Hi there,

I haven't tested any of this, and there are probably some things that need
adding, but it'll give you an idea at least.

Form element:

<input type="file" name="thefile">

// What files do we want?
$types_we_want = array("image/gif", "image/jpeg", "image/pjpeg"); // allows
jpegs and gifs
// What is the max size we want (in bytes)?
$size_we_want = (50 * 1024); // 50Kb

// function to test whether or not the file is an image, and whether it is
in the correct
// size restriction
function CheckImage($thefile, $thefile_name, $thefile_type, $thefile_size,
$types_we_want, $size_we_want) {
    if (!in_array($thefile_type, $types_we_want)) {
        // the file is of invalid type
        return false;
    } else
    if ($thefile_size > $size_we_want) {
        // too big
        return false;
    return true;

// function to explain what's wrong with the file
function AnImageError($thefile, $thefile_name, $thefile_type, $thefile_size,
$types_we_want, $size_we_want) {
    if (!in_array($thefile_type, $types_we_want)) {
        // the file is of invalid type
        echo $thefile_name . " is not a jpeg or gif!";
    } else
    if ($thefile_size > $size_we_want) {
        // too big
        echo $thefile_name ." is bigger than the allowed file size of  " .
($size_we_want / 1024) . "Kb";

// function to change the name of the image (if you don't do this, and one
// uploads a file named "name.jpg" and then another person uploads a file
// the same name, the second will overwrite the original

function NewImageName($thefile_name, $thefile_type) {

    $timestamp = time(); // use a timestamp
    $prefix = substr($thefile_name, 0, 2); // get two characters from the
beginning of the filename
    // for a bit of randomness (use another function like mtsrand() (see
    // for something better

    if ($thefile_type == "image/jpeg" || $thefile_type == "image/pjpeg") {
        // file is a jpeg
        $ext = ".jpg";
    } else {
        // file is a gif
        $ext = ".gif";

    $newfilename = $prefix . $timestamp . $ext;

    return $newfilename;

// function to upload the file.
function DoUploadFile($thefile, $thefile_name, $thefile_type, $thefile_size)
    global $connection; // this contains details of your mysql connection

    $size = @GetImageSize($thefile);
    list($ignoreme,$width,$ignoremeagain,$height) = explode("\"",$size[3]);
    // gets the width and height of the file

    // rename the image with the function we defined above
    $newfilename = NewImageName($thefile_name, $thefile_type);

    // specify a directory to copy the temp file to in the following line
    // eg /home/mysite/web/images

    if (!@copy($thefile, "/path/to/store/files" . $newfilename)) {
        echo "Sorry, something's gone wrong here.";
    } else {
        // insert the data into your table.  the columns are the unique id
of the file,
        // the date the file is uploaded in datetime format,
        // the name of the file (varchar, 50), its size in bytes( int), its
width(int) and height(int).
         $insert_data = "INSERT INTO mysql_table
                                (picid, picorigin, picname, picsize,
picwidth, picheight)
                                ('', NOW(), '$newfilename', '$thefile_size',
'$width', '$height')";
        $do_upload = @mysql_query($insert_data, $connection);

        if (!$do_upload) { // query failed
            echo "There was an error with the database.";
        } else {
            echo "Thanks.  " . $thefile_name . " has been uploaded.";

// Put it all together in your form handling
if ($thefile_name != "") {
    if (!CheckImage($thefile, $thefile_name, $thefile_type, $thefile_size,
$types_we_want, $size_we_want)) {
        AnImageError($thefile, $thefile_name, $thefile_type, $thefile_size,
$types_we_want, $size_we_want);
    } else {
        DoUploadFile($thefile, $thefile_name, $thefile_type, $thefile_size);

Hope that helps,


"Dr. Evil" <[EMAIL PROTECTED]> wrote in message
> My PHP script needs to receive some files.  I've seen sites which
> accept them; they have a Browse button which lets the user select a
> file to send.  That's what I want to do.
> I have a few questions about this.  First of all, this is with
> php4.06.  Secondly, the files are all going to be images, and not very
> large: no more than 50k.
> What's the best way to do this?  I notice that PHP can store these
> files on disk, but I'm going to be storing them in a DB.  I would
> rather receive them directly into a PHP variable.  Is this possible?
> Or should I take them in a file, and then read them back in to a
> variable?
> Also, if they need to go into a file, which directory is safest for
> this?  /tmp contains some important files.  And finally, how do I
> limit the maximum file size that PHP will accept?
> Thanks

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to