Image Upload, Rename and Apply Restrictions Using PHP

by Hiroshi on June 17, 2008

in File Upload, Scripts, Security

This script accepts just images and uploads these into ‘images’ directory.


– Determines Max File Size (Size Restriction)
– Accepts just jpg, jpeg, png or gif image files
– Changes extension of image into lowercase
– Stores the file in predefined directory at your server
– Replaces names of files with random digits (Rename)

Form Code

<form name="newad" method="post" enctype="multipart/form-data" action="upload.php">
<tr><td><input type="file" name="image"></td></tr>
<tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>

PHP Code

//define a maxim size for the uploaded images in Kb
define ("MAX_SIZE","100");
//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
//This variable is used as a flag. The value is initialized with 0 (meaning no error found) and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.
//checks if the form has been submitted
//reads the name of the file the user submitted for uploading
//if it is not empty
if ($image)
//get the original name of the file from the clients machine
$filename = stripslashes($_FILES['image']['name']);
//get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
//if it is not a known extension, we will suppose it is an error and will not upload the file, otherwize we will do more tests
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
//print error message
echo '<h1>Unknown extension!</h1>';
//get the size of the image in bytes
//$_FILES['image']['tmp_name'] is the temporary filename of the file in which the uploaded file was stored on the server
//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*1024)
echo '<h1>You have exceeded the size limit!</h1>';
//we will give an unique name, for example the time in unix time format
//the new name will be containing the full path where will be stored (images folder)
//we verify if the image has been uploaded, and print error instead
$copied = copy($_FILES['image']['tmp_name'], $newname);
if (!$copied)
echo '<h1>Copy unsuccessfull!</h1>';
//If no errors registred, print the success message
if(isset($_POST['Submit']) && !$errors)
echo "<h1>File Uploaded Successfully! Try again!</h1>";


  • CHMOD ‘images’ folder to 777 if it is at online server
  • Use enctype=”multipart/form-data” in form tag

Upload Image & Apply Restrictions & Rename Script Download

Related Posts

Previous post:

Next post: