Upload file in php with syntax and examples

PHP allows you to upload files from a client's device to your server using the $_FILES superglobal array.

File Upload Syntax:

1. $_FILES['file']['name']: File name
2. $_FILES['file']['type']: File type (MIME)
3. $_FILES['file']['tmp_name']: Temporary file path
4. $_FILES['file']['size']: File size (bytes)
5. $_FILES['file']['error']: Error code (0 = no error)

Example:

// HTML form
<form method="post" enctype="multipart/form-data">
  <input type="file" name="file">
  <button type="submit">Upload</button>
</form>

// PHP script
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  $file_name = $_FILES['file']['name'];
  $file_type = $_FILES['file']['type'];
  $tmp_name = $_FILES['file']['tmp_name'];
  $file_size = $_FILES['file']['size'];
  $error = $_FILES['file']['error'];

  // Move uploaded file to a permanent location
  $upload_dir = 'uploads/';
  $upload_file = $upload_dir . $file_name;
  move_uploaded_file($tmp_name, $upload_file);
}


File Upload Configuration:

1. file_uploads: Enable file uploads (php.ini)
2. upload_max_filesize: Set maximum file size (php.ini)
3. post_max_size: Set maximum POST data size (php.ini)

Example:

// php.ini
file_uploads = On
upload_max_filesize = 10M
post_max_size = 12M


File Upload Security:

1. Validate file type and size
2. Use move_uploaded_file() to prevent directory traversal
3. Store files outside the web root
4. Use a secure upload directory

Best Practices:

1. Use enctype="multipart/form-data" in the HTML form
2. Validate and sanitize file data
3. Use move_uploaded_file() to move files
4. Configure file upload settings in php.ini
5. Implement file upload security measures
6. Test file uploads thoroughly

By understanding file uploads in PHP, you can create secure and efficient file upload systems for your applications.