November 2002
Intermediate to advanced
640 pages
16h 33m
English
Content preview from PHP CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
9.6. Processing Uploaded Files
Problem
You want to process a file uploaded by a user.
Solution
Use the $_FILES
array:
// from <input name="event" type="file">
if (is_uploaded_file($_FILES['event']['tmp_name'])) {
readfile($_FILES['event']['tmp_name']); // print file on screen
}Discussion
Starting in PHP 4.1, all uploaded files appear in the
$_FILES
superglobal array. For each file, there are four pieces of
information:
-
name The name assigned to the form input element
-
type The MIME type of the file
-
size The size of the file in bytes
-
tmp_name The location in which the file is temporarily stored on the server.
If you’re using an earlier version of PHP, you need
to use $HTTP_POST_FILES instead.
After you’ve selected a file from that array, use
is_uploaded_file( )
to confirm that the file
you’re about to process is a legitimate file
resulting from a user upload, then process it as you would other
files on the system. Always do this. If you blindly trust the
filename supplied by the user, someone can alter the request and add
names such as /etc/passwd to the list for
processing.
You can also move the file to a permanent location; use
move_uploaded_file( )
to safely transfer the file:
// move the file: move_uploaded_file() also does a check of the file's // legitimacy, so there's no need to also call is_uploaded_file() move_uploaded_file($_FILES['event']['tmp_name'], '/path/to/file.txt');
Note that the value stored in tmp_name is the complete path to the file, not just the base name. ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.