Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Examining the $_FILES array

From: Uploading Files Securely with PHP

Video: Examining the $_FILES array

We've created a form with a file input field, and we're And then we need that closing pre tag.

Examining the $_FILES array

We've created a form with a file input field, and we're now ready to start processing the file when the form is submitted. We'll begin by examining the contents of the superglobal array that PHP uses to handle file uploads. The action attribute reloads the page when the form is submitted. So let's create a PHP code block above the doc type to handle a form data. We want the code in this code block to be executed only after the form has been submitted. The name of the submit button is upload.

And we're using the post method. So the condition here needs to be if isset, and we're looking for the POST superglobal array, and the name of that submit button, upload. So we can now add our code inside that conditional block. Now although the form is submitted using the post method, the file is in a separate superglobal array called files. And we can use print_r to examine the contents of the files array.

To make it easier to read, we'll format it using some HTML text, some pretext. So echo, then pre, then we can use print_r. And the file superglobal array, in common with other superglobals, starts with an underscore after the $, and then it's all in upper case, FILES. And then we need that closing pre tag. So if we save, that and run the page, and we can select the file, clicking the Choose File button, doesn't matter which file you choose.

And then submit the form using Upload File. And there are the contents of the file superglobal array displayed. Let's just zoom in a little bit so we can see it more easily. And the files superglobal array is a multi-dimensional associative array. And the first element there is filename, which was the name that we gave to file input field. And that contains another array with five elements. name, which is the name of the file. Type, which is the MIME type usually.

Tmp_name, which is the temporary name and the location of the file, when it's uploaded by PHP. And error code, in this case, it's 0, which means there's no error at all. And then the size expressed in bytes. So this is vital information for handling the uploaded file. The only thing that you can't rely on 100% is the value of type. That's what the browser reports as being the file's type. It's usually the MIME type, but not always.

But let's see what happens when you submit the form without selecting a file. So let's just click Upload File. The files array is still there, because we've got that file input field in the form called filename. But the first three elements of the sub array are empty. And the error is 4, which means that no file was selected. And quite naturally, because no file was selected, its size is 0 bytes. So clearly, it's important to check the error code before trying to process an uploaded file.

The only purpose of the form in this page is to upload a file, but you might have a form with other fields, where uploading a file is optional. So we've seen two error codes, but there are eight of them altogether. So let's examine what they are. As we've already seen, zero means the file was uploaded successfully. Error codes one and two mean the file was too big. In the case of error code one, it means it exceeds the size set down in the upload_max_ filesize directive in the PHP configuration.

On the other hand, error code two means it was bigger than the value specified in a hidden form field. We'll look at both of these later in the chapter. Error code three means the file was only partially uploaded. As we've just seen, four means no file was selected for upload. There's no error code five, but six means the server doesn't have a temporary upload folder. And seven means PHP couldn't write the file to disk. The final error code eight means that a PHP extension prevented the file from being uploaded. However, there's no way of identifying which extension was responsible. So those are the eight error codes.

Let's just return to the browser and refresh our memory about what the file's superglobal array contains. If you get error code four, that means that no file has been selected, so let's just select another file, and test that. What we get in that file's superglobal array, is the name of the file, its type, which is usually the MIME type, but is sometimes a guess by the browser. The temporary name where it's stored, the error code, and the size in bytes.

Show transcript

This video is part of

Image for Uploading Files Securely with PHP
Uploading Files Securely with PHP

33 video lessons · 2791 viewers

David Powers
Author

 
Expand all | Collapse all
  1. 4m 49s
    1. Welcome
      57s
    2. What you should know before watching this course
      2m 0s
    3. Using the exercise files
      1m 52s
  2. 33m 2s
    1. How PHP handles file uploads
      6m 16s
    2. Examining the $_FILES array
      5m 8s
    3. Setting the maximum file size
      5m 36s
    4. Preparing the upload folder
      3m 18s
    5. Moving the file to its destination
      6m 51s
    6. Limitations on file uploads
      5m 53s
  3. 47m 3s
    1. Planning the class's features
      3m 15s
    2. Creating and using a namespaced class
      5m 25s
    3. Creating the class constructor
      7m 26s
    4. Getting a reference to the uploaded file
      5m 9s
    5. Checking the error level
      5m 7s
    6. Displaying errors and other messages
      4m 51s
    7. Setting and checking the maximum file size
      7m 19s
    8. Strengthening the setMaxSize() method
      8m 31s
  4. 35m 30s
    1. Restricting acceptable MIME types
      5m 27s
    2. Removing spaces from file names
      5m 21s
    3. Restricting acceptable file-name extensions
      6m 10s
    4. Neutralizing potentially dangerous uploads
      5m 54s
    5. Renaming files with duplicate names
      7m 58s
    6. Moving the file to its destination
      4m 40s
  5. 10m 25s
    1. Understanding how the $_FILES array handles multiple files
      4m 42s
    2. Adapting the class to handle both single and multiple uploads
      5m 43s
  6. 38m 15s
    1. Overview of the UploadFile class
      5m 9s
    2. Setting up to use the class
      4m 11s
    3. Using the class
      8m 12s
    4. Reporting errors with multiple uploads
      4m 0s
    5. Displaying the server limits
      4m 51s
    6. Alerting the user about exceeding the server limits
      6m 14s
    7. Changing the class's defaults
      5m 38s
  7. 1m 38s
    1. Goodbye
      1m 38s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ .

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed Uploading Files Securely with PHP.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member ?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferences from the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Learn more, save more. Upgrade today!

Get our Annual Premium Membership at our best savings yet.

Upgrade to our Annual Premium Membership today and get even more value from your lynda.com subscription:

“In a way, I feel like you are rooting for me. Like you are really invested in my experience, and want me to get as much out of these courses as possible this is the best place to start on your journey to learning new material.”— Nadine H.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.