Free image uploader script

[Sakura]

Credit for this tutorial: netcode.net

Intro:
Allowing file uploads with PHP is actually very simple, the important things you need to consider if you're going to allow the general public to upload images to your server are:

* The types of files you're going to allow - You don't want people uploading executable files for example.
* The size limit - Even huge images wont take up great amounts of space but if people are going to link to the images uploaded to your site on busy sites or forums then large images can eat alot of bandwidth.
* The dimensions - Not so important, but if you're going to be displaying the images somewhere on your site then you don't want 1280x1024 wallpapers breaking up your pages.

There's other stuff to think about also but i think they would be the main points.

THE FORM:
First we'll create a basic form for the user to upload their image:

<form name="uploader" method="post" action="" enctype="multipart/form-data">
      <input type="file" name="image" style="width:300px;cursor:pointer" />
      <input type="submit" name="upload" value="Upload Image" />
</form>

That's all you really need.

Note this part: enctype="multipart/form-data" this is important for file uploads, the enctype defines the content that'll be posted through the form, the default value is application/x-www-form-urlencoded which is fine for almost any other type of content, except for file uploads, so don't forget this in your form.

Secondly there's input type="file" this is the type of input we need to allow people to browse their pc for the file they want to upload, i'm sure you've seen these many times.

Now we have a form for people to select their image, we need to get it uploaded. Firstly you need to decide where the images are going to be stored.

It's best to create a new directory for these, you then need to CHMOD that directory to 0777 so files can be uploaded, if you're not sure how to do this you need to look for either 'CHMOD' or 'File Permissions' in the help documents of your FTP client, the example directory i'll use is 'uploads'

Next, as with any form-based script, you want to make sure that the form has actually been submitted before you start to run the code, it's easy enough:

if($_POST['upload']) #form has been submitted

This is the first point we'll use the $_FILES variable to check if there's a file name submitted with the form

if($_POST['upload']) {
if($_FILES['image']['name'] == "")
{
    #there's no file name return an error
    echo "Please select a file to upload!\n";
    exit;
}
#we have a filename, continue
}

Next thing we'll do is define two variables, the directory we want to upload the files to, and we'll also use this point to make an array of the file types that we want to allow:

$uploads = '/home/user/public_html/uploads';
$types_array = array('image/gif','image/pjpeg','image/x-png');

I'm using the full server path to the uploads directory, just 'uploads' would work fine if the script is going to sit one level below that directory, using the full server path just means the script will always work if we move it around. Remember to make sure that your directory has the correct permissions to allow you to upload files, it needs to be writeable.

The file types we're going to allow are .gif .jpg and .png include others if you like.

Onto some more error checking, now that we know what types of files we're going to allow, lets check that the file being submitted is one of those using PHP's in_array() function.

#directory to upload to
$uploads = '/home/user/public_html/uploads';

#allowed file types
$types_array = array('image/gif','image/pjpeg','image/x-png');

if(!in_array($_FILES['image']['type'], $types_array))
{
    #the type of the file is not in the list we want to allow
    echo "That file type is not allowed!\n";
    exit;
}

Next, the other two checks we mentioned at the start, first of all the size of the images, think about what you want to allow, you shouldn't really need to allow more than 500kb for general images, although screenshots and wallpapers would need a little more than that.

Checking the file size is easy, still using the $_FILES variable and "size" to return the size in bytes.

Lets say we only want to allow images upto 100kb, first we need to convert that into bytes (100 x 1024 = 102400) then we'll define this value as a variable and check if the image being uploaded is larger than that size.

$max_filesize = 102400;
$max_filesize_kb = ($max_filesize / 1024);

if($_FILES['image']['size'] > $max_filesize)
{
    #file is larger than the value of $max_filesize return an error
    echo "You file is too large, files may be up to ".$max_filesize_kb."kb\n";
    exit;
}

And the last check we'll make is for the dimensions of the image, checking this is a little different.

The easiest way is to use PHP's getimagesize() function, so again, think about the size you want to allow this time in pixels (width and height) and we can use the following to return the dimensions of the submitted image:

$imagesize = getimagesize($_FILES['image']['tmp_name']);

#get width
$imagewidth = $imagesize[0];
#get height
$imageheight = $imagesize[1];

Notice the change here $_FILES['image']['tmp_name'] 'tmp_name' is basically a temporary path and name that's created for the file while it's being processed this is what we need to use to check the size rather than just 'name' which would return 'image.gif'

Now we have the width and height of the image, we can define the maximum sizes we want to allow and check them against each other, lets say we don't want any images larger than 250 x 250 pixels.

#allowed dimensions
$maxwidth = 250;
$maxheight = 250;

if($imagewidth > $maxwidth || $imageheight > $maxheight)
{
    #one or both of the image dimensions are larger than the allowed sizes return an error
    echo "You file is too large, files may be up to ".$maxwidth."px x ".$maxheight."px in size\n";
    exit;
}

Uploading The File

Finally, we've gone through all our error checking, so if we get to this point all that's left is to use move_uploaded_file() to move the file from it's temporary location to the target directory.

move_uploaded_file($_FILES['image']['tmp_name'], $uploads.'/'.$_FILES['image']['name']) or die ("Couldn't upload ".$_FILES['image']['name']." \n");

At this point if you want to you could rename the file, here we've just used the existing file name. You can also then return the path to the file for the user with a combination of $uploads and $_FILES['image']['name']

Remember though if $uploads is the full server path to the directory that wont be much good for people as a link to their file so you might want to define another variable with the absolute path like domain.com/uploads/

May aswell put it all together:

<?php

if($_POST['upload'])
{

# edit #
    $maxwidth = 250;
    $maxheight = 250;
    $max_filesize = 102400;

    $uploads = '/home/user/public_html/uploads';
    $types_array = array('image/gif','image/pjpeg','image/x-png');
# end edit #

if($_FILES['image']['name'] == "")
{
    echo "Please select a file to upload!\n";
    exit;
}

if(!in_array($_FILES['image']['type'], $types_array))
{
    echo "That file type is not allowed!\n";
    exit;
}

    $max_filesize_kb = ($max_filesize / 1024);

if($_FILES['image']['size'] > $max_filesize)
{
    echo "You file is too large, files may be up to ".$max_filesize_kb."kb\n";
    exit;
}

    $imagesize = getimagesize($_FILES['image']['tmp_name']);

    $imagewidth = $imagesize[0];
    $imageheight = $imagesize[1];

if($imagewidth > $maxwidth || $imageheight > $maxheight)
{
    echo "You file is too large, files may be up to ".$maxwidth."px x ".$maxheight."px in size\n";
    exit;
}
move_uploaded_file($_FILES['image']['tmp_name'], $uploads.'/'.$_FILES['image']['name'])
or die ("Couldn't upload ".$_FILES['image']['name']."\n");
}

?>

This isn't a perfect script as it is but it's a start and covers the important things you want to check.

I hopes this helps you for all of you who wants an image uploader on your site.

Want more scripts? PM me

 

[jontalbot]

or you could use http://www.j-fx.ws/ffh <--- works great

 

[Sakura]

lol, nice

People, don't buy image uploader scripts unless its good, i give for free not NP

 

[{insert name here}]

I am very lost! Are you offering this for NP$, or did you mean to post this in the code section :?

 

[Eric]

Moved to the "CODE" forum

 

[Sakura]

thanks secondversion, i am srry.

 

[Fyzle]

Permissions

So, about the part where you set permissions to world writeable... how do you set permissions on a Windows machine?

 

[NetworkTown.Net]

or you could use http://www.j-fx.ws/ffh <--- works great

Thats not a img uploader thats a file uploader this thread is on img host not file host.

 

[unknowngiver]

So, about the part where you set permissions to world writeable... how do you set permissions on a Windows machine?

i think u right click on the file and check mark all the boxes :p

 

[NetworkTown.Net]

Any demo's?

 

[khuldun]

Nice script, though i am not sure if it will be suitable for commercial use

 

[Joe]

nice tutorial there!
thanks for sharing

or you could use http://www.j-fx.ws/ffh <--- works great

Thats not a img uploader thats a file uploader this thread is on img host not file host.

it can be easily customised i would of thought
Joe

 

[Phoenix]

That is a very decent tutorial, when I made my image hosting site a few weeks ago I had to figure it all out myself.. this would have been so much help !

 

[yeppers]

VERY nice tutorial indeed Sakura! Thanks for taking the time to write it, rep added.