How to Correctly Upload Files in PHP and Handle Potential Errors?

Upload a File Using PHP

Uploading files to a specified folder is a common task in many web applications. This question explores a simple PHP code block aimed at achieving this task.

$folder = "upload/";
if (is_uploaded_file($HTTP_POST_FILES['filename']['tmp_name'])) {   
    if (move_uploaded_file($HTTP_POST_FILES['filename']['tmp_name'], $folder . $HTTP_POST_FILES['filename']['name'])) {
         echo "File uploaded";
    } else {
         echo "File not moved to destination folder. Check permissions";
    };
} else {s
     echo "File is not uploaded";
}; 

However, upon execution, an error occurs:

Notice: Undefined variable: HTTP_POST_FILES in C:\wamp\www\sdg\import\ips.php on line 3

Solution:

The error is caused by using the deprecated variable $HTTP_POST_FILES. Instead, use $_FILES:

$folder = "upload/";
if (is_uploaded_file($_FILES['filename']['tmp_name'])) {   
    if (move_uploaded_file($_FILES['filename']['tmp_name'], $folder . $_FILES['filename']['name'])) {
         echo "File uploaded";
    } else {
         echo "File not moved to destination folder. Check permissions";
    };
} else {s
     echo "File is not uploaded";
}; 

Enhanced PHP Code:

The following enhanced PHP code offers improved features, including type checking and file size validation:

$target_dir = "upload/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
$allowedTypes = ['jpg', 'png'];

if (isset($_POST["submit"])) {
    // Check file type
    if (!in_array($imageFileType, $allowedTypes)) {
        $msg = "Type is not allowed";
    } 
    // Check if file exists
    elseif (file_exists($target_file)) {
        $msg = "Sorry, file already exists.";
    } 
    // Check file size
    elseif ($_FILES["fileToUpload"]["size"] > 5000000) {
        $msg = "Sorry, your file is too large.";
    } 
    // Move file
    elseif (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
        $msg = "The file " . basename($_FILES["fileToUpload"]["name"]) . " has been uploaded.";
    }
}
?>

HTML Code:

<form action="upload.php" method="post">

This improved code ensures that only allowed file types are uploaded, prevents duplicate file names, and limits file size to avoid overloading your server.

The above is the detailed content of How to Correctly Upload Files in PHP and Handle Potential Errors?. For more information, please follow other related articles on the PHP Chinese website!