In this tutorial I will show you how easy it is to create a script which will upload files to your own web server, and how to allow only certain files for upload :)

1. Start a new HTML file in your normal editing program.

2. Add the following code to your <body> section of the page:

    

   <form name="MyForm" enctype="multipart/form-data" method="post" action="">
   <input type="file" name="MyFile">
   <input type="submit" name="Submit" value="Submit!">
   </form>

    

   For the most part, the code is straight forward.
   enctype="multipart/form-data" just tells the form you are going to attatch a file. Also, note that method="post", $_FILES will not work with "get" so keep it as it is :)

1. Now open up some PHP tags in the body of your code. We need to data from the form to be passed into the PHP of the file, which we achieve with if/else statements.
    
   Your code should look something like this:

    

       <?php
       if ($Submit == "Submit!") {
       // Where the file will be asessed + uploaded
       } else {
       ?>
       <form name="MyForm" enctype="multipart/form-data" method="post" action="">
         <input type="file" name="MyFile">
         <input type="submit" name="Submit" value="Submit!">
       </form>
       <?php
        }
       ?>
    

    

2. Ok so we have our form handler. Before we start uploading files, we want to make sure that they meet our requirements. In this case I will only allow image files, less than 15kb to be uploaded.
   First I will deal with the file type:

    

   echo "You chose file: ".$_FILES['MyFile']['name'] ;
   echo "<br />" ;
   if (($_FILES['MyFile']['type'] != "image/gif") &&
       ($_FILES['MyFile']['type'] != "image/x-png") &&
       ($_FILES['MyFile']['type'] != "image/pjpeg")) {
       echo "You did not choose an image file. Naughty!" ;
   }

    

   This code prints the name of the file submitted, and then determines the file type.
    
   The IF statement basically reads "If the file is not a gif AND not a png AND not a jpeg..." using MIME types which can be found on the internet.

3. Now make sure it is an appropriate file size:

    

   elseif ($_FILES['MyFile']['size'] > 15000) {
            echo "The file size is bigger than 15kb. Naughty!" ;
        }

    

4. If it meets all the requirements, upload the file:

    

   else {
     copy($_FILES['MyFile']['tmp_name'], "images/".$_FILES['MyFile']['name']) ;
            echo "File uploaded. Well done :)" ;
     }

    

   All this code does, is transfer the file from the users temporary directory, into the chosen folder on the server, giving it it's original name.
    
   ("images/" is the sub folder within the directory upload.php is contained in).
   
   In order to upload files to the folder, it's CHMOD properties need to be modified to 777. This can usually be done by simply right clicking on the chosen directory.
    

   

   [ Directory Properties ]

5. That's it! Your code should look like this. Just upload everything to your server, and test it

---

Sum Up
Well, that was pretty easy :) You should have a fully functional upload script, which at the moment, only allows you to upload images. I suggest that you play around with MIME types + file sizes to get an idea of which files should be uploaded, and which shouldn't!
 
Also, you should have noticed that this method isn't very secure. Anyone can upload files + tamper with the directory (because of the CHMOD settings). I suggest using this script as a basis, but if you are to incorporate it into a proper application, use some type of login system for security :)

If you have any problems, feel free to email me, or check out the kirupaForum.
Cheers
 

Lukus For Inspiration :)