React FileUploader - Server-Side Implementation in PHP

Depending on whether the FileUploader sends Ajax requests or uses an HTML form to upload files, the server must be configured differently. Ready-to-use implementations for both these cases are given below.

See Also

Ajax Upload

  • <?php
  • // Specifies the maximum size allowed for the uploaded files (700 kb)
  • $max_file_size = 700*1024;
  •  
  • // Specifies the path to the file
  • // Here, "file" is a string specified in the FileUploader's "name" property
  • $path_to_file = "images/".$_FILES['file']['name'];
  •  
  • try {
  • // Checks whether the array of uploaded files exists
  • if(!isset($_FILES['file'])) {
  • throw new Exception('File is not specified');
  • }
  •  
  • // Checks that the file was successfully uploaded to the temporary directory
  • if(!is_uploaded_file($_FILES['file']['tmp_name'])) {
  • throw new Exception('Possible file upload attack');
  • }
  •  
  • // Checks that the file size does not exceed the allowed size
  • if($_FILES['file']['size'] > $max_file_size) {
  • throw new Exception('File is too big');
  • }
  •  
  • // Checks that the file is an image
  • if(strpos($_FILES['file']['type'], "image") === false) {
  • throw new Exception('Invalid file type');
  • }
  •  
  • // Here, make sure that the file will be saved to the required directory.
  • // Also, ensure that the client has not uploaded files with malicious content.
  • // If all checks are passed, save the file.
  • move_uploaded_file($_FILES['file']['tmp_name'], $path_to_file);
  • } catch(Exception $e) {
  • http_response_code(500);
  • // Sends the error message to the client in JSON format
  • echo json_encode($e->getMessage());
  • exit;
  • }
  • ?>
NOTE
The PHP function http_response_code can be used in PHP 5 since version 5.4.0. In earlier versions, use the header function instead.
See Also

HTML Form Upload

  • <?php
  • // Checks whether the array of uploaded files exists
  • // Here, "file" is a string specified in the FileUploader's name property
  • if(!isset($_FILES['file'])) {
  • exit;
  • }
  •  
  • // Specifies the maximum size allowed for the uploaded files (700 kb)
  • $max_file_size = 700*1024;
  •  
  • foreach($_FILES['file']['name'] as $k=>$f) {
  • // Checks that the file was successfully uploaded to the temporary directory
  • if(!is_uploaded_file($_FILES['file']['tmp_name'][$k])) {
  • continue;
  • }
  •  
  • // Checks that the file size does not exceed the allowed size
  • if($_FILES['file']['size'][$k] > $max_file_size ) {
  • continue;
  • }
  •  
  • // Checks that the file is an image
  • if(strpos($_FILES['file']['type'][$k], "image") === false) {
  • continue;
  • }
  •  
  • // Specifies the path to the file
  • $path_to_file = "images/".$_FILES['file']['name'][$k];
  •  
  • // Here, make sure that the file will be saved to the required directory.
  • // Also, ensure that the client has not uploaded files with malicious content.
  • // If all checks are passed, save the file.
  • move_uploaded_file($_FILES['file']['tmp_name'][$k], $path_to_file);
  • }
  •  
  • // Redirects to another page
  • header("Location: /index.php");
  • ?>
See Also

Chunk Upload

  • <?php
  • $temp_files_location = "images/temp";
  • $target_location = "images/";
  •  
  • try {
  • // Checks whether the array of uploaded files exists
  • // Here, "file" is a string specified in the FileUploader's "name" property
  • if(!isset($_FILES['file'])) {
  • throw new Exception('File is not specified');
  • }
  •  
  • if(!is_null($_POST['chunkMetadata'])) {
  • // Gets chunk details
  • $metaDataObject = json_decode($_POST['chunkMetadata']);
  •  
  • // ...
  • // Perform security checks here
  • // ...
  •  
  • // Creates a directory for temporary files if it does not exist
  • if (!file_exists($temp_files_location)) {
  • mkdir($temp_files_location);
  • }
  •  
  • $temp_file_path = $temp_files_location . "/" . $metaDataObject->FileGuid . ".temp";
  •  
  • // Appends the chunk to the file
  • $content = file_get_contents($_FILES['file']['tmp_name']);
  • file_put_contents($temp_file_path, $content, FILE_APPEND);
  •  
  • // Checks that the file size does not exceed the allowed size
  • if(filesize($temp_file_path) > 1024*400000) {
  • throw new Exception('File is too large');
  • }
  •  
  • // Saves the file if all chunks are received
  • if($metaDataObject->Index == ($metaDataObject->TotalCount - 1)) {
  • $target_file_path = $target_location . "/" . $metaDataObject->FileName;
  • copy($temp_file_path, $target_file_path);
  • }
  • }
  • } catch(Exception $e) {
  • http_response_code(500);
  • // Sends the error message to the client in JSON format
  • echo json_encode($e->getMessage());
  • exit;
  • }
  • ?>
See Also