Uploading Files Securely with PHP

with David Powers
please wait ...
Uploading Files Securely with PHP
Video duration: 0s 2h 50m Intermediate


The basic process of uploading files with PHP is very simple, but there are security implications that many people are unaware of. This course shows how to create a secure custom PHP class that can handle both single-file and multi-file uploads. Author David Powers shows you how to create a file upload class that checks the size, type, and names of files, renaming them when it encounters a duplicate file name. He'll show you how to make the class report on the outcome of the upload process and the nature of any errors that occur, and how to prevent the user from uploading files that exceed the server limits.

At the end of this course, you'll have a robust, flexible class that can be incorporated into many projects (including web forms) with just a few lines of code.

Topics include:
  • How PHP handles file uploads
  • Setting the maximum file size
  • Moving the file to its destination
  • Creating and using a namespaced class
  • Displaying error messages
  • Restricting unacceptable MIME types and file extensions
  • Using the class
  • Reporting errors
  • Altering the user


- [Voiceover] Welcome to Uploading Files Securely with PHP. I'm David Powers. In this course, I'll begin by showing you how PHP handles file uploads, and how to understand the contents of the file's super global array. I'll take you step-by-step through constructing a custom PHP class, capable of handling both single and multiple file uploads. The class will check the size, type, and name of the file, and it will optionally rename the file if another one of the same name has already been uploaded.

The class will also report the outcome of the upload, including any errors. I'll also show you how to prevent the form from being submitted if too many files are selected or if they exceed the server limits. So without further ado, let's dive into Uploading Files Securely with PHP.

please wait ...