What are some best practices for handling file uploads in PHP to avoid internal server errors?
When handling file uploads in PHP, it is important to set appropriate file size limits, check for allowed file types, and handle errors gracefully to avoid internal server errors. One common issue that can lead to internal server errors is not setting the correct permissions on the upload directory.
// Set maximum file size limit to 5MB
$maxFileSize = 5 * 1024 * 1024; // 5MB in bytes
// Specify allowed file types
$allowedFileTypes = ['jpg', 'jpeg', 'png'];
// Check if file size exceeds limit
if ($_FILES['file']['size'] > $maxFileSize) {
die('File size exceeds limit.');
}
// Check if file type is allowed
$extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
if (!in_array($extension, $allowedFileTypes)) {
die('File type not allowed.');
}
// Handle file upload
$uploadDir = 'uploads/';
$uploadFile = $uploadDir . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadFile)) {
echo 'File uploaded successfully.';
} else {
echo 'Error uploading file.';
}