CSC 2720 Building Web Applications - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

CSC 2720 Building Web Applications

Description:

CSC 2720 Building Web Applications PHP File Upload Handling File Uploads in PHP PHP must run with the right settings. You may need to change the PHP configuration ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 11
Provided by: cjyuan
Category:

less

Transcript and Presenter's Notes

Title: CSC 2720 Building Web Applications


1
CSC 2720Building Web Applications
  • PHP
  • File Upload

2
Handling File Uploads in PHP
  • PHP must run with the right settings.
  • You may need to change the PHP configuration file
    php.ini.
  • A temporary storage directory must exists with
    the correct permissions.
  • Uploaded files are stored here temporarily the
    files may be removed from here when your PHP
    script finishes processing the HTTP request.
  • The final storage directory must exists with the
    correct permissions.
  • You have to write codes to move the uploaded
    files from the temporary directory to another
    directory.

3
Configuring php.ini
  • file_uploads
  • Enable/disable PHP support for file uploads
  • max_input_time
  • Indicates how long, in seconds, a PHP script is
    allowed to receive input
  • post_max_size
  • Size, in bytes, of the total allowed POST data
  • upload_tmp_dir
  • Indicates where uploaded files should be
    temporarily stored
  • upload_max_filesize
  • Size, in bytes, of the largest possible file
    upload allowed

4
HTTP File Upload (RFC 1867)
ltform action"file_upload.php" method"post"
enctype"multipart/form-data"gt ltinput
type"hidden" name"MAX_FILE_SIZE"
value"30000" /gt ltinput type"file"
name"upload" /gt ltinput type"submit"
value"Upload" /gt lt/formgt
  • Set attribute METHOD"POST"
  • Set attribute ENCTYPE"multipart/form-data"
  • Use INPUT element with TYPE"file" to create a
    file upload control (one control per file)
  • Hidden input field MAX_FILE_SIZE recommends to
    the web client the limit of the size of the
    uploaded file.

5
POST register.jsp HTTP/1.1 Host
hi/iq User-Agent Mozilla/5.0 (Windows U
Windows NT 5.1 en-US rv1.2) Gecko/20021126 Acce
pt text/xml,application/xml,application/xhtmlxml
,text/htmlq0.9,text/plainq0.8, video/x-mng,ima
ge/png,image/jpeg,image/gifq0.2,text/css,/q0
.1 Accept-Language en-us, enq0.50 Accept-Encodi
ng gzip, deflate, compressq0.9 Accept-Charset
ISO-8859-1, utf-8q0.66, q0.66 Keep-Alive
300 Connection keep-alive Content-Type
multipart/form-data boundary--------------------
-------29772313742745 Content-Length
452 -----------------------------29772313742745 Co
ntent-Disposition form-data name"name" J.Doe --
---------------------------29772313742745 Content-
Disposition form-data name"email" abuse_at_spamcop
.com -----------------------------29772313742745 C
ontent-Disposition form-data name"file-upload"
filename"test.txt" Content-Type
text/plain test data with some high ascii ÂComo
estÃs? -----------------------------2977231374274
5--
An example of data sent via POST method with
enctype"multipart/form-data" (Copied from
http//www.devx.com/Java/Article/17679/0/page/2)
6
The _FILES Array
Index Meaning
name The original name of the file (as it was on the user's computer).
type The MIME type of the file, as provided by the browser.
size The size of the uploaded file in bytes.
tmp_name The temporary filename of the uploaded file as it was stored on the server.
error The error code associated with any problem.
7
Processing the uploaded items
// "upload" is the name assigned to the input
element, as in // ltinput type"file"
name"upload" /gt if (isset(_FILES'upload'))
if (_FILES'upload''error' gt 0))
// File upload fails. See next slide for
detailed info about the // meaning of the
error code. else // e.g., only allows
JPEG image files to be uploaded // Note This
is not a complete list of MIME types for JPEG
images allowed array('image/jpeg',
'image/jpg') // Continue next page
8
Processing the uploaded items ( continue)
if (in_array(_FILES'upload''type',
allowed)) tmp _FILES'upload''t
mp_name' dst "C/uploads/_FILES'uplo
ad''name'" if (move_upload_file(tmp,
dst)) // Success !
// End of else // Manually delete the
temporary uploaded file if // it still exists
tmp _FILES'upload''tmp_name' if
(file_exists(tmp) is_file(tmp))
unlink(tmp)
Note move_uploaded_file() will overwrite an
existing file without warning.
9
File Upload Error Messages Explained
  • UPLOAD_ERR_OK
  • Value 0 There is no error, the file uploaded
    with success.
  • UPLOAD_ERR_INI_SIZE
  • Value 1 The uploaded file exceeds the
    upload_max_filesize directive in php.ini.
  • UPLOAD_ERR_FORM_SIZE
  • Value 2 The uploaded file exceeds the
    MAX_FILE_SIZE directive that was specified in the
    HTML form.
  • UPLOAD_ERR_PARTIAL
  • Value 3 The uploaded file was only partially
    uploaded.
  • UPLOAD_ERR_NO_FILE
  • Value 4 No file was uploaded.
  • UPLOAD_ERR_NO_TMP_DIR
  • Value 6 Missing a temporary folder. Introduced
    in PHP 4.3.10 and PHP 5.0.3.
  • UPLOAD_ERR_CANT_WRITE
  • Value 7 Failed to write file to disk.
    Introduced in PHP 5.1.0.
  • UPLOAD_ERR_EXTENSION
  • Value 8 File upload stopped by extension.
    Introduced in PHP 5.2.0.
  • Source http//www.php.net/manual/en/features.file
    -upload.errors.php

10
References and Related Resources
  • PHP Filesystem Functions
  • e.g.,
  • mkdir() Create a directory
  • filesie() Get the size of a file
  • copy() Copy a file
  • rename() Rename a file or folder
  • filemtime() Get file modification time
  • http//www.php.net/manual/en/ref.filesystem.php
  • PHP Handling File Uploads
  • http//www.php.net/manual/en/features.file-upload.
    php
  • PHP 6 and MySQL 5 for Dynamic Web Sites Visual
    QuickPro Guide (3rd Edition), by Larry Ullman.
    Peachpit Press, 2007 (pp 302-15)
Write a Comment
User Comments (0)
About PowerShow.com