How to upload image file using PHP code

PHP code to upload an image file

Here is an example of how to handle image file upload in PHP:

<?php
if (isset($_FILES['image'])) {
    $errors = array();
    $file_name = $_FILES['image']['name'];
    $file_size = $_FILES['image']['size'];
    $file_tmp = $_FILES['image']['tmp_name'];
    $file_type = $_FILES['image']['type'];
    $file_ext = strtolower(end(explode('.', $_FILES['image']['name'])));
    $extensions = array("jpeg", "jpg", "png");

    if (in_array($file_ext, $extensions) === false) {
        $errors[] = "extension not allowed, please choose a JPEG or PNG file.";
    }

    if ($file_size > 2097152) {
        $errors[] = 'File size must be exactly 2 MB';
    }

    if (empty($errors) == true) {
        move_uploaded_file($file_tmp, "images/" . $file_name);
        echo "Success";
    } else {
        print_r($errors);
    }
}
?>


This code checks if an image file has been uploaded, then it checks if the file is a JPEG or PNG and if the file size is less than 2MB. If it passes these checks, the image is then uploaded to the “images” directory on the server using the move_uploaded_file() function.

It’s important to note that the above code is a basic example and it’s important to add more checks for security, for example, it’s important to check the file name and make sure it’s not malicious. Also, it’s important to handle any errors that may occur during the file upload process, such as if the file cannot be moved to the target directory.

It’s also important to set the correct permission for the target directory where you want to upload the file and make sure that the user who runs the server has write permission to this directory.

Finally, it’s a good idea to store the path of the uploaded file in a database or a configuration file, depending on your use case.

If you’re using a framework like Laravel, you can use the store() and storeAs() methods to handle file uploads, and these methods handle validation, error handling and security checks for you.

More checks to upload image files

You can also add more checks to validate the file before uploading it:

  • Check for the size of the file using the $_FILES['image']['size']
  • Check the file type using the $_FILES['image']['type']
  • Rename the file before uploading it to the server, to avoid any security issues.
  • Check the image file’s dimension and size before uploading it, to prevent any large image files from being uploaded to the server and cause performance issues.
  • Check for any error messages that might be returned by the PHP file upload functions, such as UPLOAD_ERR_NO_FILE if no file was selected for uploading.
  • Check for any errors in the file’s contents, such as if the file is corrupt or not an image file using the getimagesize() function
  • Check for any errors in the file’s contents, such as if the file is corrupt or not an image file using the exif_imagetype() function.

It’s also important to remember that file uploads can be a security risk and it’s important to take necessary precautions such as validating file type, renaming the file and move the file to a protected folder.

You can also use a library like intervention/image to handle image uploading and manipulation, this library provide a simple and expressive way to handle image uploading and manipulation.

In addition to that, You can use the isValid() method to check if the file is an image file or not and the getSize() method to check the size of the file. This will help you to validate the file before uploading it.

It’s important to handle any errors that may occur during the file upload process, such as if the file cannot be moved to the target directory, you can use try and catch block to handle any exception that may happen during the process.

Leave a Comment