PHP File Upload Tutorial

11/22/2025

markdown

PHP File Upload Tutorial: A Complete Beginner-Friendly Guide

Uploading files is one of the most common features in modern web applications. Whether you're allowing users to upload profile pictures, documents, CSV files, or any media, PHP provides simple and secure ways to handle file uploads.

This tutorial covers:

How file uploads work in PHP
Creating an HTML upload form
Handling file uploads with PHP
Validating file size and type
Uploading multiple files
Best practices and security tips

1. Understanding PHP File Uploads

PHP handles file uploads using the $_FILES superglobal array. It contains information about uploaded files such as:

file name
file type
file size
temporary file location
upload status

To enable file uploads, your HTML form must include:

method="POST"
enctype="multipart/form-data"

2. Create the HTML Upload Form

upload.html

<!DOCTYPE html>
<html>
<head>
  <title>PHP File Upload</title>
</head>
<body>

<h2>Upload File</h2>

<form action="upload.php" method="POST" enctype="multipart/form-data">
    <label>Select File:</label><br><br>
    <input type="file" name="myfile" required><br><br>
    <button type="submit">Upload</button>
</form>

</body>
</html>

3. Handling File Upload in PHP

upload.php

<?php
if (isset($_FILES['myfile'])) {

    $file_name = $_FILES['myfile']['name'];
    $file_tmp = $_FILES['myfile']['tmp_name'];
    $file_size = $_FILES['myfile']['size'];
    $file_error = $_FILES['myfile']['error'];

    if ($file_error === 0) {
        $destination = "uploads/" . $file_name;
        
        if (move_uploaded_file($file_tmp, $destination)) {
            echo "File uploaded successfully!";
        } else {
            echo "Error uploading file.";
        }
    } else {
        echo "Upload error!";
    }
}
?>

Make sure you create an uploads/ folder in your project.

4. Validating File Type and Size

Allow only images and limit file size

$allowed_types = ["jpg", "png", "jpeg", "gif"];
$max_size = 2 * 1024 * 1024; // 2MB

$file_ext = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));

if (!in_array($file_ext, $allowed_types)) {
    echo "Invalid file type! Only images allowed.";
    exit;
}

if ($file_size > $max_size) {
    echo "File is too large! Maximum allowed size is 2MB.";
    exit;
}

5. Rename Uploaded Files (Recommended)

Avoid name conflicts by renaming files.

$new_name = uniqid("file_", true) . "." . $file_ext;
$destination = "uploads/" . $new_name;

6. Multiple File Upload Example

HTML

<form action="multi-upload.php" method="POST" enctype="multipart/form-data">
    <input type="file" name="files[]" multiple>
    <button type="submit">Upload Files</button>
</form>

PHP

<?php
foreach ($_FILES['files']['tmp_name'] as $key => $tmp_name) {
    $name = $_FILES['files']['name'][$key];
    $tmp = $_FILES['files']['tmp_name'][$key];

    move_uploaded_file($tmp, "uploads/" . $name);
}

echo "Multiple files uploaded successfully!";
?>

7. Checking for Upload Errors

if ($file_error !== UPLOAD_ERR_OK) {
    echo "File upload error: " . $file_error;
}

8. Common Upload Error Codes

Error Code	Meaning
`0`	No error
`1`	File exceeds `upload_max_filesize`
`2`	File exceeds form MAX_FILE_SIZE
`3`	File partially uploaded
`4`	No file uploaded

9. Security Best Practices

Always validate file extensions
Restrict file types to images or safe formats
Rename uploaded files
Store uploads outside the public root if possible
Never trust MIME type alone
Use mime_content_type() for verification
Limit file size in php.ini

10. Real-World Example: Profile Image Upload

$ext = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));
$new_name = "profile_" . time() . "." . $ext;
move_uploaded_file($file_tmp, "uploads/profile/" . $new_name);

echo "Profile image uploaded successfully!";

Conclusion

File uploading in PHP is simple and powerful when handled correctly. By validating file types, restricting sizes, and securing upload directories, you can safely allow users to upload images, documents, and more.

This tutorial gives you all the core concepts needed to build secure and efficient file upload systems.

Meta Description

Learn PHP file upload with step-by-step examples. Includes single and multiple file uploads, validation, security, and practical usage.

Meta Keywords

php file upload tutorial, php upload example, php move_uploaded_file, php multiple upload, php file handling

Alt Tag

"PHP file upload tutorial example for beginners"