I’m looking for some help with PHP File Upload. I’m trying to upload an image, using the following code (provided in the w3schools tutorial):
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
Obviously I have some changes to make to their code, but it doesn’t do what it says it’s supposed to do as it is. So I’m asking:
-
Why does this not make a new folder called ‘upload’ as it claims it will? I get the following error:
Warning: move_uploaded_file(upload/donkeykong.jpg) [function.move-uploaded-file]: failed to open stream: No such file or directory in ... etc. -
How should I write the URL where I want the image uploaded?
It doesn’t create a folder because
mkdir()is never called. The code assumes theupload/directory already exists. Create the directory if it doesn’t exist with:As an aside, the statement at the beginning can be cleaned up in a number of ways. One possibilty is to use
in_array()rather than a bunch of||conditions:To place the uploads in
upload/relative to the server document root, you can use$_SERVER['DOCUMENT_ROOT']. However, you should create theupload/directory manually and make it writable by the web server. In order to create the directory through PHP, the whole document root would need to be writable by the web server, which is a massive security flaw.