What are common pitfalls when trying to upload files using PHP?

Common pitfalls when trying to upload files using PHP include not setting the correct permissions on the upload directory, not checking the file size before uploading, and not validating the file type. To solve these issues, make sure the upload directory has the correct permissions, check the file size before uploading, and validate the file type to ensure it is allowed.

// Ensure the upload directory has the correct permissions
$uploadDir = &#039;uploads/&#039;;
if (!is_dir($uploadDir)) {
    mkdir($uploadDir, 0777, true);
}

// Check the file size before uploading
$maxFileSize = 10 * 1024 * 1024; // 10MB
if ($_FILES[&#039;file&#039;][&#039;size&#039;] &gt; $maxFileSize) {
    echo &#039;File size exceeds limit&#039;;
    exit;
}

// Validate the file type
$allowedTypes = [&#039;image/jpeg&#039;, &#039;image/png&#039;, &#039;image/gif&#039;];
if (!in_array($_FILES[&#039;file&#039;][&#039;type&#039;], $allowedTypes)) {
    echo &#039;Invalid file type&#039;;
    exit;
}

// Move the uploaded file to the upload directory
move_uploaded_file($_FILES[&#039;file&#039;][&#039;tmp_name&#039;], $uploadDir . $_FILES[&#039;file&#039;][&#039;name&#039;]);

Keywords

file upload PHP security file size limit error handling

What are common pitfalls when trying to upload files using PHP?

Keywords

Related Questions