How to check the Type and Size before File Uploading in PHP ? Last Updated : 13 Feb, 2024 Comments Improve Suggest changes Like Article Like Report In PHP, it's essential to validate file types and sizes before allowing users to upload files to a server. This helps prevent potential security vulnerabilities and ensures that only allowed file types and sizes are accepted. PHP provides various methods to perform these validations, including checking file extensions, MIME types, and file sizes. ApproachChecking File TypeDetermine acceptable file extensions or MIME types.Use pathinfo( ) function to extract the file extension.Compare the file extension or MIME type against the list of allowed types.Checking File SizeDetermine the maximum allowed file size.Use $_FILES superglobal array to access the uploaded file's size.Compare the file size against the maximum allowed size.Syntax:// Define allowed file types and maximum file size$allowedTypes = array('jpg', 'jpeg', 'png', 'gif');$maxFileSize = 2 * 1024 * 1024; // 2MB// Get file details$fileName = $_FILES['file']['name'];$fileSize = $_FILES['file']['size'];$fileType = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));// Check file typeif (!in_array($fileType, $allowedTypes)) { echo "Only JPG, JPEG, PNG, and GIF files are allowed.";}// Check file sizeif ($fileSize > $maxFileSize) { echo "File size exceeds the maximum limit of 2MB.";}// If both checks pass, proceed with file uploadExplanationDefined allowed file types (jpg, jpeg, png, gif) and maximum file size (2MB).Retrieved file details using $_FILES['file'] array.Checked if the file type is allowed using in_array() function.Checked if the file size is within the maximum limit using a simple comparison.If both checks pass, the code proceeds with file upload.Difference between File Type and SizeChecking File TypeChecking File SizeVerify file extensions or MIME types against a predefined listCompare the file size against the maximum allowed sizeUse functions like pathinfo() or MIME type detection to determine file typeAccess file size information using $_FILES superglobal arrayPrevents uploading of disallowed file typesPrevents uploading of excessively large filesUsageSecurity: File type and size validation help prevent security vulnerabilities such as file upload attacks or denial of service attacks.User Experience: Proper validation provides feedback to users about allowed file types and sizes, improving the user experience. Comment More infoAdvertise with us Next Article How to check the Type and Size before File Uploading in PHP ? P pankaj_gupta_gfg Follow Improve Article Tags : PHP WebTech-FAQs PHP-QnA Similar Reads How to change the maximum upload file size in PHP ? The maximum size of any file that can be uploaded on a website written in PHP is determined by the values of max_size that can be posted or uploaded, mentioned in the php.ini file of the server. In case of hosted server need to contact the administrator of the hosting server but XAMPP has interprete 2 min read How to upload a file in PHP ? In this article, we will learn how to upload a file using PHP. Let us first understand some basic configurations. Approach: In your "php.ini" file, search for the "file_uploads" parameter and set it to "On" as mentioned below. file_uploads = On In the "index.html" file, the enctype must be multipart 3 min read Write a Code To Upload A File in PHP? PHP makes it easy to upload files in web applications, whether it's for images, documents, or other types of files. With its built-in functions, uploading files to the server becomes a simple task. However, it's important to be cautious when allowing file uploads, as they can pose security risks. Al 6 min read How to access error code associated with file upload in PHP ? Error in PHP occurs when we do not deal with the cases accordingly. There are many errors that occur during the file upload. The errors are as follows The size of the file is greater than the expected sizeThe extension is not correct or we can say the file type is not matching according to the cond 3 min read How to access actual name of uploaded file in PHP ? In PHP, we can access the actual name of the file which we are uploading by keyword $_FILES["file"]["name"]. The $_FILES is the by default keyword in PHP to access the details of files that we uploaded.The file refers to the name which is defined in the "index.html" form in the input of the file.The 2 min read Like