PHP File Upload

Posted on 2003-03-14
Medium Priority
Last Modified: 2006-11-17
What is the best way to upload a file?
Question by:Alta_
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 8135035
ftp with username password. Everything else raise a security problem.

Expert Comment

ID: 8135239
are you asking about image upload or file uplaod

Author Comment

ID: 8135704
I want to upload a file with a web page.

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users


Author Comment

ID: 8135723
I fact I want a php script to upload a file from local disk to a server.
Name of the file on the server should be generated by the php...according to some rules. Name of the file on local system doesn't matter.

Accepted Solution

dunxd earned 500 total points
ID: 8136459
1. Create a web form with enctype set to multipart/form-data
eg <form action="HANDLER.PHP" method="post" enctype="multipart/form-data"

2. Create a form input field like this
<input name="someName" type="file" id="storyPic">

3. Create a file HANDLER.PHP that the form will send the details to

4. In that file add the following line


That is your file uploaded and moved into the folder you specify, with the filename you specify.  You can use php to create a filename, eg you might like to use $_FILES['someName']['type'] to get the mime type of the uploaded file and generate the correct suffix for whatever filename you create.

Don't expect to be able to see your file on your filesystem until you have used move_uploaded_file to move it, at least if you are using PHP on windows with Apache.  Your PHP script can check to see if the file was uploaded using the is_uploaded_file function before trying to do any work with the file.  move_uploaded_file automatically checks to see if the file was uploaded though.

More details at

Hope that helps.  Be very careful what you do with uploaded files.  If someone runs an uploaded script on your server you could lose everything - and so could other people with sites on the same system!  Don't let people upload anything you or they might run!

Expert Comment

ID: 8136643
Glad you liked my answer Alta.  Just to repeat, be really really careful what you do with uploaded files.  Pictures are ok, but any scripts can be a nightmare.  Don't under any circumstances let anyone dictate the filename that will be used!

My friends site got blatted because someone else on the server had allowed people to upload scripts - so someone uploaded a file with and eval of rm -rf / which deleted all files that anyone else had uploaded across the server!

Featured Post

WordPress Tutorial 2: Terminology

An important part of learning any new piece of software is understanding the terminology it uses. Thankfully WordPress uses fairly simple names for everything that make it easy to start using the software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These days socially coordinated efforts have turned into a critical requirement for enterprises.
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question