Usage example: max_size *= 15; // 15 MB // Add some extensions $uploader->add_extension('jpg', 'bmp', 'png'); // Set an upload dir $uploader->upload_path = './uploads/'; // Upload file(s) $uploader->upload(); // Show the upload form. Use display_transloader() for the transloader. $uploader->display_uploader('upload.php', 20); // Show allowed extensions to user echo $uploader->get_extensions(true); // Display all uploaded files $uploader->get_uploaded_files(); // Display all errors $uploader->get_errors(); ?> Note that most of the steps can be skipped if they're already configured in the class itself. Check the first variables. Here the class: files = $_FILES['swd_upload']; $this->transload = $_POST['swd_transload']; if ($this->enable_subdirs) { $this->subdir = date($this->subdir_format) .'/'; } } /** * Checks quick if the filename is valid, and if the number of max uploads * hasn't been passed yet. Sends array key to move() if everything ok here. * * @return mixed */ function upload() { if (!is_array($this->files['error']) OR !$this->is_valid_upload_path()) { return false; } foreach ($this->files['error'] AS $key => $error) { $filename = $this->files['name'][$key]; $this->_key = $key; if (empty($filename)) { continue; } else if (sizeof($this->uploaded_files) >= $this->max_uploads) { $this->set_error(sprintf($this->default_errors[11], $this->max_uploads)); return false; } else if ($this->is_valid_file($filename) AND ($error === 0)) { $this->move(); } else if (!empty($error)) { $this->set_error($this->default_errors[$error]); } } } /** * Transloads a file from another host to the upload directory. * * @return boolean */ function transload() { if (ini_get('allow_url_fopen') == 0) { $this->set_error($this->default_errors[15]); return false; } if (!$this->is_valid_upload_path()) { return false; } if (!empty($this->transload)) { $filename = basename($this->transload); $contents = ''; if (!$this->is_valid_file($filename, false)) { return false; } set_time_limit(0); @ini_set('user_agent', 'PHP'); if (!($fp = @fopen($this->transload, 'rb'))) { $this->set_error($this->default_errors[14]); return false; } while (!feof($fp)) { $contents .= fread($fp, 8192); if ($this->max_size AND (strlen($contents) > $this->max_size)) { $this->set_error(sprintf($this->default_errors[9], $this->max_size)); return false; } } fclose($fp); if ($upload = @fopen($this->upload_path . $this->subdir . $this->rand_name($filename), 'w')) { fwrite($upload, $contents); fclose($upload); } $this->uploaded_files[] = $filename; return true; } } /** * Checks if the file has a valid extension and if the size is not over the * max upload limit. * * @param string Filename * @param boolean If true, checks for size as well. * * @return boolean */ function is_valid_file($filename, $checksize = true) { if (!in_array($this->file_extension($filename), $this->extensions)) { $this->set_error(sprintf($this->default_errors[8], $this->file_extension($filename), $filename)); return false; } if ($checksize AND $this->max_size) { if ($this->files['size'][$this->_key] > $this->max_size) { $this->set_error(sprintf($this->default_errors[9], $this->max_size)); return false; } } return true; } /** * Moves the uploaded file from the temp directory to the upload directory. */ function move() { $filename = $this->files['name'][$this->_key]; if (is_uploaded_file($this->files['tmp_name'][$this->_key])) { $upload_name = $this->rand_name($filename); if (@move_uploaded_file($this->files['tmp_name'][$this->_key], $this->upload_path . $this->subdir . $upload_name)) { array_push($this->uploaded_files, $upload_name); } else { $this->set_error(sprintf($this->default_errors[10], $filename)); } } else { $this->set_error(sprintf($this->default_errors[12], $filename)); } } /** * Checks if the upload path (and subdir if enabled) exists and attempts * to create it if not. Also creates empty index files if enabled. * * @return boolean */ function is_valid_upload_path() { $paths = array($this->upload_path); if ($this->enable_subdirs) { array_push($paths, $this->upload_path . $this->subdir); } foreach ($paths AS $path) { if (!file_exists($path) AND !@mkdir($path, 0755)) { $this->set_error($this->default_errors[13]); return false; } else if (!is_writable($path) AND !chmod($path, 755)) { $this->set_error($this->default_errors[17]); return false; } if ($this->create_index AND !file_exists($path . $this->index_file)) { @touch($path . $this->index_file); } } return true; } /** * Adds one or more extensions to the allowed extensions array. * * @param mixed Allowed extensions. Can either be an array or strings as arguments. * * @return boolean */ function add_extension() { $extensions = func_get_args(); return $this->extensions = array_merge($this->extensions, (is_array($extensions[0]) ? $extensions[0] : $extensions)); } /** * Removes one or more extensions from the allowed extensions array. * * @param mixed Extensions that need to be removed. Can either be an array or strings as arguments. * * @return boolean */ function remove_extension() { $extensions = func_get_args(); return $this->extensions = array_diff($this->extensions, (is_array($extensions[0]) ? $extensions[0] : $extensions)); } /** * Returns all allowed extensions either as array or string. * * @param boolean Returns the extensions as array if FALSE. * @param string Separator between extensions. * * @return mixed */ function get_extensions($as_string = false, $separator = ', ') { $extensions = array_unique($this->extensions); return ($as_string ? implode($separator, $extensions) : $extensions); } /** * Returns the last characters after the last dot in the given string. * * @param string Filename * * @return string Extension */ function file_extension($filename) { return strtolower(substr(strrchr($filename, '.'), 1)); } /** * Generates a unique name for the uploaded file if enabled. * * @param string Filename * * @return string Random name */ function rand_name($original) { if ($this->overwrite OR !file_exists($this->upload_path . $this->subdir . $original)) { return $original; } else { return $this->rand_name(substr(md5(rand(1, 5000) . time() . rand(50, 7000)), -5) .'_'. $original); } } /** * Adds an error to the array. * * @param string Error message * * @return none */ function set_error($error) { $this->errors[] = $error; } /** * Displays the upload form based on the allowed max uploads. * * @param string If the form should be submitted to another file, this needs to be changed to the target filename. * * @return string Upload form */ function display_uploader($action = false) { echo '
'. "\r\n"; echo '
'. "\r\n"; for ($i = 0; $i < $this->max_uploads; $i++) { echo "\t" .'

'. "\r\n"; } echo "\t" .''. "\r\n"; echo '
'. "\r\n"; echo '
'. "\r\n"; } /** * Displays the transloader form. * * @param mixed Target filename for the form, or FALSE for self. * @param integer Size for the text field. * * @return string Upload form. */ function display_transloader($action = false, $size = 20) { echo '
'. "\r\n"; echo '
'. "\r\n"; echo "\t". ''. "\r\n"; echo "\t". ''. "\r\n"; echo '
' ."\r\n"; echo '
'. "\r\n"; } /** * Returns all errors either as array or as HTML list. * * @param boolean If true, returns errors as array. * * @return mixed */ function get_errors($as_array = false) { if ($as_array OR sizeof($this->errors) === 0) { return ($as_array ? $this->errors : ''); } echo '
'. "\r\n"; echo '' ."\r\n"; echo '
' ."\r\n"; } /** * ========================================================================= * UPLOAD CLASS END * ========================================================================= * Copyright (C) 2006 by Nicolas Oelgart. */ } ?>