PHP Form Image Upload

This tutorial shows you how to upload an image on your server using PHP and html forms. You will also learn how to verify if the uploaded file is an image (checking the extension), if it doesn’t overtakes a size limit and how to change the uploaded file name.

Important: You must set the enctype form atribute to “multipart/form-data”, otherwise the form will not show you any errors, but it will just not upload your images!

 

Step 1: Create a folder named images located in the path you are planning to place the php script you are about to create. Make sure it has write rights for everybody or the scripts won’t work ( it won’t be able to upload the files into the directory).

Step 2: Paste the following code into a php file.

Please read carefuly the comments. All steps are explained there.

<?php
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","100"); 

//This function reads the extension of the file. It is used to determine if the file  is an image by checking the extension.
 function getExtension($str) {
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
 }

//This variable is used as a flag. The value is initialized with 0 (meaning no error  found)  
//and it will be changed to 1 if an errro occures.  
//If the error occures the file will not be uploaded.
 $errors=0;
//checks if the form has been submitted
 if(isset($_POST['Submit'])) 
 {
 	//reads the name of the file the user submitted for uploading
 	$image=$_FILES['image']['name'];
 	//if it is not empty
 	if ($image) 
 	{
 	//get the original name of the file from the clients machine
 		$filename = stripslashes($_FILES['image']['name']);
 	//get the extension of the file in a lower case format
  		$extension = getExtension($filename);
 		$extension = strtolower($extension);
 	//if it is not a known extension, we will suppose it is an error and will not  upload the file,  
	//otherwise we will do more tests
 if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) 
 		{
		//print error message
 			echo '<h1>Unknown extension!</h1>';
 			$errors=1;
 		}
 		else
 		{
//get the size of the image in bytes
 //$_FILES['image']['tmp_name'] is the temporary filename of the file
 //in which the uploaded file was stored on the server
 $size=filesize($_FILES['image']['tmp_name']);

//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*1024)
{
	echo '<h1>You have exceeded the size limit!</h1>';
	$errors=1;
}

//we will give an unique name, for example the time in unix time format
$image_name=time().'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="images/".$image_name;
//we verify if the image has been uploaded, and print error instead
$copied = copy($_FILES['image']['tmp_name'], $newname);
if (!$copied) 
{
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully! Try again!</h1>";
 }

 ?>

 <!--next comes the form, you must set the enctype to "multipart/frm-data" and use an input type "file" -->
 <form name="newad" method="post" enctype="multipart/form-data"  action="">
 <table>
 	<tr><td><input type="file" name="image"></td></tr>
 	<tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
 </table>	
 </form>

This code was tested and works fine, I hope you will find it useful.

Fix `ereg is deprecated` errors in PHP 5.3

[ad#hlinks]

If you upgraded to PHP 5.3, chances are high you’re going to run into a few warnings or deprecated function messages.
An example is the ereg family of functions, which are gone for good, as they were slower and felt less familiar than the alternative Perl-compatible preg family.

To migrate ereg():

1. ereg(‘.([^.]*$)’, $this->file_src_name, $extension);

becomes

1. preg_match(‘/.([^.]*$)/’, $this->file_src_name, $extension);

Notice that I wrapped the pattern (.([^.]*$)) around / /, which are RegExp delimiters. If you find yourself escaping / too much (for an URL for example), you might want to use the # delimiter instead.

To migrate ereg_replace():

1. $this->file_dst_name_body = ereg_replace(‘[^A-Za-z0-9_]’, ”, $this->file_dst_name_body);

becomes

1. $this->file_dst_name_body = preg_replace(‘/[^A-Za-z0-9_]/’, ”, $this->file_dst_name_body);

Again, I just added delimiters to the pattern.
If you are using eregi functions (which are the case-insensitive version of ereg), you’ll notice there’re no equivalent pregi functions. This is because this functionality is handled by RegExp modifiers.

Basically, to make the pattern match characters in a case-insensitive way, append i after the delimiter:

1. eregi(‘.([^.]*$)’, $this->file_src_name, $extension);

becomes

1. preg_match(‘/.([^.]*$)/i’, $this->file_src_name, $extension);

[ad#ad-2]