PHP’s upload checks are the last line of defense against malicious content There are a few more checks that we need to accomplish to solidify our form submission. You can never be too careful especially when allowing others to upload files to your server. I recommend using a tried and tested PHP package, but we’re learning how stuff works here so we’ll do a few more tests ourselves. Recap We have a basic HTML form and a simple process script. <form action=”./upload.php” method=”post” enctype=”multipart/form-data”> <div> Select Image to upload: </div> <div> <input type=”file” name=”file_name” id=”file_name”> </div> <div> <input type=”submit”

Size validation in PHP ensures that uploaded files meet your requirements There are a few more checks that we’ll need to look into while uploading files. We’ve uploaded a file and restricted users from uploading all file types, but there are still a few more things that we’ll need to check like file size. I’m purposefully taking a more drawn out approach to this topic since most people feel overwhelmed when they see the full script in action and never see the components for what they are: individual checks. Recap We have a basic HTML form and a simple

File type validation in PHP safeguards against malicious uploads We looked at file uploading in the previous article and used the minimum amount of steps to accomplish it. This time around, let’s see some other functionality that may be present in the process upload script. If you haven’t done so, read my article on the basics of file uploading. Recap We have a basic HTML form and a simple process script. <form action=”./upload.php” method=”post” enctype=”multipart/form-data”> <div> Select file to upload: </div> <div> <input type=”file” name=”file_name” id=”file_name”> </div> <div> <input type=”submit” name=”submit” value=”Upload”> </div> </form> <?php $target_file = “uploads/” .

Uploading files empowers web users to contribute content effortlessly One of the most misunderstood topics in PHP for beginners. How does someone upload a file? What happens when you click upload? Where does it go? Let’s demystify this process and tackle files in PHP. It’s simpler than you think. Configuration If you’re using the docker container that was provided with the code samples, there’s one thing that you’ll need to do first and that’s to change permissions. What we’re going to do here is not recommended on your production server, but it does give us a quick and easy way

Access server insights with PHP’s built-in predefined variables You’ve seen them already if you’ve been following along. There are a few of them in PHP and we’ll cover some of the most common ones. In the previous article, we looked at the $_GET and $_POST array variables. PHP automatically has access to form submission variables since they’re added to the $_POST variable. Let’s dive into the most common variables. $_SERVER The $_SERVER variable contains some common information that may be needed throughout your application. The array contains information like headers, paths, and script locations. There are predefined keys that you can call and it contains information about

GET fetches data from a server, while POST sends data to it GET and POST requests are not unique to PHP, but it’s still something that you need to understand. HTTP requests allow for communication between the client and the server. In the previous article, we saw that communication when we submitted a form. The form data was entered on the client side (the user’s computer) and when the Submit button was pressed, the data was sent to the server. This might not have been completely clear since our server was running on our computer, but imagine that you deployed

Forms capture data, connecting users and systems. We made it. We’ve gone through enough syntax that we’re ready to start looking at some actual concrete examples, like form processing. We’re going to introduce databases and data-persistence in a later article. All we want to know is how do we send data from a form on the client end to a server, wherever that server may live. Once a user submits a form, the form data is sent to a target page using the post method. We can also use the get method, but that’s out of scope for this article. We’ll cover the get method when

Handling PHP errors paves the way for resilient code For the past 72 articles, we’ve lived life on the optimistic side. Never once did we stop to think that errors might be occurring. We are programmers and we are great at what we do. Why would we think that we should ever worry about error handling? Oh, the users that use our application. Who cares? They should know how to enter valid data when prompted. When we say that they should enter their age, clearly we mean that this should be a number (integer) and not a string. If they

PHP errors signal code hiccups that need attention Before we start looking at ways to handle errors in PHP, I wanted to touch on a few topics that beginner programmers tend to get confused. Bugs are normally errors in code that the programmer coded, that produce a result, and that result is not correct. For example, let’s say that we were creating a power function. If we sent two arguments to the power function, like 2 and 3, we might expect that the power function will raise 2 to the power of 3. If you get 8, the function performed

Discover hidden truths with magic constants in PHP We’ll be exploring PHP’s Magic Constants. __LINE__ displays the current line number of the file. __FILE__ displays the full path and filename of the file. __DIR__ displays the directory of the file. __FUNCTION__ displays the function name, or {closure} for anonymous functions. __CLASS__ displays the class name. The class name includes the namespace it was declared in. __TRAIT__ displays the trait name. The trait name includes the namespace it was declared in. __METHOD__ displays the class method name. __NAMESPACE__ displays the name of the current namespace. Recap: Review where we left off