PHP Upload File Using Forms

You can upload files on server using a HTML form and PHP. You can upload any kind of file like images, videos, ZIP files, Microsoft Office documents, PDFs, and other files. The uploaded file can be saved in any folder on permanent basis. You can also implement some basic security check like file type and file size to ensure that users upload the correct file type and within the allowed limit.

For file uploading to work, the form's optional enctype attribute must be set to "multipart/form-data".

<form action="mypage.php" method="post" enctype="multipart/form-data">
<input name="myfile" type="file">
<input type="submit" value="Upload">

After the form is submitted, information about the uploaded file can be accessed via PHP superglobal array $_FILES. For example, if the upload form contains a file select field with name="photo", you can obtain its details like the name, type, size, temporary name or any error occurred while attempting the upload the file.

  1. $_FILES["photo"]["name"] - Specifies the original name of the file, including the file extension. It doesn't include the file path.
  2. $_FILES["photo"]["type"] - Specifies the MIME type of the file.
  3. $_FILES["photo"]["size"] - Specifies the file size, in bytes.
  4. $_FILES["photo"]["tmp_name"] - Specifies the temporary name including full path that is assigned to the file once it has been uploaded to the server.
  5. $_FILES["photo"]["error"] - Specifies error or status code associated with the file upload, e.g. it will be 0, if there is no error.

After a file has been successfully uploaded, it is temporarily stored on the server. To use this file, or store it permanently, you need to move it from the temporary directory to a permanent location using the move_uploaded_file() function. If it is not saved by the script, it will be deleted.

// Check if the form was submitted
// Check if file was uploaded without errors
if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0){
$allowed = array("jpg" => "image/jpg", "jpeg" => "image/jpeg", "gif" => "image/gif", "png" => "image/png");
$filename = $_FILES["photo"]["name"];
$filetype = $_FILES["photo"]["type"];
$filesize = $_FILES["photo"]["size"];

// Verify file extension
$ext = pathinfo($filename, PATHINFO_EXTENSION);
if(!array_key_exists($ext, $allowed)) die("Error: Please select a valid file format.");

// Verify file size - 5MB maximum
$maxsize = 5 * 1024 * 1024;
if($filesize > $maxsize) die("Error: File size is larger than the allowed limit.");

// Verify MYME type of the file
if(in_array($filetype, $allowed)){
// Check whether file exists before uploading it
if(file_exists("upload/" . $_FILES["photo"]["name"])){
echo $_FILES["photo"]["name"] . " is already exists.";
} else{
move_uploaded_file($_FILES["photo"]["tmp_name"], "upload/" . $_FILES["photo"]["name"]);
echo "Your file was uploaded successfully.";
} else{
echo "Error: There was a problem uploading your file. Please try again.";
} else{
echo "Error: " . $_FILES["photo"]["error"];

The move_uploaded_file function checks to ensure that the first argument contains a valid upload file, and if so, it moves it to the path and renames it to the file name specified by the second argument. The specified folder must already exist, and if the function succeeds in moving the file, it returns true.

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive