1st. Create a file named form.php and put this into it..
<!DOCTYPE html>
<html>
<body>
<form action="upload.php" method="post" enctype="multipart/form-data">
<input type="file" name="filetoUpload" id="filetoUpload">
<input type="submit" value="Upload Image" name="submit">
</form>
</body>
</html>
After that, Create a File named upload.php and put this into it..
<?phpNOTE: Create a folder named "uploads".
$targetdir = "uploads/";
$target_file = $targetdir . basename($_FILES["filetoUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
//Check if image file is actual image or false
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["filetoUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check['mime'] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
//If file exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
//File size
if ($_FILES['filetoUpload']['size'] > 500000) {
echo "File too large.";
$uploadOk = 0;
}
// Allow only image
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) {
echo "Sorry, only JPG , PNG, JPEG and GIF files are allowed.";
$uploadOk = 0;
}
//Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, file not uploaded.";
//if everything is ok, try to upload
} else {
if (move_uploaded_file($_FILES['filetoUpload']['tmp_name'], $target_file)) {
echo "The file ". basename( $_FILES['filetoUpload']['name']). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
?>
Now there you have an upload form that validates and image, and is secure too... Have a great day!
No comments:
Post a Comment