PHP SOLUTIONS: DYNAMIC WEB DESIGN MADE EASY What (Web hosting domain names)
PHP SOLUTIONS: DYNAMIC WEB DESIGN MADE EASY What this chapter covers: Understanding how PHP handles file uploads Restricting the size and type of uploads Preventing files from being overwritten Organizing uploads into specific folders Handling multiple uploads PHP s ability to handle forms isn t restricted to text. It can also be used to upload files to a server. In theory, this opens up great possibilities. For instance, you could build a real estate website where clients could upload pictures of their properties, or a site for all your friends and relatives to upload their holiday photos. However, just because you can do it, doesn t necessarily mean that you should. Allowing others to upload material to your web- site could expose you to all sorts of problems. You need to make sure that images are the right size, that they re of suitable quality, and that they don t contain any illegal material. You also need to ensure that uploads don t contain malicious scripts. In other words, you need to protect your website just as carefully as your own computer. Fortunately, the way that PHP handles file uploads makes it relatively simple to restrict the type and size of files accepted. What it cannot do is check the suitability of the content. It s therefore always a good idea to implement a strategy that prevents indecent or illegal material from being automatically displayed on your site. One way is to store uploaded material in a nonpublic directory until it has been approved. Another way is to restrict uploads to registered and trusted users by placing the upload form in a password- protected area. A combination of both approaches is even more secure. User registration and authentication are covered in Chapters 9 and 15. Until you know how to restrict access to pages with PHP, I recommend that you use the PHP Solutions described in this chapter only in a password-protected directory if deployed on a public website. Most hosting companies provide simple password protection through the site s control panel. Before you dive into the scripts, you ll next look at how PHP handles file uploads, which should make the scripts easier to understand when you come to them. How PHP handles file uploads The term upload means moving a file from one computer to another, but as far as PHP is concerned, all that s happening is that a file is being moved from one location to another. This means you can test all the scripts in this chapter on your local computer without the need to upload files to a remote server. PHP supports file uploads by default, but hosting companies can restrict the size of uploads or disable them altogether. Before going any further, it s a good idea to check the settings on your remote server.
Check Tomcat Web Hosting services for best quality webspace to host your web application.