All docs
V24.1
24.2
24.1
23.2
23.1
22.2
22.1
21.2
21.1
20.2
20.1
19.2
The page you are viewing does not exist in version 19.2.
19.1
The page you are viewing does not exist in version 19.1.
18.2
The page you are viewing does not exist in version 18.2.
18.1
The page you are viewing does not exist in version 18.1.
17.2
The page you are viewing does not exist in version 17.2.

JavaScript/jQuery FileUploader - Server-Side Implementation in PHP

Depending on whether the FileUploader sends Ajax requests or uses an HTML form to upload files, the server must be configured differently. Ready-to-use implementations for both these cases are given below.

See Also

Ajax Upload

<?php
    // Specifies the maximum size allowed for the uploaded files (700 kb)
    $max_file_size = 700*1024;

    // Specifies the path to the file
    // Here, "file" is a string specified in the FileUploader's "name" property
    $path_to_file = "images/".$_FILES['file']['name'];

    try {
        // Checks whether the array of uploaded files exists
        if(!isset($_FILES['file'])) {
            throw new Exception('File is not specified');
        }

        // Checks that the file was successfully uploaded to the temporary directory
        if(!is_uploaded_file($_FILES['file']['tmp_name'])) {
            throw new Exception('Possible file upload attack');
        }

        // Checks that the file size does not exceed the allowed size
        if($_FILES['file']['size'] > $max_file_size) {
            throw new Exception('File is too big');
        }

        // Checks that the file is an image
        if(strpos($_FILES['file']['type'], "image") === false) {
            throw new Exception('Invalid file type');
        }

        // Here, make sure that the file will be saved to the required directory.
        // Also, ensure that the client has not uploaded files with malicious content.
        // If all checks are passed, save the file.
            move_uploaded_file($_FILES['file']['tmp_name'], $path_to_file);
    } catch(Exception $e) {
        http_response_code(500);
        // Sends the error message to the client in JSON format
        echo json_encode($e->getMessage());
        exit;
    }
?>
NOTE
The PHP function http_response_code can be used in PHP 5 since version 5.4.0. In earlier versions, use the header function instead.
See Also

HTML Form Upload

<?php
    // Checks whether the array of uploaded files exists
    // Here, "file" is a string specified in the FileUploader's name property
    if(!isset($_FILES['file'])) {
        exit;
    }

    // Specifies the maximum size allowed for the uploaded files (700 kb)
    $max_file_size = 700*1024;

    foreach($_FILES['file']['name'] as $k=>$f) {
        // Checks that the file was successfully uploaded to the temporary directory
        if(!is_uploaded_file($_FILES['file']['tmp_name'][$k])) {
            continue;
        }

        // Checks that the file size does not exceed the allowed size
        if($_FILES['file']['size'][$k] > $max_file_size ) {
            continue;
        }

        // Checks that the file is an image
        if(strpos($_FILES['file']['type'][$k], "image") === false) {
            continue;
        }

        // Specifies the path to the file
        $path_to_file = "images/".$_FILES['file']['name'][$k];

        // Here, make sure that the file will be saved to the required directory.
        // Also, ensure that the client has not uploaded files with malicious content.
        // If all checks are passed, save the file.
            move_uploaded_file($_FILES['file']['tmp_name'][$k], $path_to_file);
    }

    // Redirects to another page
    header("Location: /index.php");
?>
See Also

Chunk Upload

<?php
    $temp_files_location = "images/temp";
    $target_location = "images/";

    try {
        // Checks whether the array of uploaded files exists
        // Here, "file" is a string specified in the FileUploader's "name" property
        if(!isset($_FILES['file'])) {
            throw new Exception('File is not specified');
        }

        if(!is_null($_POST['chunkMetadata'])) {
            // Gets chunk details
            $metaDataObject = json_decode($_POST['chunkMetadata']);

            // ...
            // Perform security checks here
            // ...

            // Creates a directory for temporary files if it does not exist
            if (!file_exists($temp_files_location)) {
                mkdir($temp_files_location);
            }

            $temp_file_path = $temp_files_location . "/" .  $metaDataObject->FileGuid . ".temp";

            // Appends the chunk to the file
            $content = file_get_contents($_FILES['file']['tmp_name']);
            file_put_contents($temp_file_path, $content, FILE_APPEND);

            // Checks that the file size does not exceed the allowed size
            if(filesize($temp_file_path) > 1024*400000) {
                throw new Exception('File is too large');
            }

            // Saves the file if all chunks are received
            if($metaDataObject->Index == ($metaDataObject->TotalCount - 1)) {
                $target_file_path = $target_location . "/" .  $metaDataObject->FileName;
                copy($temp_file_path, $target_file_path);
            }
        }
    } catch(Exception $e) {
        http_response_code(500);
        // Sends the error message to the client in JSON format
        echo json_encode($e->getMessage());
        exit;
    }
?>
See Also