This series of the videos explains how to create Photo Gallery using PHP, MySQL, ImageMagic and jQuery. Using PHP you will be able to add, modify and populate data stored on the MySQL Database and display records of all images on the page. ImageMagic will help us to resize and crop images to the relevant dimentions, while jQuery will provide the support in the presentation of the gallery. The last two chapters are dedicated to adding the earlier created gallery to our Content Management System. Over 4 hours of videos!!!

PHP tutorials

 
  • PHP upload form
  • Limiting file size

It is also a good idea to limit the maximum file size which is uploaded to your server.

Identify the line which reads:

<input name="frmfile" type="file" id="frmfile" size="30" />

and right before it type the following:

<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo MAX_FILE_SIZE; ?>" />

It is important that this line is placed before the file input field otherwise it won´t work.

Now go back to the top and identify the line which reads:

if (array_key_exists('btn', $_POST)) {

Right before this line create a constant and give it a name of MAX_FILE_SIZE.
This constant will store the value which represents the file size in bytes.
Type the following:

// define constant which contains the maximum file size in bytes
define('MAX_FILE_SIZE', 4000);

This constant indicates that the maximum file size for upload is around 3.9KB.

Because the value is stored in the hidden field, users could easily replace it with any value and upload files of a larger size. To prevent this from happening we need to do some more validation before we allow the file to be uploaded.

Identify the line which reads:

$file = strtolower($file);

Create a new line type in the following:

// create variable and assign the formatted value of MAX_FILE_SIZE to it
$maxfs = number_format(MAX_FILE_SIZE/1024, 1).'KB';
$fsize = false;

We have created a variable called $maxfs and assigned the value of the MAX_FILE_SIZE constant to it using number_format() function which will make the calculation and add KB to the end of it.
This will give us more readable result - 3.9KB rather than 4000.
This variable will be used in the message displayed if the file exceeds the maximum file size.
We have also crated a variable called $fsize and assign the initial value of false to it so that file isn´t uploaded before we perform the condition which checks if the file size doesn´t exceed the size limit.

On the next line type:

// check the file size
if ($_FILES['frmfile']['size'] > 0 && $_FILES['frmfile']['size'] <= MAX_FILE_SIZE) {

$fsize = true;

}

This condition checks whether the file size is larger than 0 and less or equal the value of the MAX_FILE_SIZE.
If the condition is true than the $fsize variable becomes true as well.

Now we need to add validation to our condition which executes the file upload.
Identify the following block of code:

if ($ftype) {

// move file to the 'uploads' folder
move_uploaded_file($_FILES['frmfile']['tmp_name'],UPL_FLD.$file);

} else {

$msg = 'Incorrect file type';

}

and replace it with:

if ($ftype && $fsize && $_POST['frmname'] != '') {

switch($_FILES['frmfile']['error']) {

case 0:
// move file to the upload folder
$upload = move_uploaded_file($_FILES['frmfile']['tmp_name'],UPL_FLD.$file);
if ($upload) {

$msg = $_FILES['frmfile']['name'].' uploaded successfully';

} else {

$msg = 'Error.
Please try again.';
}
break;

case 3:
$msg = 'Error.
Please try again.';
break;

default:
$msg = 'Error - please contact administrator';

}

} elseif ($_FILES['frmfile']['error'] == 4) {

$msg = 'Please select file';

} elseif ($_POST['frmname'] == '') {

$msg = 'Please provide your full name';

} else {

$msg = $_FILES['frmfile']['name'].' cannot be uploaded.
';
if(!$ftype) {
$msg .= 'Acceptable file formats are: .gif, .jpg, .png
';
}
if(!$fsize) {
$msg .= 'Maximum file size is '.$maxfs;
}

}

First we check if $type and $fsize are set to true and whether the text field is not empty – if everything is ok then we are checking for any errors which could occur other than size or type of the file by using switch statement and passing the error as parameter from the array created by the file field.

If the value of the error is equal 0 then the file is uploaded and the confirmation message is displayed, otherwise the error message pops in.
If the value of the error is equal 3 then another error message is displayed.
If error returns 4 then we are displaying message informing that the file has not been selected.
If text field is empty then the relevant message is displayed.
If none of the above conditions is true then the message is displayed informing that the file couldn´t be uploaded because of the wrong file format or too large file size.

You can now remove the following block of code:

<pre>
<?php
if (array_key_exists('btn', $_POST)) {
print_r($_FILES);
}
?>
</pre>

and save and test your file in the browser.

The End

<< Restricting file types

 
  • Thank you for subscribing to our newsletter.
  • To complete registration please click on the link in the email which has been sent to you.
  • Invalid first name
  • Invalid last name
  • Invalid email address

Website Design Company | Website Design Company Sussex | Website Design Company Chichester | Website Design Packages | Tutorials Resources | Articles | Contact
© Web Design Tutorials – Sebastian Sulinski