For the security of the website, uploading of php files is definitely not allowed. If someone enters your backend and uploads a php file, all the source code of your website will be saved and become his, and he can package it directly to see your code. Therefore, you must control the uploaded directory and file type. Generally, only images can be uploaded.
Create a file upload form
It is very useful to allow users to upload files from a form.
Please look at the following HTML form for uploading files:
<html> <body> <form action="upload_file.php" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="file" id="file" /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </body> </html>
Please note the following information about this form: