The $_FILES array is a superglobal array that is used in conjunction with the HTML input tag that has type=file. For a file upload to work, the form tag must have enctype='multipart/form-data' as an attribute and the method must be post. It is possible to upload files through AJAX, but it is more difficult. When the form is submitted, the files is uploaded to a temporary directory on the server. We use the $_FILES array to access information about the file. The $_FILES array uses the value of the name attribute to identify the file in question (like a post variable), and then adds a second key to determine the information about the file that is desired. The keys associated with the $_FILES array are as follows:
name - the name of file as it was on client machine
type - the MIME type if known
size - the size of the file in bytes
tmp_name the temporary namve given to the file by PHP
error - an int value representing the error that occurred
So, to access the size of the file that was uploaded with name='currentNewsletter', the php code would be
$_FILES['currentNewsletter']['size'];
The following are possible error messages that can result from an error in an uploaded file:
UPLOAD_ERR_OK - no error occured
UPLOAD_ERR_INI_SIZE(1) - exceeds max file size in php.ini
UPLOAD_ERR_FORM_SIZE(2) - exceeds max value specified in form
UPLOAD_ERR_PARTIAL (3)- upload cancelled an only part uploaded
UPLOAD_ERR_NOFILE(4) - no file was uploaded
If you want to limit the size of the file that users are uploading, add an input in the form with type=hidden that looks as follows. The value below allows for a 1MB file or below to be uploaded.
Once correctly uploaded, the file needs to be moved to a permanent location using the move_uploaded_file() method. Before moving the uploaded file, you should ensure that the file exsists using is_uploaded_file(). An example of this code is as follows:
PHP also provides the ability to read/write/manipulate directories. Some of the functionality is described below:
$dir=opendir($currentdir) - opens a directory and stores a reference in the handler
readdir($dir) - reads a file name from the valid handler
closedir($dir) - closes the directory
dirname($path) - returns directory part of path
basename($path) - returns filname part of path
mkdir(name, [permissions]) - makes a directory of name with permissions, due to inconsitencies in PHP, it is better to create the file without the permissions and then use chmod to change the permissions mode
rmdir($path) - deletes directory at path
isdir() - determines if file is a directory
is_executable() - determines if file is executable by php
is_file() - determines if file is a file
file_exists() - determines if file exists
unlink($filename) - used to delete a file
copy($src, $dest) - copies from source to destination
chmod($filename, $mode) - changes permissions of filename to mode (octal)
When uploading/accessing files on the server, it is important to set the appropriate permissions. Each digit is a number value from 0 to 7. The value specifies what capabilities are available (or not). These numbers correspond to 3 command types. Read, write and execute.
Read (r) has a value of 4. It allows listing files in the directory.
Write (w) has a value of 2. It allows the addition of new files to the directory.
Execute (x) has a value of 1. It allows access to the files in the directory.
Here are the possible combinations available using these command types :
Digit
rwx
Result
0
- - -
no access
1
- - x
execute
2
- w -
write
3
- w x
write and execute
4
r - -
read
5
r - x
read and execute
6
r w -
read and write
7
r w x
read, write and execute
The first number represents the host server. This will usually be set to 7 giving the host full permission on the files in the folder. The second number represents the group (YOU - the individual being hosted). And the third number represents the world (the visitors to the site). Normally, on free hosts, these two digits will be set to 4, allowing the reading (and displaying) of files. Thus, no executing capabilities.
Typical settings for files are 777, 755, 666 or 644.
Typical settings for directories are 777 or 755.
Cgi scripts 755, data files 666, and configuration files 644