PHP: Documentation Tools

features/file-upload.xml
3944dc63330edde959cfd3e7d113c999cbec10ff

...

@@ -132,6 +132,15 @@

132

       </para>

133

      </listitem>

134

     </varlistentry>

135

     <varlistentry>

136

      <term><varname>$_FILES['userfile']['full_path']</varname></term>

137

      <listitem>

138

       <para>

139

        The full path as submitted by the browser. This value does not always contain a real directory structure, and cannot be trusted.

140

        Available as of PHP 8.1.0.

141

       </para>

142

      </listitem>

143

     </varlistentry>

135

144

    </variablelist>

136

145

   </para>

137

146

...

@@ -252,79 +261,11 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {

252

261

    during the file upload by PHP. In other words, the error might be 

253

262

    found in <varname>$_FILES['userfile']['error']</varname>.

254

263

   </simpara>

255

   <para>

256

    <variablelist>

257

     <varlistentry>

258

      <term><constant>UPLOAD_ERR_OK</constant></term>

259

      <listitem>

260

       <para>

261

        Value: 0; There is no error, the file uploaded with success.

262

       </para>

263

      </listitem>

264

     </varlistentry>

265

     <varlistentry>

266

      <term><constant>UPLOAD_ERR_INI_SIZE</constant></term>

267

      <listitem>

268

       <para>

269

        Value: 1; The uploaded file exceeds the

270

        <link linkend="ini.upload-max-filesize">upload_max_filesize</link> 

271

        directive in &php.ini;.

272

       </para>

273

      </listitem>

274

     </varlistentry>

275

     <varlistentry>

276

      <term><constant>UPLOAD_ERR_FORM_SIZE</constant></term>

277

      <listitem>

278

       <para>

279

        Value: 2; The uploaded file exceeds the <emphasis>MAX_FILE_SIZE</emphasis> 

280

        directive that was specified in the HTML form.

281

       </para>

282

      </listitem>

283

     </varlistentry>

284

     <varlistentry>

285

      <term><constant>UPLOAD_ERR_PARTIAL</constant></term>

286

      <listitem>

287

       <para>

288

        Value: 3; The uploaded file was only partially uploaded.

289

       </para>

290

      </listitem>

291

     </varlistentry>

292

     <varlistentry>

293

      <term><constant>UPLOAD_ERR_NO_FILE</constant></term>

294

      <listitem>

295

       <para>

296

        Value: 4; No file was uploaded.

297

       </para>

298

      </listitem>

299

     </varlistentry>

300

     <varlistentry>

301

      <term><constant>UPLOAD_ERR_NO_TMP_DIR</constant></term>

302

      <listitem>

303

       <para>

304

        Value: 6; Missing a temporary folder.

305

       </para>

306

      </listitem>

307

     </varlistentry>

308

     <varlistentry>

309

      <term><constant>UPLOAD_ERR_CANT_WRITE</constant></term>

310

      <listitem>

311

       <para>

312

        Value: 7; Failed to write file to disk.

313

       </para>

314

      </listitem>

315

     </varlistentry>

316

     <varlistentry>

317

       <term><constant>UPLOAD_ERR_EXTENSION</constant></term>

318

       <listitem>

319

         <para>

320

           Value: 8; A PHP extension stopped the file upload. PHP does not 

321

           provide a way to ascertain which extension caused the file upload to 

322

           stop; examining the list of loaded extensions with <function>phpinfo</function> may help.

323

         </para>

324

       </listitem>

325

     </varlistentry>

326

    </variablelist>

327

   </para>

264

   <simpara>

265

    The value of this error code is one of the

266

    <constant>UPLOAD_ERR_<replaceable>*</replaceable></constant>

267

    constants.

268

   </simpara>

328

269

  </sect1>

329

270

330

271

  <sect1 xml:id="features.file-upload.common-pitfalls">

...

@@ -362,7 +303,7 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {

362

303

     <link linkend="ini.max-input-time">max_input_time</link> sets the maximum

363

304

     time, in seconds, the script is allowed to receive input; this includes

364

305

     file uploads.  For large or multiple files, or users on slower connections,

365

     the default of <literal>60 seconds</literal> may be exceeded.

306

     the default of <literal>60</literal> seconds may be exceeded.

366

307

    </simpara>

367

308

   </warning>

368

309

   <simpara>

...

@@ -385,12 +326,6 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {

385

326

    Not validating which file you operate on may mean that users can access

386

327

    sensitive information in other directories.

387

328

   </simpara>

388

   <simpara>

389

    Please note that the <productname>CERN httpd</productname> seems to strip off everything

390

    starting at the first whitespace in the content-type mime header

391

    it gets from the client.  As long as this is the case, <productname>CERN httpd</productname>

392

    will not support the file upload feature.

393

   </simpara>

394

329

   <simpara>

395

330

    Due to the large amount of directory listing styles we cannot guarantee

396

331

    that files with exotic names (like containing spaces) are handled properly.

...

@@ -462,6 +397,42 @@ foreach ($_FILES["pictures"]["error"] as $key => $error) {

462

397

     try to upload more files in one request than this limit.

463

398

    </simpara>

464

399

   </warning>

400

   <para>

401

    <example>

402

     <title>Uploading an entire directory</title>

403

     <simpara>

404

      In HTML file upload fields, it is possible to upload an entire directory with the <literal>webkitdirectory</literal> attribute.

405

      This feature is supported in most modern browsers.

406

     </simpara>

407

     <simpara>

408

      With the <literal>full_path</literal> information, it is possible to store the relative paths,

409

      or reconstruct the same directory in the server.

410

     </simpara>

411

     <programlisting role="html">

412

<![CDATA[

413

<form action="file-upload.php" method="post" enctype="multipart/form-data">

414

  Send this directory:<br />

415

  <input name="userfile[]" type="file" webkitdirectory multiple />

416

  <input type="submit" value="Send files" />

417

</form>

418

]]>

419

     </programlisting>

420

    </example>

421

422

    <warning>

423

     <simpara>

424

      The <literal>webkitdirectory</literal> attribute is non-standard and is not on a standards track.

425

      Do not use it on production sites facing the Web: it will not work for every user.

426

      There may also be large incompatibilities between implementations and the behavior may change in the future.

427

     </simpara>

428

     <simpara>

429

      PHP only parses the relative path information submitted by the browser/user-agent,

430

      and passes that information to the <varname>$_FILES</varname> array.

431

      There is no guarantee that the values in the <literal>full_path</literal> array contains a real directory structure,

432

      and the PHP application must not trust this information.

433

     </simpara>

434

    </warning>

435

   </para>

465

436

  </sect1>

466

437

467

438

  <sect1 xml:id="features.file-upload.put-method">

...

@@ -501,7 +472,7 @@ Script PUT /put.php

501

472

   <simpara>

502

473

    This tells Apache to send all PUT requests for URIs that match the

503

474

    context in which you put this line to the <filename>put.php</filename> script. This

504

    assumes, of course, that you have PHP enabled for the <filename>.php</filename>

475

    assumes, of course, that you have PHP enabled for the <filename class="extension">.php</filename>

505

476

    extension and PHP is active. The destination resource for all PUT 

506

477

    requests to this script has to be the script itself, not a filename the

507

478

    uploaded file should have.

508

479

Generated: 11 Jul 2025 06:02:34

Translation status