One of the cool things about server side scripting is the ability to upload files from a user’s computer to your web server. In this tutorial I will demonstrate PHP’s ability to capture uploaded files and save them on the web server. Our sample takes a user’s photo and saves it to a folder on the server where other users can view it on the web.

You can download the code here.

Create a file with a name of your choice and put the following code into it.

<form action="upload.php" method="post" enctype="multipart/form-data">
	<div>Upload your photo:</div>
	<input type="file" name="photo_file" />
	<input type="submit" name="submit" value="Upload" />
	<input type="hidden" name="max_file_size" value="8000000" />
	<input type="hidden" name="user_id" value="1" />
</form>

This is the web page where the user can select the file they want to upload.

The first line has two parts I want to point out: the action attribute and the enctype attribute. The action’s value is the name of your PHP file that will handle the upload. The entype’s value in this case tells our server that we aren’t just posting your typical text or password type values, but rather we are passing several types, namely a file and a few inputs.

The only required types of inputs for uploading a file are file and submit, but for this example I’ve added a hidden user_id that will be used as well.

Now, on to the juicy stuff… handling the upload on the server.

Create a file called upload.php. This file has the same name that we gave our form’s action attribute. When you are coding your own application you can use whatever file name you want.

Put the following code into your upload.php file:

<?php
 
// Make sure the uploaded file is an image of type JPG, GIF, or PNG and that it does not exceed 8000000 bytes (approx. 8 MB) in size.
if (
!empty($_FILES["photo_file"]["tmp_name"]) &&
$_FILES["photo_file"]["size"] < 8000000 &&
(
	$_FILES["photo_file"]["type"] == "image/gif" ||
	$_FILES["photo_file"]["type"] == "image/jpeg" ||
	$_FILES["photo_file"]["type"] == "image/pjpeg")
)
{
 
    // The file has already been saved to a temporary location on the server.  Get the temp file's path.
    $file_path = $_FILES['photo_file']['tmp_name'];
 
    // Grab the User ID we sent from our form
    $user_id = $_POST['user_id'];
 
    // Create the directory where our user photos where be stored, if it doesn't already exist.
    // We will give our directory name the ID of the user that uploaded the photo.
    $save_dir = "img/users/$user_id";
	if (!file_exists($save_dir)) {
 
		// Our directory does not already exists, so create it.
        mkdir($save_dir, 0755, true);
	}
 
    // Attempt to move the temp file to our user's folder.
	$save_file_path = $save_dir . "/" . basename($_FILES['photo_file']['name']);
    if (move_uploaded_file($_FILES['photo_file']['tmp_name'], $save_file_path)) {
 
        // Moving the file was a success!
        echo("<div>Your photo has been uploaded successfully!</div><div><img src=\"$save_file_path\" />");
 
    } else {
 
        // Moving the file failed.  Prompt the user to try again.
        echo("There was an error uploading your file.  Please try again.");
 
    }
}
 
?>

What does all this do? In a nutshell:

  • Verifies that the uploaded image is of JPEG, GIF, or PNG type.
  • Saves the file to a folder named after the User ID on the server.
  • If successful the picture is displayed on the page for the user to see!

Fun stuff huh! In a later tutorial I will show you how to resize your uploaded images, creating thumbnails, medium sized, and large images.