970 00:00:00 GMT. This number can also be assigned to a variable:
<?php
$b = time ();
print $b;
?> Although this is a handy feature, sometimes you want a more formatted and human friendly representation of the date. You can use the date function in conjunction with the time function to display this in the format of date ( format , time ) In our case we want the start time to be now, so we will call the time first.
We will demonstrate many different types of formatting
Saving the file with the new name
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file has been uploaded as ".$ran2.$ext;
}
else
{
echo "Sorry, there was a problem uploading your file.";
}
?>
Finally this code saves the file (with its new name) onto the server. It also tells the user what it is saved as. If there is a problem doing this, an error is returned to the user. Other features such as limiting files by size or restricting certain file types and also be added to this script if you choose.
Limit the File Size
if ($uploaded_size > 350000)
{
echo "Your file is too large.<br>";
$ok=0;
} Assuming that you didn't change the form field in our HTML form (so it is still named uploaded), this will check to see the size of the file. If the file is larger than 350k, they are given a file too large error, and we set $ok to equal 0. You can change this line to be a larger or smaller size if you wish by changing 350000 to a different number. Or if you don't care about file size, just leave these lines out.
Limit Files by Type
if ($uploaded_type =="text/php")
{
echo "No PHP files<br>";
$ok=0;
} The code above checks to be sure the user is not uploading a PHP file to your site. If they do upload a PHP file, they are given an error, and $ok is set to 0.
if (!($uploaded_type=="image/gif")) {
echo "You may only upload GIF files.<br>";
$ok=0;
} In our second example we only allow users to upload .gif files, and all other types are given an error before setting $ok to 0. You can use these basic examples to allow or deny any specific file types.
have fun with this article !!!!
Uploading the File
Limit the File Size
Limit Files by Type
Putting It Together
Final ThoughtsThe HTML Form
This script will allow you to upload files from your browser to your hosting, using PHP. The first thing we need to do is create an HTML form that allows people to choose the file they want to upload.
<form enctype="multipart/form-data" action="upload.php" method="POST">
Please choose a file: <input name="uploaded" type="file" /><br />
<input type="submit" value="Upload" />
</form>
The first thing we must do, is allow the user to upload a file. We can do that by placing this HTML on any page we want to allow them to upload from. This code is in a file separate from our PHP. It points to a file called upload.php, however if you save your PHP by a different name you should change it here.
Finding the Extention
Next we will use a function explained,
Finding the file extention in the file name
function findexts ($filename)
{
$filename = strtolower($filename) ;
$exts = split("[/\\.]", $filename) ;
$n = count($exts)-1;
$exts = $exts[$n];
return $exts;
}
This function is used to find the file extension. If you wanted to rename a file upload you would still need to keep the extension. We can use this function to find it. Once found it can be appended to the end of a random number or a timestamp (or other naming system you choose) to use as the file name. Basically what the code is doing is first using strtolower to change the extension (and the whole file name) into lower case, just to keep it clean. Next we are splitting the filename into an array using split.
By splitting it at the [.] the extension will be the last element in the array, which we then return.
to look at the file name and take off the extension for us to use later when we reassign it a new name.
<?php
//This function separates the extension from the rest of the file name and returns it
function findexts ($filename)
{
$filename = strtolower($filename) ;
$exts = split("[/\\.]", $filename) ;
$n = count($exts)-1;
$exts = $exts[$n];
return $exts;
}
//This applies the function to our file
$ext = findexts ($_FILES['uploaded']['name']) ;
A Random File Name
//This line assigns a random number to a variable. You could also use a timestamp here if you prefer.
$ran = rand () ;
//This takes the random number (or timestamp) you generated and adds a . on the end, so it is ready of the file extension to be appended.
$ran2 = $ran.".";
//This assigns the subdirectory you want to save into... make sure it exists!
$target = "images/";
//This combines the directory, the random file name, and the extension
$target = $target . $ran2.$ext;
This code uses the rand () function to generate a random number as the file name. Another idea is to use the time () function so that each file is named after its timestamp.
It then combines this name with the extension from the original file. We also assign the subdirectory... make sure this actually exists!
Definition: The rand () function is used to generate a random number in PHP. It can also be used to generate a random number within a specific range (for example a number between 10 and 30.) On a some platforms, Windows for example, if unspecified the largest number that will be generated is 32768, however you can set a specific range to include higher numbers.
Examples:
<?php
print rand() . "<br>";
//generates and prints a random number
print rand(10, 30);
//generates and prints a random number between 10 and 30 (10 and 30 ARE included)
print rand(1, 1000000);
//generates and prints a random number between on and one million
?>
Time and Date
PHP has the ability to dynamically generate the time and date. Using a simple line of code we are able to include this on our site, however it is important to know how the formatting works.
<?php print time(); ?>
The above code outputs a long string of numbers. What these numbers represent is the time based in the amount of seconds that have passed since January 1 1970 00:00:00 GMT. This number can also be assigned to a variable:
<?php
$b = time ();
print $b;
?> Although this is a handy feature, sometimes you want a more formatted and human friendly representation of the date. You can use the date function in conjunction with the time function to display this in the format of date ( format , time ) In our case we want the start time to be now, so we will call the time first.
We will demonstrate many different types of formatting
Saving the file with the new name
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file has been uploaded as ".$ran2.$ext;
}
else
{
echo "Sorry, there was a problem uploading your file.";
}
?>
Finally this code saves the file (with its new name) onto the server. It also tells the user what it is saved as. If there is a problem doing this, an error is returned to the user. Other features such as limiting files by size or restricting certain file types and also be added to this script if you choose.
Limit the File Size
if ($uploaded_size > 350000)
{
echo "Your file is too large.<br>";
$ok=0;
} Assuming that you didn't change the form field in our HTML form (so it is still named uploaded), this will check to see the size of the file. If the file is larger than 350k, they are given a file too large error, and we set $ok to equal 0. You can change this line to be a larger or smaller size if you wish by changing 350000 to a different number. Or if you don't care about file size, just leave these lines out.
Limit Files by Type
if ($uploaded_type =="text/php")
{
echo "No PHP files<br>";
$ok=0;
} The code above checks to be sure the user is not uploading a PHP file to your site. If they do upload a PHP file, they are given an error, and $ok is set to 0.
if (!($uploaded_type=="image/gif")) {
echo "You may only upload GIF files.<br>";
$ok=0;
} In our second example we only allow users to upload .gif files, and all other types are given an error before setting $ok to 0. You can use these basic examples to allow or deny any specific file types.
have fun with this article !!!!