see http://php.net/manual/en/features.file-upload.post-method.php for documentation of the $_FILES array, which is what I came to this page for in the first place.
(PHP 4 >= 4.1.0, PHP 5, PHP 7, PHP 8)
$_FILES — HTTP File Upload variables
An associative array of items uploaded to the current script via the HTTP POST method. The structure of this array is outlined in the POST method uploads section.
Note:
This is a 'superglobal', or automatic global, variable. This simply means that it is available in all scopes throughout a script. There is no need to do global $variable; to access it within functions or methods.
see http://php.net/manual/en/features.file-upload.post-method.php for documentation of the $_FILES array, which is what I came to this page for in the first place.If you are looking for the $_FILES['error'] code explanations, be sure to read:
Handling File Uploads - Error Messages Explained
http://www.php.net/manual/en/features.file-upload.errors.phpA nice trick to reorder the $_FILES array when you use a input name as array is:
<?php
function diverse_array($vector) {
$result = array();
foreach($vector as $key1 => $value1)
foreach($value1 as $key2 => $value2)
$result[$key2][$key1] = $value2;
return $result;
}
?>
will transform this:
array(1) {
["upload"]=>array(2) {
["name"]=>array(2) {
[0]=>string(9)"file0.txt"
[1]=>string(9)"file1.txt"
}
["type"]=>array(2) {
[0]=>string(10)"text/plain"
[1]=>string(10)"text/html"
}
}
}
into:
array(1) {
["upload"]=>array(2) {
[0]=>array(2) {
["name"]=>string(9)"file0.txt"
["type"]=>string(10)"text/plain"
},
[1]=>array(2) {
["name"]=>string(9)"file1.txt"
["type"]=>string(10)"text/html"
}
}
}
just do:
<?php $upload = diverse_array($_FILES["upload"]); ?>In checking the error code, you probably ought to check for code 4. I believe Code 4 means no file was uploaded, and there are many instances where that's perfectly OK.
Such as when you have a form with multiple data items, including file and image uploads, plus whatever else. The user might not be adding a new upload for whatever reason, such as there may already be a file in the system from an earlier update, and the user is satisfied with that.The format of this array is (assuming your form has two input type=file fields named "file1", "file2", etc):
Array
(
[file1] => Array
(
[name] => MyFile.txt (comes from the browser, so treat as tainted)
[type] => text/plain (not sure where it gets this from - assume the browser, so treat as tainted)
[tmp_name] => /tmp/php/php1h4j1o (could be anywhere on your system, depending on your config settings, but the user has no control, so this isn't tainted)
[error] => UPLOAD_ERR_OK (= 0)
[size] => 123 (the size in bytes)
)
[file2] => Array
(
[name] => MyFile.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php/php6hst32
[error] => UPLOAD_ERR_OK
[size] => 98174
)
)
Last I checked (a while ago now admittedly), if you use array parameters in your forms (that is, form names ending in square brackets, like several file fields called "download[file1]", "download[file2]" etc), then the array format becomes... interesting.
Array
(
[download] => Array
(
[name] => Array
(
[file1] => MyFile.txt
[file2] => MyFile.jpg
)
[type] => Array
(
[file1] => text/plain
[file2] => image/jpeg
)
[tmp_name] => Array
(
[file1] => /tmp/php/php1h4j1o
[file2] => /tmp/php/php6hst32
)
[error] => Array
(
[file1] => UPLOAD_ERR_OK
[file2] => UPLOAD_ERR_OK
)
[size] => Array
(
[file1] => 123
[file2] => 98174
)
)
)
So you'd need to access the error param of file1 as, eg $_Files['download']['error']['file1']this is frustrating that the explanations redirected by anchors are providing unsufficient information or even worst is provide nothing. instead, looking for people to make the resources locale, you MUST provide approprate documentation for everybody.A note of security: Don't ever trust $_FILES["image"]["type"]. It takes whatever is sent from the browser, so don't trust this for the image type. I recommend using finfo_open (http://www.php.net/manual/en/function.finfo-open.php) to verify the MIME type of a file. It will parse the MAGIC in the file and return it's type...this can be trusted (you can also use the "file" program on Unix, but I would refrain from ever making a System call with your PHP code...that's just asking for problems).Here's a function that I have used to get a nice simple array of all incoming files from a page. It basically just flattens the $FILES array. This function works on many file inputs on the page and also if the inputs are '<input type="file[]" multiple>'. Note that this function loses the file input names (I usually process the files just by type).
<?php
function incoming_files() {
$files = $_FILES;
$files2 = [];
foreach ($files as $input => $infoArr) {
$filesByInput = [];
foreach ($infoArr as $key => $valueArr) {
if (is_array($valueArr)) { // file input "multiple"
foreach($valueArr as $i=>$value) {
$filesByInput[$i][$key] = $value;
}
}
else { // -> string, normal file input
$filesByInput[] = $infoArr;
break;
}
}
$files2 = array_merge($files2,$filesByInput);
}
$files3 = [];
foreach($files2 as $file) { // let's filter empty & errors
if (!$file['error']) $files3[] = $file;
}
return $files3;
}
$tmpFiles = incoming_files();
?>
will transform this:
Array
(
[files1] => Array
(
[name] => facepalm.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php3zU3t5
[error] => 0
[size] => 31059
)
[files2] => Array
(
[name] => Array
(
[0] => facepalm2.jpg
[1] => facepalm3.jpg
)
[type] => Array
(
[0] => image/jpeg
[1] => image/jpeg
)
[tmp_name] => Array
(
[0] => /tmp/phpJutmOS
[1] => /tmp/php9bNI8F
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 78085
[1] => 61429
)
)
)
into this:
Array
(
[0] => Array
(
[name] => facepalm.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php3zU3t5
[error] => 0
[size] => 31059
)
[1] => Array
(
[name] => facepalm2.jpg
[type] => image/jpeg
[tmp_name] => /tmp/phpJutmOS
[error] => 0
[size] => 78085
)
[2] => Array
(
[name] => facepalm3.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php9bNI8F
[error] => 0
[size] => 61429
)
)Best way to check if $_FILES is empty or not is to check if the name of the index 0 is set.
<?php
if ($_FILES['fieldname']['name'][0] != ""){
//Code goes here!
}
?>Error code returned in $_FILES['userfile']['error'].
■UPLOAD_ERROR_OK, value 0, means no error occurred.
■ UPLOAD_ERR_INI_SIZE, value 1, means that the size of the uploaded file exceeds the
maximum value specified in your php.ini file with the upload_max_filesize directive.
■ UPLOAD_ERR_FORM_SIZE, value 2, means that the size of the uploaded file exceeds the
maximum value specified in the HTML form in the MAX_FILE_SIZE element.
■ UPLOAD_ERR_PARTIAL, value 3, means that the file was only partially uploaded.
■ UPLOAD_ERR_NO_FILE, value 4, means that no file was uploaded.
■ UPLOAD_ERR_NO_TMP_DIR, value 6, means that no temporary directory is specified in the
php.ini.
■ UPLOAD_ERR_CANT_WRITE, value 7, means that writing the file to disk failed.
■ UPLOAD_ERR_EXTENSION, value 8, means that a PHP extension stopped the file upload
process.For quick debugging (eg. var_dump($_FILES);), these are the values of the error constants. Obviously don't use these for comparison in real code.
UPLOAD_ERR_OK: 0
UPLOAD_ERR_INI_SIZE: 1
UPLOAD_ERR_FORM_SIZE: 2
UPLOAD_ERR_NO_TMP_DIR: 6
UPLOAD_ERR_CANT_WRITE: 7
UPLOAD_ERR_EXTENSION: 8
UPLOAD_ERR_PARTIAL: 3Nontypicall array comes in php after the submission.I wrote a small function to restate it to the familiar look.
<?php
function multiple(array $_files, $top = TRUE)
{
$files = array();
foreach($_files as $name=>$file){
if($top) $sub_name = $file['name'];
else $sub_name = $name;
if(is_array($sub_name)){
foreach(array_keys($sub_name) as $key){
$files[$name][$key] = array(
'name' => $file['name'][$key],
'type' => $file['type'][$key],
'tmp_name' => $file['tmp_name'][$key],
'error' => $file['error'][$key],
'size' => $file['size'][$key],
);
$files[$name] = multiple($files[$name], FALSE);
}
}else{
$files[$name] = $file;
}
}
return $files;
}
print_r($_FILES);
/*
Array
(
[image] => Array
(
[name] => Array
(
[0] => 400.png
)
[type] => Array
(
[0] => image/png
)
[tmp_name] => Array
(
[0] => /tmp/php5Wx0aJ
)
[error] => Array
(
[0] => 0
)
[size] => Array
(
[0] => 15726
)
)
)
*/
$files = multiple($_FILES);
print_r($files);
/*
Array
(
[image] => Array
(
[0] => Array
(
[name] => 400.png
[type] => image/png
[tmp_name] => /tmp/php5Wx0aJ
[error] => 0
[size] => 15726
)
)
)
*/
?>If $_FILES is empty, even when uploading, try adding enctype="multipart/form-data" to the form tag and make sure you have file uploads turned on.If anyone still needs it: class for sorting an array of files of unknown nesting depth
```
class __FILES
{
protected $currentKey = null;
protected $input = array();
protected $output= array();
protected $requiredFields = array('name', 'type', 'tmp_name', 'error', 'size', 'full_path');
public function __construct(array $input)
{
$this->input = $input;
}
public function setRequiredFields(...$_)
{
$this->requiredFields = $_;
return $this;
}
public function prepare()
{
$this->prepareMultilevelFilesArray($this->input, $this->output);
return $this;
}
public function output()
{
return $this->output;
}
protected function prepareMultilevelFilesArray($input, &$output)
{
if(is_array($input)){
foreach($input as $key => $values){
// lock field names `error`, `size`, `name`, `type`, `tmp_name`
if($this->checkRequiredFields($input)){
$this->currentKey = $key;
$this->prepareMultilevelFilesArray($values, $output);
}else
if(is_array($values)){
$this->prepareMultilevelFilesArray($values, $output[$key]);
}else{
$output[$key][$this->currentKey] = $values;
}
}
}else{
$output[$this->currentKey] = $input;
}
}
protected function checkRequiredFields($input)
{
foreach($this->requiredFields as $field){
if(!isset($input[$field])){ return false;}
}
return true;
}
}
```
Call:
```
print '<form enctype="multipart/form-data" method="POST">';
print '<input type="file" name="s[t][t1][t2][t3][t4][t5][]" multiple="multiple" />';
print '<input type="file" name="s[t][t1][t2][t3][t4][t5]" multiple="multiple" />';
print '<input type="file" name="s[t][t1][t2][][t3][t4][t5]" multiple="multiple" />';
print '<input type="file" name="s[t][t1][t2][][t3][][t4][t5]" multiple="multiple" />';
print '<input type="file" name="s[t][t1][t2][][t3][][t4][t5][]" multiple="multiple" />';
print '<input type="submit"/>';
print '</form>';
$input = $_FILES;
$files = new __FILES($input);
$output = $files->setRequiredFields('name', 'type', 'tmp_name', 'error', 'size'/*, 'full_path'*/) // key `full_path` not available on PHP-server (`php -S`), and available on apache2-server
->prepare()->output();
print "<pre>";
print_r([$input, $output]);exit;
```For some reason when I tried to check if $_FILES['myVarName'] was empty() or !isset() or array_key_exists(), it always came back that the file was indeed in the superglobal, even when nothing was uploaded.
I wonder if this is a result of enctype="multipart/form-data".
Anyways, I solved my issue by checking to make sure that $_FILES['myVarName']['size'] > 0