File Upload Form

What follows below is a simple upload form and the server-side script necessary for processing the uploaded file.

Code for Upload.html

<html>
<form enctype='multipart/form-data' action='upload.php' method='post'>
<input type='hidden' name='MAX_FILE_SIZE' value='1000000' />
Choose a file to upload: <input name='uploaded_file' type='file' />
<input type='submit' value='Upload' />
</form>
</html>


Code for Upload.php

<?php
//Сheck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
//Check if the file is JPEG image and it's size is less than 350Kb
$filename = basename($_FILES['uploaded_file']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
if (($ext == "jpg") && ($_FILES["uploaded_file"]["type"] == "image/jpeg") &&
($_FILES["uploaded_file"]["size"] < 350000)) {
//Determine the path to which we want to save this file
$newname = dirname(__FILE__).'/upload/'.$filename;
//Check if the file with the same name is already exists on the server
if (!file_exists($newname)) {
//Attempt to move the uploaded file to it's new place
if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
echo "It's done!<p> The file has been saved as: </p>".$newname;
} else {
echo "Error: A problem occurred during file upload!";
}
} else {
echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
}
} else {
echo "Error: Only .jpg images under 350Kb are accepted for upload";
}
} else {
echo "Error: No file uploaded";
}
?>


Hopefully as you read through the above the comments interspersed throughout will provide sufficient explanation as to what is occurring through each step of the script. Also, don't forget to create the 'upload' folder inside your script directory so that upload.php has somewhere to save the file.

Simple, and to the point. Secure, not by a long shot but I'll cover that more soon in another script example.

Enjoy!