see http://php.net/manual/en/features.file-upload.post-method.php for documentation of the $_FILES array, which is what I came to this page for in the first place.
(PHP 4 >= 4.1.0, PHP 5, PHP 7, PHP 8)
$_FILES — HTTP File Upload variables
An associative array of items uploaded to the current script via the HTTP POST method. The structure of this array is outlined in the POST method uploads section.
Note:
This is a 'superglobal', or automatic global, variable. This simply means that it is available in all scopes throughout a script. There is no need to do global $variable; to access it within functions or methods.
see http://php.net/manual/en/features.file-upload.post-method.php for documentation of the $_FILES array, which is what I came to this page for in the first place.
If you are looking for the $_FILES['error'] code explanations, be sure to read:
Handling File Uploads - Error Messages Explained
http://www.php.net/manual/en/features.file-upload.errors.php
A nice trick to reorder the $_FILES array when you use a input name as array is:
<?php
function diverse_array($vector) {
$result = array();
foreach($vector as $key1 => $value1)
foreach($value1 as $key2 => $value2)
$result[$key2][$key1] = $value2;
return $result;
}
?>
will transform this:
array(1) {
["upload"]=>array(2) {
["name"]=>array(2) {
[0]=>string(9)"file0.txt"
[1]=>string(9)"file1.txt"
}
["type"]=>array(2) {
[0]=>string(10)"text/plain"
[1]=>string(10)"text/html"
}
}
}
into:
array(1) {
["upload"]=>array(2) {
[0]=>array(2) {
["name"]=>string(9)"file0.txt"
["type"]=>string(10)"text/plain"
},
[1]=>array(2) {
["name"]=>string(9)"file1.txt"
["type"]=>string(10)"text/html"
}
}
}
just do:
<?php $upload = diverse_array($_FILES["upload"]); ?>
this is frustrating that the explanations redirected by anchors are providing unsufficient information or even worst is provide nothing. instead, looking for people to make the resources locale, you MUST provide approprate documentation for everybody.
The format of this array is (assuming your form has two input type=file fields named "file1", "file2", etc):
Array
(
[file1] => Array
(
[name] => MyFile.txt (comes from the browser, so treat as tainted)
[type] => text/plain (not sure where it gets this from - assume the browser, so treat as tainted)
[tmp_name] => /tmp/php/php1h4j1o (could be anywhere on your system, depending on your config settings, but the user has no control, so this isn't tainted)
[error] => UPLOAD_ERR_OK (= 0)
[size] => 123 (the size in bytes)
)
[file2] => Array
(
[name] => MyFile.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php/php6hst32
[error] => UPLOAD_ERR_OK
[size] => 98174
)
)
Last I checked (a while ago now admittedly), if you use array parameters in your forms (that is, form names ending in square brackets, like several file fields called "download[file1]", "download[file2]" etc), then the array format becomes... interesting.
Array
(
[download] => Array
(
[name] => Array
(
[file1] => MyFile.txt
[file2] => MyFile.jpg
)
[type] => Array
(
[file1] => text/plain
[file2] => image/jpeg
)
[tmp_name] => Array
(
[file1] => /tmp/php/php1h4j1o
[file2] => /tmp/php/php6hst32
)
[error] => Array
(
[file1] => UPLOAD_ERR_OK
[file2] => UPLOAD_ERR_OK
)
[size] => Array
(
[file1] => 123
[file2] => 98174
)
)
)
So you'd need to access the error param of file1 as, eg $_Files['download']['error']['file1']
In checking the error code, you probably ought to check for code 4. I believe Code 4 means no file was uploaded, and there are many instances where that's perfectly OK.
Such as when you have a form with multiple data items, including file and image uploads, plus whatever else. The user might not be adding a new upload for whatever reason, such as there may already be a file in the system from an earlier update, and the user is satisfied with that.
A note of security: Don't ever trust $_FILES["image"]["type"]. It takes whatever is sent from the browser, so don't trust this for the image type. I recommend using finfo_open (http://www.php.net/manual/en/function.finfo-open.php) to verify the MIME type of a file. It will parse the MAGIC in the file and return it's type...this can be trusted (you can also use the "file" program on Unix, but I would refrain from ever making a System call with your PHP code...that's just asking for problems).
Here's a function that I have used to get a nice simple array of all incoming files from a page. It basically just flattens the $FILES array. This function works on many file inputs on the page and also if the inputs are '<input type="file[]" multiple>'. Note that this function loses the file input names (I usually process the files just by type).
<?php
function incoming_files() {
$files = $_FILES;
$files2 = [];
foreach ($files as $input => $infoArr) {
$filesByInput = [];
foreach ($infoArr as $key => $valueArr) {
if (is_array($valueArr)) { // file input "multiple"
foreach($valueArr as $i=>$value) {
$filesByInput[$i][$key] = $value;
}
}
else { // -> string, normal file input
$filesByInput[] = $infoArr;
break;
}
}
$files2 = array_merge($files2,$filesByInput);
}
$files3 = [];
foreach($files2 as $file) { // let's filter empty & errors
if (!$file['error']) $files3[] = $file;
}
return $files3;
}
$tmpFiles = incoming_files();
?>
will transform this:
Array
(
[files1] => Array
(
[name] => facepalm.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php3zU3t5
[error] => 0
[size] => 31059
)
[files2] => Array
(
[name] => Array
(
[0] => facepalm2.jpg
[1] => facepalm3.jpg
)
[type] => Array
(
[0] => image/jpeg
[1] => image/jpeg
)
[tmp_name] => Array
(
[0] => /tmp/phpJutmOS
[1] => /tmp/php9bNI8F
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 78085
[1] => 61429
)
)
)
into this:
Array
(
[0] => Array
(
[name] => facepalm.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php3zU3t5
[error] => 0
[size] => 31059
)
[1] => Array
(
[name] => facepalm2.jpg
[type] => image/jpeg
[tmp_name] => /tmp/phpJutmOS
[error] => 0
[size] => 78085
)
[2] => Array
(
[name] => facepalm3.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php9bNI8F
[error] => 0
[size] => 61429
)
)
For quick debugging (eg. var_dump($_FILES);), these are the values of the error constants. Obviously don't use these for comparison in real code.
UPLOAD_ERR_OK: 0
UPLOAD_ERR_INI_SIZE: 1
UPLOAD_ERR_FORM_SIZE: 2
UPLOAD_ERR_NO_TMP_DIR: 6
UPLOAD_ERR_CANT_WRITE: 7
UPLOAD_ERR_EXTENSION: 8
UPLOAD_ERR_PARTIAL: 3
Error code returned in $_FILES['userfile']['error'].
■UPLOAD_ERROR_OK, value 0, means no error occurred.
■ UPLOAD_ERR_INI_SIZE, value 1, means that the size of the uploaded file exceeds the
maximum value specified in your php.ini file with the upload_max_filesize directive.
■ UPLOAD_ERR_FORM_SIZE, value 2, means that the size of the uploaded file exceeds the
maximum value specified in the HTML form in the MAX_FILE_SIZE element.
■ UPLOAD_ERR_PARTIAL, value 3, means that the file was only partially uploaded.
■ UPLOAD_ERR_NO_FILE, value 4, means that no file was uploaded.
■ UPLOAD_ERR_NO_TMP_DIR, value 6, means that no temporary directory is specified in the
php.ini.
■ UPLOAD_ERR_CANT_WRITE, value 7, means that writing the file to disk failed.
■ UPLOAD_ERR_EXTENSION, value 8, means that a PHP extension stopped the file upload
process.
Best way to check if $_FILES is empty or not is to check if the name of the index 0 is set.
<?php
if ($_FILES['fieldname']['name'][0] != ""){
//Code goes here!
}
?>
If $_FILES is empty, even when uploading, try adding enctype="multipart/form-data" to the form tag and make sure you have file uploads turned on.
Nontypicall array comes in php after the submission.I wrote a small function to restate it to the familiar look.
<?php
function multiple(array $_files, $top = TRUE)
{
$files = array();
foreach($_files as $name=>$file){
if($top) $sub_name = $file['name'];
else $sub_name = $name;
if(is_array($sub_name)){
foreach(array_keys($sub_name) as $key){
$files[$name][$key] = array(
'name' => $file['name'][$key],
'type' => $file['type'][$key],
'tmp_name' => $file['tmp_name'][$key],
'error' => $file['error'][$key],
'size' => $file['size'][$key],
);
$files[$name] = multiple($files[$name], FALSE);
}
}else{
$files[$name] = $file;
}
}
return $files;
}
print_r($_FILES);
/*
Array
(
[image] => Array
(
[name] => Array
(
[0] => 400.png
)
[type] => Array
(
[0] => image/png
)
[tmp_name] => Array
(
[0] => /tmp/php5Wx0aJ
)
[error] => Array
(
[0] => 0
)
[size] => Array
(
[0] => 15726
)
)
)
*/
$files = multiple($_FILES);
print_r($files);
/*
Array
(
[image] => Array
(
[0] => Array
(
[name] => 400.png
[type] => image/png
[tmp_name] => /tmp/php5Wx0aJ
[error] => 0
[size] => 15726
)
)
)
*/
?>
In the past you could unconditionally call $_FILES['profile_pic'] without ever having to worry about PHP spitting an "Undefined index: profile_pic" error (so long as the page posting had a file input on it (e.g. <input type="file" name="profile_pic" />)). This was the case regardless of whether or not the end user actually uploaded a file. These days, with so many people browsing the web via iPads, you have to explicitly check to see if the input isset($_FILES['profile_pic']) before calling into it, else you'll get the aforementioned error message. This is because iOS devices running Safari disable file inputs thereby causing them to be treated as if they don't exist. Time to update your scripts!
-john
For some reason when I tried to check if $_FILES['myVarName'] was empty() or !isset() or array_key_exists(), it always came back that the file was indeed in the superglobal, even when nothing was uploaded.
I wonder if this is a result of enctype="multipart/form-data".
Anyways, I solved my issue by checking to make sure that $_FILES['myVarName']['size'] > 0
For situation download[file1], download[file2], ..., download[fileN], try it:
<?php
/**
*
* @param array $arrayForFill
* @param string $currentKey
* @param mixed $currentMixedValue
* @param string $fileDescriptionParam (name, type, tmp_name, error или size)
* @return void
*/
function rRestructuringFilesArray(&$arrayForFill, $currentKey, $currentMixedValue, $fileDescriptionParam)
{
if (is_array($currentMixedValue)) {
foreach ($currentMixedValue as $nameKey => $mixedValue) {
rRestructuringFilesArray($arrayForFill[$currentKey],
$nameKey,
$mixedValue,
$fileDescriptionParam);
}
} else {
$arrayForFill[$currentKey][$fileDescriptionParam] = $currentMixedValue;
}
}
$arrayForFill = array();
foreach ($_FILES as $firstNameKey => $arFileDescriptions) {
foreach ($arFileDescriptions as $fileDescriptionParam => $mixedValue) {
rRestructuringFilesArray($arrayForFill,
$firstNameKey,
$_FILES[$firstNameKey][$fileDescriptionParam],
$fileDescriptionParam);
}
}
$_FILES = $arrayForFill;
?>
You can check error index this way:
<?php
$errorIndex = $_FILES["file"]["error"];
if ($errorIndex > 0) {
die('We have a error. Try Again.');
}
processFile();
?>
THis is an solution to convert Cyrillic and umlaut characters as file name when uplaoding files into needed encoding. Was searching for it but could not find. Thus posting this. Just like this:
$value = mb_convert_encoding($value, "UTF-8");
I normalized the $_FILES array to
[doc] => Array
(
[0] => Array
(
[name] => testfile.txt
[type] => application/octet-stream
[tmp_name] => /tmp/php6wHXmC
[error] => 0
[size] => 4
)
[affe] => Array
(
[name] => testfile.txt
[type] => application/octet-stream
[tmp_name] => /tmp/phpfiHK2e
[error] => 0
[size] => 4
)
)
<?php
function getFiles() {
$result = array();
foreach($_FILES as $name => $fileArray) {
if (is_array($fileArray['name'])) {
foreach ($fileArray as $attrib => $list) {
foreach ($list as $index => $value) {
$result[$name][$index][$attrib]=$value;
}
}
} else {
$result[$name][] = $fileArray;
}
}
return $result;
}
?>
So yo have always the same structure, even if you post one ore more files:
<?php
//single file
$request->addFileFromLocalFilePath('doc','testfile.txt');
// multiple files
$request->addFileFromLocalFilePath('doc[0]','testfile.txt');
$request->addFileFromLocalFilePath('doc[affe]','testfile.txt');
foreach ($request->getFiles() as