Upload image with size and type validation in PHP

By Admin - June 13, 2017 2:24 pm   1   383   0

In this article, you ll learn some simple and easy tricks to upload the image with image type validation and image size validation. Image type validation is must now-a-days because if you don t use image type validation someone could easily hack your website by upload their own hackable file. So read this article to learn some simple way to upload image with proper validations in PHP

Firstly, you have to create two file One is index.php and second is image_upload.php. You can also create files with any name i am just giving you example. So lets start:

Steps :

  1. Create index.php file.
  2. Create image_upload.php file.
  3. Create database table to insert the name of the image.
  4. Change the folder permission to 777 to write files into the folder. (Server point)


Step-1 : index.php file Code

<title>Image Upload in php</title>
<form name="imageUpload" action="image_upload.php" method="post" enctype="multipart/form-data">
<td>Upload Image</td>
<td><input type="file" name="imgName" id="imgName" /></td>


Step-2 : upload_image.php file Code

$conn = mysqli_connect("localhost","root","","test") or die(mysqli_error());
//imgName is the form field name and name get the name of image
$imgName = $_FILES['imgName']['name'];
if($imgName != "")
//tmp_name is temporary location of image
$imgTemp = $_FILES['imgName']['tmp_name'];
//defines size of image
$imgSize = $_FILES['imgName']['size'];
//get type of image
$imgType = $_FILES['imgName']['type'];
//for unique name we use time()
$imgName = time()."_".$imgTName;
//store folder and image name into variable
$imgDest = "foldername/".$imgName;
//explode() is used for break string into array and we break image into into array so we get extension of the image
$imgExtension1 = explode('/',$imgType);
//strtolower is used for convert letters into lower character and end() is used for display the first and last element of array
$imgExtension = strtolower(end($imgExtension1));
//check the file is image or not
if($imgExtension == "jpeg" || $imgExtension == "png" || $imgExtension == "jpg" || $imgExtension == "gif" )
//check the image size should be in 3mb
if($imgSize > 3000000)
echo "Image Size must be in 3 MB(Megabyte)";
echo "Image extension should be .jpg, .png or .gif";

//Query for save image Name into database so we can access image in future
if($imgName == "")
$imgQuery = "insert into test_table set imgName='$imgName'";
$imgQueryResult = mysqli_query($conn, $imgQuery);
//if query is wrong not working due to any issue
echo "Unable to save record into database";

//for move image into folder
echo "Something wrong while moving image into folder";


Step-3 : Database Script

Create database test;

create table test_table(imgName varchar(100) not null);


Step-4 : Change permission on server (For Server)

  1. Open filezilla software.
  2. Connect to FTP
  3. RIght click on the particular folder and click on last option "File permissions".
  4. tick all options or write Numeric Value = 777.