How to Move Files Safely in PHP?

Moving Files Safely in PHP

Moving files on a server is a crucial task for many applications. While the unlink function can be used to delete files, it poses security risks and should be avoided. Instead, consider using the rename function to move a file to a different folder securely.

Syntax:

<code class="php">rename('image1.jpg', 'del/image1.jpg');</code>

This command will move the file image1.jpg from the current folder to the del folder, renaming it to image1.jpg.

Alternative Options:

• copy(): To preserve the original file in its current location, use copy() instead of rename().

  <code class="php">copy('image1.jpg', 'del/image1.jpg');</code>

• move_uploaded_file(): Specifically for uploaded files, use move_uploaded_file(). It verifies that the file is a genuine upload, preventing non-uploaded files from being moved.

  <code class="php">$uploads_dir = '/uploads';
  foreach ($_FILES["pictures"]["error"] as $key => $error) {
    if ($error == UPLOAD_ERR_OK) {
        $tmp_name = $_FILES["pictures"]["tmp_name"][$key];
        $name = $_FILES["pictures"]["name"][$key];
        move_uploaded_file($tmp_name, "$uploads_dir/$name");
    }
  }</code>

Remember, always use these safer methods to protect your application and mitigate security risks when moving files on the server.

The above is the detailed content of How to Move Files Safely in PHP?. For more information, please follow other related articles on the PHP Chinese website!