see http://php.net/manual/en/features.file-upload.post-method.php for documentation of the $_FILES array, which is what I came to this page for in the first place.
$_FILES — HTTP 文件上传变量
通过 HTTP POST 方式上传到当前脚本的项目的数组。 此数组的概况在 POST 方法上传 章节中有描述。
注意:
“Superglobal”也称为自动化的全局变量。这就表示其在脚本的所有作用域中都是可用的。不需要在函数或方法中用 global $variable; 来访问它。
see http://php.net/manual/en/features.file-upload.post-method.php for documentation of the $_FILES array, which is what I came to this page for in the first place.If you are looking for the $_FILES['error'] code explanations, be sure to read:
Handling File Uploads - Error Messages Explained
http://www.php.net/manual/en/features.file-upload.errors.phpA nice trick to reorder the $_FILES array when you use a input name as array is:
<?php
function diverse_array($vector) {
$result = array();
foreach($vector as $key1 => $value1)
foreach($value1 as $key2 => $value2)
$result[$key2][$key1] = $value2;
return $result;
}
?>
will transform this:
array(1) {
["upload"]=>array(2) {
["name"]=>array(2) {
[0]=>string(9)"file0.txt"
[1]=>string(9)"file1.txt"
}
["type"]=>array(2) {
[0]=>string(10)"text/plain"
[1]=>string(10)"text/html"
}
}
}
into:
array(1) {
["upload"]=>array(2) {
[0]=>array(2) {
["name"]=>string(9)"file0.txt"
["type"]=>string(10)"text/plain"
},
[1]=>array(2) {
["name"]=>string(9)"file1.txt"
["type"]=>string(10)"text/html"
}
}
}
just do:
<?php $upload = diverse_array($_FILES["upload"]); ?>this is frustrating that the explanations redirected by anchors are providing unsufficient information or even worst is provide nothing. instead, looking for people to make the resources locale, you MUST provide approprate documentation for everybody.In checking the error code, you probably ought to check for code 4. I believe Code 4 means no file was uploaded, and there are many instances where that's perfectly OK.
Such as when you have a form with multiple data items, including file and image uploads, plus whatever else. The user might not be adding a new upload for whatever reason, such as there may already be a file in the system from an earlier update, and the user is satisfied with that.The format of this array is (assuming your form has two input type=file fields named "file1", "file2", etc):
Array
(
[file1] => Array
(
[name] => MyFile.txt (comes from the browser, so treat as tainted)
[type] => text/plain (not sure where it gets this from - assume the browser, so treat as tainted)
[tmp_name] => /tmp/php/php1h4j1o (could be anywhere on your system, depending on your config settings, but the user has no control, so this isn't tainted)
[error] => UPLOAD_ERR_OK (= 0)
[size] => 123 (the size in bytes)
)
[file2] => Array
(
[name] => MyFile.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php/php6hst32
[error] => UPLOAD_ERR_OK
[size] => 98174
)
)
Last I checked (a while ago now admittedly), if you use array parameters in your forms (that is, form names ending in square brackets, like several file fields called "download[file1]", "download[file2]" etc), then the array format becomes... interesting.
Array
(
[download] => Array
(
[name] => Array
(
[file1] => MyFile.txt
[file2] => MyFile.jpg
)
[type] => Array
(
[file1] => text/plain
[file2] => image/jpeg
)
[tmp_name] => Array
(
[file1] => /tmp/php/php1h4j1o
[file2] => /tmp/php/php6hst32
)
[error] => Array
(
[file1] => UPLOAD_ERR_OK
[file2] => UPLOAD_ERR_OK
)
[size] => Array
(
[file1] => 123
[file2] => 98174
)
)
)
So you'd need to access the error param of file1 as, eg $_Files['download']['error']['file1']Here's a function that I have used to get a nice simple array of all incoming files from a page. It basically just flattens the $FILES array. This function works on many file inputs on the page and also if the inputs are '<input type="file[]" multiple>'. Note that this function loses the file input names (I usually process the files just by type).
<?php
function incoming_files() {
$files = $_FILES;
$files2 = [];
foreach ($files as $input => $infoArr) {
$filesByInput = [];
foreach ($infoArr as $key => $valueArr) {
if (is_array($valueArr)) { // file input "multiple"
foreach($valueArr as $i=>$value) {
$filesByInput[$i][$key] = $value;
}
}
else { // -> string, normal file input
$filesByInput[] = $infoArr;
break;
}
}
$files2 = array_merge($files2,$filesByInput);
}
$files3 = [];
foreach($files2 as $file) { // let's filter empty & errors
if (!$file['error']) $files3[] = $file;
}
return $files3;
}
$tmpFiles = incoming_files();
?>
will transform this:
Array
(
[files1] => Array
(
[name] => facepalm.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php3zU3t5
[error] => 0
[size] => 31059
)
[files2] => Array
(
[name] => Array
(
[0] => facepalm2.jpg
[1] => facepalm3.jpg
)
[type] => Array
(
[0] => image/jpeg
[1] => image/jpeg
)
[tmp_name] => Array
(
[0] => /tmp/phpJutmOS
[1] => /tmp/php9bNI8F
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 78085
[1] => 61429
)
)
)
into this:
Array
(
[0] => Array
(
[name] => facepalm.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php3zU3t5
[error] => 0
[size] => 31059
)
[1] => Array
(
[name] => facepalm2.jpg
[type] => image/jpeg
[tmp_name] => /tmp/phpJutmOS
[error] => 0
[size] => 78085
)
[2] => Array
(
[name] => facepalm3.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php9bNI8F
[error] => 0
[size] => 61429
)
)A note of security: Don't ever trust $_FILES["image"]["type"]. It takes whatever is sent from the browser, so don't trust this for the image type. I recommend using finfo_open (http://www.php.net/manual/en/function.finfo-open.php) to verify the MIME type of a file. It will parse the MAGIC in the file and return it's type...this can be trusted (you can also use the "file" program on Unix, but I would refrain from ever making a System call with your PHP code...that's just asking for problems).Best way to check if $_FILES is empty or not is to check if the name of the index 0 is set.
<?php
if ($_FILES['fieldname']['name'][0] != ""){
//Code goes here!
}
?>Error code returned in $_FILES['userfile']['error'].
■UPLOAD_ERROR_OK, value 0, means no error occurred.
■ UPLOAD_ERR_INI_SIZE, value 1, means that the size of the uploaded file exceeds the
maximum value specified in your php.ini file with the upload_max_filesize directive.
■ UPLOAD_ERR_FORM_SIZE, value 2, means that the size of the uploaded file exceeds the
maximum value specified in the HTML form in the MAX_FILE_SIZE element.
■ UPLOAD_ERR_PARTIAL, value 3, means that the file was only partially uploaded.
■ UPLOAD_ERR_NO_FILE, value 4, means that no file was uploaded.
■ UPLOAD_ERR_NO_TMP_DIR, value 6, means that no temporary directory is specified in the
php.ini.
■ UPLOAD_ERR_CANT_WRITE, value 7, means that writing the file to disk failed.
■ UPLOAD_ERR_EXTENSION, value 8, means that a PHP extension stopped the file upload
process.For quick debugging (eg. var_dump($_FILES);), these are the values of the error constants. Obviously don't use these for comparison in real code.
UPLOAD_ERR_OK: 0
UPLOAD_ERR_INI_SIZE: 1
UPLOAD_ERR_FORM_SIZE: 2
UPLOAD_ERR_NO_TMP_DIR: 6
UPLOAD_ERR_CANT_WRITE: 7
UPLOAD_ERR_EXTENSION: 8
UPLOAD_ERR_PARTIAL: 3Nontypicall array comes in php after the submission.I wrote a small function to restate it to the familiar look.
<?php
function multiple(array $_files, $top = TRUE)
{
$files = array();
foreach($_files as $name=>$file){
if($top) $sub_name = $file['name'];
else $sub_name = $name;
if(is_array($sub_name)){
foreach(array_keys($sub_name) as $key){
$files[$name][$key] = array(
'name' => $file['name'][$key],
'type' => $file['type'][$key],
'tmp_name' => $file['tmp_name'][$key],
'error' => $file['error'][$key],
'size' => $file['size'][$key],
);
$files[$name] = multiple($files[$name], FALSE);
}
}else{
$files[$name] = $file;
}
}
return $files;
}
print_r($_FILES);
/*
Array
(
[image] => Array
(
[name] => Array
(
[0] => 400.png
)
[type] => Array
(
[0] => image/png
)
[tmp_name] => Array
(
[0] => /tmp/php5Wx0aJ
)
[error] => Array
(
[0] => 0
)
[size] => Array
(
[0] => 15726
)
)
)
*/
$files = multiple($_FILES);
print_r($files);
/*
Array
(
[image] => Array
(
[0] => Array
(
[name] => 400.png
[type] => image/png
[tmp_name] => /tmp/php5Wx0aJ
[error] => 0
[size] => 15726
)
)
)
*/
?>If $_FILES is empty, even when uploading, try adding enctype="multipart/form-data" to the form tag and make sure you have file uploads turned on.For some reason when I tried to check if $_FILES['myVarName'] was empty() or !isset() or array_key_exists(), it always came back that the file was indeed in the superglobal, even when nothing was uploaded.
I wonder if this is a result of enctype="multipart/form-data".
Anyways, I solved my issue by checking to make sure that $_FILES['myVarName']['size'] > 0