Simple and convenient file uploads — secure by default
- PHP 5.6.0+
-
Include the library via Composer [?]:
$ composer require delight-im/file-upload -
Include the Composer autoloader:
require __DIR__ . '/vendor/autoload.php';
-
Set up your HTML form for the file upload, e.g.:
<form action="" method="post" enctype="multipart/form-data"> <input type="hidden" name="MAX_FILE_SIZE" value="1048576"> <input type="file" name="my-input-name"> <button type="submit">Upload</button> </form>
The two attributes
method="post"andenctype="multipart/form-data"on the<form>element are mandatory. Likewise, there must be at least one<input type="file">element with a propernameattribute. Finally, some way to submit the form, e.g. the<button type="submit">element, is required. The hidden input namedMAX_FILE_SIZEis an optional hint for the client.
$upload = new \Delight\FileUpload\FileUpload();
$upload->withTargetDirectory('/my-app/users/' . $userId . '/avatars');
$upload->from('my-input-name');
try {
$uploadedFile = $upload->save();
// success: $uploadedFile->getFilenameWithExtension()
}
catch (\Delight\FileUpload\Throwable\InputNotFoundException $e) {
// input not found
}
catch (\Delight\FileUpload\Throwable\InvalidFilenameException $e) {
// invalid filename
}
catch (\Delight\FileUpload\Throwable\InvalidExtensionException $e) {
// invalid extension
}
catch (\Delight\FileUpload\Throwable\FileTooLargeException $e) {
// file too large
}
catch (\Delight\FileUpload\Throwable\UploadCancelledException $e) {
// upload cancelled
}$upload->withMaximumSizeInBytes(4194304);
// or
$upload->withMaximumSizeInKilobytes(4096);
// or
$upload->withMaximumSizeInMegabytes(4);// e.g. int(4194304)
$upload->getMaximumSizeInBytes();
// or
// e.g. int(4096)
$upload->getMaximumSizeInKilobytes();
// or
// e.g. int(4)
$upload->getMaximumSizeInMegabytes();$upload->withAllowedExtensions([ 'jpeg', 'jpg', 'png', 'gif' ]);Note: By default, a set of filename extensions is used that is relatively safe for PHP applications and common on the web. This may be sufficient for some use cases.
// e.g. array(4) { [0]=> string(4) "jpeg" [1]=> string(3) "jpg" [2]=> string(3) "png" [3]=> string(3) "gif" }
$upload->getAllowedExtensionsAsArray();
// or
// e.g. string(16) "jpeg,jpg,png,gif"
$upload->getAllowedExtensionsAsMachineString();
// or
// e.g. string(19) "JPEG, JPG, PNG, GIF"
$upload->getAllowedExtensionsAsHumanString();
// or
// e.g. string(21) "JPEG, JPG, PNG or GIF"
$upload->getAllowedExtensionsAsHumanString(' or ');// e.g. string(24) "/my-app/users/42/avatars"
$upload->getTargetDirectory();$upload->withTargetFilename('my-picture');Note: By default, a random filename will be used, which is sufficient (and desired) in many cases.
// e.g. string(10) "my-picture"
$upload->getTargetFilename();// e.g. string(13) "my-input-name"
$upload->getSourceInputName();$upload = new \Delight\FileUpload\Base64Upload();
$upload->withTargetDirectory('/my-app/users/' . $userId . '/avatars');
$upload->withData($_POST['my-base64']);
try {
$uploadedFile = $upload->save();
// success: $uploadedFile->getFilenameWithExtension()
}
catch (\Delight\FileUpload\Throwable\InputNotFoundException $e) {
// input not found
}
catch (\Delight\FileUpload\Throwable\InvalidFilenameException $e) {
// invalid filename
}
catch (\Delight\FileUpload\Throwable\InvalidExtensionException $e) {
// invalid extension
}
catch (\Delight\FileUpload\Throwable\FileTooLargeException $e) {
// file too large
}
catch (\Delight\FileUpload\Throwable\UploadCancelledException $e) {
// upload cancelled
}$upload->withMaximumSizeInBytes(4194304);
// or
$upload->withMaximumSizeInKilobytes(4096);
// or
$upload->withMaximumSizeInMegabytes(4);// e.g. int(4194304)
$upload->getMaximumSizeInBytes();
// or
// e.g. int(4096)
$upload->getMaximumSizeInKilobytes();
// or
// e.g. int(4)
$upload->getMaximumSizeInMegabytes();$upload->withFilenameExtension('png');Note: By default, the filename extension bin for arbitrary (binary) data will be used, which may be sufficient in some cases.
// e.g. string(3) "png"
$upload->getFilenameExtension();// e.g. string(24) "/my-app/users/42/avatars"
$upload->getTargetDirectory();$upload->withTargetFilename('my-picture');Note: By default, a random filename will be used, which is sufficient (and desired) in many cases.
// e.g. string(10) "my-picture"
$upload->getTargetFilename();// e.g. string(20) "SGVsbG8sIFdvcmxkIQ=="
$upload->getData();$upload = new \Delight\FileUpload\DataUriUpload();
$upload->withTargetDirectory('/my-app/users/' . $userId . '/avatars');
$upload->withUri($_POST['my-data-uri']);
try {
$uploadedFile = $upload->save();
// success: $uploadedFile->getFilenameWithExtension()
}
catch (\Delight\FileUpload\Throwable\InputNotFoundException $e) {
// input not found
}
catch (\Delight\FileUpload\Throwable\InvalidFilenameException $e) {
// invalid filename
}
catch (\Delight\FileUpload\Throwable\InvalidExtensionException $e) {
// invalid extension
}
catch (\Delight\FileUpload\Throwable\FileTooLargeException $e) {
// file too large
}
catch (\Delight\FileUpload\Throwable\UploadCancelledException $e) {
// upload cancelled
}$upload->withMaximumSizeInBytes(4194304);
// or
$upload->withMaximumSizeInKilobytes(4096);
// or
$upload->withMaximumSizeInMegabytes(4);// e.g. int(4194304)
$upload->getMaximumSizeInBytes();
// or
// e.g. int(4096)
$upload->getMaximumSizeInKilobytes();
// or
// e.g. int(4)
$upload->getMaximumSizeInMegabytes();$upload->withAllowedMimeTypesAndExtensions([
'image/jpeg' => 'jpg',
'image/png' => 'png',
'image/gif' => 'gif'
]);Note: By default, a set of MIME types is used that is relatively safe for PHP applications and common on the web. This may be sufficient for some use cases.
// e.g. array(3) { [0]=> string(10) "image/jpeg" [1]=> string(9) "image/png" [2]=> string(9) "image/gif" }
$upload->getAllowedMimeTypesAsArray();
// or
// e.g. string(30) "image/jpeg,image/png,image/gif"
$upload->getAllowedMimeTypesAsMachineString();
// or
// e.g. string(32) "image/jpeg, image/png, image/gif"
$upload->getAllowedMimeTypesAsHumanString();
// or
// e.g. string(34) "image/jpeg, image/png or image/gif"
$upload->getAllowedMimeTypesAsHumanString(' or ');
// or
// e.g. array(3) { [0]=> string(3) "jpg" [1]=> string(3) "png" [2]=> string(3) "gif" }
$upload->getAllowedExtensionsAsArray();
// or
// e.g. string(11) "jpg,png,gif"
$upload->getAllowedExtensionsAsMachineString();
// or
// e.g. string(13) "JPG, PNG, GIF"
$upload->getAllowedExtensionsAsHumanString();
// or
// e.g. string(15) "JPG, PNG or GIF"
$upload->getAllowedExtensionsAsHumanString(' or ');// e.g. string(24) "/my-app/users/42/avatars"
$upload->getTargetDirectory();$upload->withTargetFilename('my-picture');Note: By default, a random filename will be used, which is sufficient (and desired) in many cases.
// e.g. string(10) "my-picture"
$upload->getTargetFilename();// e.g. string(43) "data:text/plain;base64,SGVsbG8sIFdvcmxkIQ=="
$upload->getUri();All contributions are welcome! If you wish to contribute, please create an issue first so that your feature, problem or question can be discussed.
This project is licensed under the terms of the MIT License.