uploader.php

How to Create a Simple File Uploader with PHP

One of the common tasks that web developers need to do is to allow users to upload files to their websites. Whether it’s images, documents, videos, or any other type of file, uploading files can be a useful feature for many web applications. In this article, we will show you how to create a simple file uploader with PHP, using the built-in $_FILES superglobal array and some basic validation and security checks.
Step 1: Create an HTML Form
The first step is to create an HTML form that will allow the user to select a file from their computer and submit it to the server. The form should have the following attributes:
- The
action
attribute should specify the name of the PHP script that will handle the file upload, such as “uploader.php”. - The
method
attribute should be set to “post”, which means that the form data will be sent in the HTTP request body. - The
enctype
attribute should be set to “multipart/form-data”, which means that the form data will be encoded in a special format that allows multiple files and non-ASCII characters to be sent.
The form should also contain an input
element of type “file”, which will display a browse button and a text field for the user to select a file. The name
attribute of this element should be set to a meaningful value, such as “file”, which will be used later in the PHP script to access the uploaded file. Optionally, you can also add a submit button and some text or labels to make the form more user-friendly. Here is an example of an HTML form for file upload:
<form action="uploader.php" method="post" enctype="multipart/form-data">
<p>Please select a file to upload:</p>
<input type="file" name="file" id="file">
<input type="submit" name="submit" value="Upload">
</form>
Step 2: Create a PHP Script

The next step is to create a PHP script that will receive the uploaded file from the HTML form and process it on the server. The script should have the following steps:
- Check if the user has submitted the form by using the
isset()
function on the$_POST['submit']
variable. - Check if the
$_FILES['file']
variable exists and is not empty, which means that a file has been uploaded. - Validate the uploaded file by checking its size, type, and error status, and reject it if it does not meet your criteria.
- Move the uploaded file from the temporary directory to a permanent location on your server by using the
move_uploaded_file()
function. - Show a success or error message to the user depending on the outcome of the file upload.
Here is an example of a PHP script that implements these steps:
<?php
// Check if the user has submitted the form
if (isset($_POST['submit'])) {
// Check if a file has been uploaded
if (isset($_FILES['file']) && !empty($_FILES['file']['name'])) {
// Get the uploaded file information
$file_name = $_FILES['file']['name']; // File name
$file_size = $_FILES['file']['size']; // File size in bytes
$file_type = $_FILES['file']['type']; // File type (MIME)
$file_tmp = $_FILES['file']['tmp_name']; // Temporary file location
$file_error = $_FILES['file']['error']; // Error code
// Define some constants for validation
define('MAX_FILE_SIZE', 2097152); // 2 MB
define('ALLOWED_TYPES', ['image/jpeg', 'image/png', 'application/pdf']); // Allowed MIME types
define('UPLOAD_DIR', 'uploads/'); // Upload directory
// Validate the file size
if ($file_size > MAX_FILE_SIZE) {