Upload File dan Pengelolaan File Upload File Upload

Upload File dan Pengelolaan File

Upload File �Upload merupakan proses penyalinan data yang ada dari komputer client ke komputer server. �Faslilitas upload memungkinkan aplikasi web misalnya pendaftaran keanggotaan. Biasanya upload digunakan untuk mempermudah administrasi.

Handling File Uploads in PHP �PHP must run with the right settings. �You may need to change the PHP configuration file php. ini. �A temporary storage directory must exists with the correct permissions. �Uploaded files are stored here temporarily; the files may be removed from here when your PHP script finishes processing the HTTP request. �The final storage directory must exists with the correct permissions. �You have to write codes to move the uploaded files from the temporary directory to another directory.

Configuring php. ini � file_uploads �Enable/disable PHP support for file uploads � max_input_time �Indicates how long, in seconds, a PHP script is allowed to receive input � post_max_size �Size, in bytes, of the total allowed POST data � upload_tmp_dir �Indicates where uploaded files should be temporarily stored � upload_max_filesize �Size, in bytes, of the largest possible file upload allowed

File Upload Form upload. html: upload. html <html> <head><title>PHP File Upload Form</title></head> <body> <form enctype="multipart/form-data“ action="upload. php” upload. php method="post"> <input type="hidden" name="MAX_FILE_SIZE” MAX_FILE_SIZE value="1000000"> File: <input type="file" file name="userfile"> userfile <input type="submit" value="Upload"> </form> </body> </html>

Character Encoding of Form. Data <form enctype=“value”> enctype • The enctype attribute specifies how form-data should be encoded before sending it to the server. • By default, form-data is encoded to "application/x-www-form-urlencoded”. • This means that all characters are encoded before they are sent to the server • Spaces are converted to "+" symbols • Special characters are converted to ASCII HEX values).

Character Encoding <form enctype=“value”> enctype Value application/x-www-formurlencoded multipart/form-data text/plain Description • All characters are encoded before sent (default setting) • No characters are encoded. • This value is required when you are using forms that have a file upload control • Spaces are converted to "+" symbols • Special characters are not encoded

File Upload. Label Form is automatically assigned

Receiving files • $_FILES['userfile']['tmp_name'] – name of the temporary copy of the file stored on the server. • $_FILES['userfile']['name'] – name of uploaded file. • $_FILES['userfile']['size'] – size of the uploaded file (in bytes). • $_FILES['userfile']['type'] – MIME type of the file such as image/gif. • $_FILES['userfile']['error'] – error that may have been generated as a result of the upload.

Upload error check $userfile_error = $_FILES[ $_FILES 'userfile']['error']; 'userfile' if ($userfile_error > 0) 0 { echo 'Problem: '; switch ($userfile_error){ case 1: echo 'File exceeded upload_max_filesize'; break; case 2: echo 'File exceeded max_file_size'; break; case 3: echo 'File only partially uploaded'; break; case 4: echo 'No file uploaded'; break; } PHP. ini : upload_max_filesize = 2 M exit; } HTML form : MAX_FILE_SIZE directive.

bool is_uploaded_file ( string $filename ) • Returns TRUE if the file named by filename was uploaded via HTTP POST • This is useful to help ensure that a malicious user hasn't tried to trick the script into working on files upon which it should not be working --for instance, /etc/passwd.

bool move_uploaded_file ( string $filename , string $destination ) • This function checks to ensure that the file designated by filename is a valid upload file (meaning that it was uploaded via PHP's HTTP POST upload mechanism). • If the file is valid, it will be moved to the filename given by destination.

Move the uploaded file $tempfile $userfile = $_FILES['userfile']['tmp_name']; = $_FILES['userfile']['name']; // Destination file on server $destfile = '/var/www/html/a_______/temp'. $userfile; // Do we have an uploaded file? if (is_uploaded_file($tempfile)) { // Try and move uploaded file to local directory on server if (!move_uploaded_file($tempfile, $destfile)) { echo 'Problem: Could not move to destination directory'; exit; } } else { echo 'Possible file upload attack. Filename: '. $userfile; exit; } echo 'File uploaded successfully '; Note: The target folder must exist for this example to work! See Upload. html, upload. php

Operasi File

Operasi File � Secara umum format file dibedakan menjadi file teks (ASCII) dan file biner (binary). Contoh file teks adalah file-file dokumen HTML, termasuk didalamnya file script PHP, sedangkan file biner adalah file-file program atau file yang disimpan dalam format biner lainnya. � Secara umum bekerja dengan file selalu mempunyai pola sebagai berikut : �Buka file: Sintaks : $fhandle = fopen(”namafile”, ”mode”) Mode akses : r, r+, w, w+, a, a+, b (binary, agar tidak dibedakan sebagai teks atau biner). �Proses File: Berisi perintah-perintah yang digunakan untuk melakukan pemrosesan file, bisa menulis ke file atau membaca data dari file. �Menutup File: Sintaks : fclose ($fhandle)

Operasi File Membaca Data dari File � fgets() : $var = fgets ($fhandle, jumlahdata) Membaca data file secara baris per baris string. Setiap baris ditandai dengan adanya karakter ganti baris (newline). Jumlah data digunakan untuk membatasi jumlah byte yang harus dibaca. � fread() : $var = fread($fhandle, jumlahdata) Melakukan pembacaan file dalam mode binary dalam mode yang aman (safe mode) dengan jumlah data yang dibaca per sekali baca adalah jumlahdata. � fgetc() : $var = fgetc($fhandle) Membaca data file per karakter (satu karakter). Menulis ke File � fwrite() : fwrite($fhandle, string, length) menulis dalam mode binary safe (binary dan character bisa digunakan).

Operasi File

Operasi File