File Upload Server Side Validation In PHP

Hello friends, today i am going to share with you one more PHP tutorial i.e. File upload validation in PHP (Server side validation). Mostly file upload validation functionality is used for validate the uploaded file by user. Server side validation is always powerful validation. In this tutorial we will check the filesize, filetype and validate it with our requirements. So let’s start…

In this tutorial we have three files

• style.css
• index.php
• server-validation.php

Let’s learn step by step about all this files.

Here style.css file is a style for file upload form. Here is a mine style.css file code.

style.css

.form-table
{
	width:350px;
	margin-left: auto;
	margin-right: auto;
}

label{
	font-weight: bold;
}

#form_submission_ajax{
	background-color: #eee;
	padding-top: 10px;
	padding-bottom: 10px;
}

.error{
	color: #ff0000;
}

input {
    border: 2px solid #531EBF;
    padding: 4px;
}

input[type="submit"] {
    padding: 5px 15px;
    background-color: #531EBF;
    border: 2px solid #531EBF;
    color: #fff;
    border-radius: 5px;
}

h1 {
    color: #531EBF;
}

Now this is our upload file form code in index.php file. This is simple upload file html form. You can make it your own.

index.php

<!DOCTYPE html>
<html>
<head>
<title>File validation using javascript</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<?php 
session_start();
$err_msg = '';
if(!empty($_SESSION['err_msg']))
{
	$err_msg = $_SESSION['err_msg'];
}
?>
<h1><center>File validation using javascript</center></h1>
<form action="server-validation.php" method="post" enctype="multipart/form-data">
	<table class="form-table">
		<tr>
			<td><label>Choose File:</label></td>
			<td>
				<input type="file" name="up_file" id="up_file">
			</td>
		</tr>
		<tr>
			<td></td>
			<td id="file_error" class="error"><?php echo $err_msg; ?></td>
		</tr>
		<tr>
			<td></td>
			<td><input type="submit" name="submit" value="submit"></td>
		</tr>
	</table>
</form>	
</body>
</html>
<?php $_SESSION['err_msg'] = ''; ?>

Now this is our server-validation.php file in which we will validate our upload file with some restrictions. Let’s see the code.

server-validation.php

<?php 
	$valid = true;
	$err_msg = '';
	$valid_file_size = 3*1024*1024 ;
	$file_name = $file_type = $file_size = $file_tmp_name = '';
	if(isset($_POST['submit']))
	{
		session_start();
		if(!empty($_FILES['up_file']['name']))
		{
			$file_name = $_FILES['up_file']['name'];
			$file_type = $_FILES['up_file']['type'];
			$file_size = $_FILES['up_file']['size'];
			$file_tmp_name = $_FILES['up_file']['tmp_name'];

			if($file_type != 'image/png' && $file_type != 'image/jpeg' && $file_type != 'image/gif')
			{
				$valid = false;
				$err_msg = "* File must be PNG, JPEG or GIF format.</br>";
			}

			if($file_size > $valid_file_size)
			{
				$valid = false;
				$err_msg = $err_msg . "* File size must not be more that 3Mb.</br>";
			}

			if($valid == true)
			{
				echo "File successfully uploaded.";
			}
			else
			{
				$_SESSION['err_msg'] = $err_msg;
				header('Location:index.php');
			}
		}
		else
		{
			$err_msg = $err_msg . "* Please select any image file.";
			$_SESSION['err_msg'] = $err_msg;
			header('Location:index.php');
		}
	}
	else
	{ 
		header('Location:index.php');
	}
	?>

In the above file (server-validation.php), you can see that file validation occur. If filesize is more than 3Mb then error message store in the session. Same way if file is not image means does not contain PNG, JPEG/JPG or GIF extensions then there is also error occur and store in the session. If file does not satisfy our requirement then the page redirect to index.php file with errors. You can see how i show errors using the session on the index.php file.

I hope that you may like this tutorial. Please share it with your friends. If there is any problem regarding this tutorial then let me know in the comment box. I will help you to solve the problem. Thank you!! 🙂