DevExtreme React - Server-Side Implementation in PHP
Depending on whether the FileUploader sends Ajax requests or uses an HTML form to upload files, the server must be configured differently. Ready-to-use implementations for both these cases are given below.
See Also
Ajax Upload
<?php
// Specifies the maximum size allowed for the uploaded files (700 kb)
$max_file_size = 700*1024;
// Specifies the path to the file
// "file" is the value of the FileUploader's "name" option
$path_to_file = "images/".$_FILES['file']['name'];
try {
// Checks whether the array of uploaded files exists
if(!isset($_FILES['file'])) {
throw new Exception('File is not specified');
}
// Checks that the file was successfully uploaded to the temporary directory
if(!is_uploaded_file($_FILES['file']['tmp_name'])) {
throw new Exception('Possible file upload attack');
}
// Checks that the file size does not exceed the allowed size
if($_FILES['file']['size'] > $max_file_size) {
throw new Exception('File is too big');
}
// Checks that the file is an image
if(strpos($_FILES['file']['type'], "image") === false) {
throw new Exception('Invalid file type');
}
// Here, make sure that the file will be saved to the required directory.
// Also, ensure that the client has not uploaded files with malicious content.
// If all checks are passed, save the file.
move_uploaded_file($_FILES['file']['tmp_name'], $path_to_file);
} catch(Exception $e) {
http_response_code(500);
// Sends the error message to the client in JSON format
echo json_encode($e->getMessage());
exit;
}
?>NOTE
The PHP function http_response_code can be used in PHP 5 since version 5.4.0. In earlier versions, use the header function instead.
See Also
HTML Form Upload
<?php
// Checks whether the array of uploaded files exists
// "file" is the value of the FileUploader's "name" option
if(!isset($_FILES['file'])) {
exit;
}
// Specifies the maximum size allowed for the uploaded files (700 kb)
$max_file_size = 700*1024;
foreach($_FILES['file']['name'] as $k=>$f) {
// Checks that the file was successfully uploaded to the temporary directory
if(!is_uploaded_file($_FILES['file']['tmp_name'][$k])) {
continue;
}
// Checks that the file size does not exceed the allowed size
if($_FILES['file']['size'][$k] > $max_file_size ) {
continue;
}
// Checks that the file is an image
if(strpos($_FILES['file']['type'][$k], "image") === false) {
continue;
}
// Specifies the path to the file
$path_to_file = "images/".$_FILES['file']['name'][$k];
// Here, make sure that the file will be saved to the required directory.
// Also, ensure that the client has not uploaded files with malicious content.
// If all checks are passed, save the file.
move_uploaded_file($_FILES['file']['tmp_name'][$k], $path_to_file);
}
// Redirects to another page
header("Location: /index.php");
?>See Also
Feel free to share topic-related thoughts here.
If you have technical questions, please create a support ticket in the DevExpress Support Center.
Thank you for the feedback!
If you have technical questions, please create a support ticket in the DevExpress Support Center.