To upload files to a server over HTTP protocol the form tag must have an enctype set, and it must be set to form-data/multipart ie. <form enctype="form-data/multipart"> or else it just won't transfer the file.
So heres a sample form:
- Code: Select all
<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>" enctype="form-data/multipart">
<table cellpadding="0" cellspacing="2" width="600">
<? for ($i = 0; $i < 5; $i++): ?>
<tr>
<td>
File <?php echo $i+1; ?>.
</td>
<td>
<input type="file" name="files[]" />
</td>
</tr>
<?php endfor; ?>
</table>
<input type="submit" value="Upload" name="process" />
</form>
This will create a form that holds 5 file inputs (note type=file and the name is set to files[] to support multiple fileuploads with just one name) and it submits to the page itself.
- Code: Select all
<?php
$extensions = array('jpg','jpeg','png','gif','bmp'); // this is some image filetypes we would like to support
$maxfilesize = 200*1024; // limit file uploads to 200 kb, yea thats why we are multiplying with 1024, to get kb. Note this is perfile
$uploaddir = "./upload/"; // this is a dir that is in the same path as this file, it must have 0777 permissions.
// All file uploads are contained in the array $_FILES in php
// print_r($_FILES); // for more information
if (count($_FILES['files']['tmp_name']) > 1) { // are we serving a multi upload?
for ($i = 0; $i < count($_FILES['files']['tmp_name']); $i++)
{
if ($_FILES['files']['size'][$i] > 0) { // if size is over 0 there was no error uploading a file
$ext = strtolower(pathinfo($_FILES['files']['name'][$i],PATHINFO_EXTENSION));
if (!in_array($ext,$extensions)) { // are we allowed to upload a .$ext file?
echo "You cannot upload a $ext file, only ".join(", ",$extensions)." are allowed<br />";
} else {
if ($_FILES['files']['size'][$i] > $maxfilesize)
{
echo "Your file is too big, $maxfilesize bytes allowed<br />";
} else {
if (!move_uploaded_file($_FILES['files']['tmp_name'][$i],$uploaddir.time().'_'.$_FILES['files']['name'][$i])) {
// fall back on copy
if (!copy($_FILES['files']['tmp_name'][$i],$uploaddir.time().'_'.$_FILES['files']['name'][$i])) {
echo "Sorry could not upload your file.<br />";
}
}
}
}
}
}
} else { // single upload
if ($_FILES['files']['size'] > 0) { // if size is over 0 there was no error uploading a file
$ext = strtolower(pathinfo($_FILES['files']['name'],PATHINFO_EXTENSION));
if (!in_array($ext,$extensions)) { // are we allowed to upload a .$ext file?
echo "You cannot upload a $ext file, only ".join(", ",$extensions)." are allowed<br />";
} else {
if ($_FILES['files']['size'] > $maxfilesize)
{
echo "Your file is too big, $maxfilesize bytes allowed<br />";
} else {
if (!move_uploaded_file($_FILES['files']['tmp_name'],$uploaddir.time().'_'.$_FILES['files']['name'])) {
// fall back on copy
if (!copy($_FILES['files']['tmp_name'],$uploaddir.time().'_'.$_FILES['files']['name'])) {
echo "Sorry could not upload your file.<br />";
}
}
}
}
}
}
?>
The comments should explain much of the script
This should serve as an example only, and i cannot be held responsible if this script somehow affects or damages your system (uploading malicous files?).