<?php//define a maxim size for the uploaded images in Kb define ("MAX_SIZE","5

1. <?php
2. //define a maxim size for the uploaded images in Kb
3.  define ("MAX_SIZE","500");
4.  
5. //This function reads the extension of the file. It is used to determine if the file  is an image by checking the extension.
6.  function getExtension($str) {
7.          $i = strrpos($str,".");
8.          if (!$i) { return ""; }
9.          $l = strlen($str) - $i;
10.          $ext = substr($str,$i+1,$l);
11.          return $ext;
12.  }
13.  
14. //This variable is used as a flag. The value is initialized with 0 (meaning no error  found)  
15. //and it will be changed to 1 if an errro occures.  
16. //If the error occures the file will not be uploaded.
17.  $errors=0;
18. //checks if the form has been submitted
19.  if(isset($_POST['Submit']))
20.  {
21.     //reads the name of the file the user submitted for uploading
22.     $image=$_FILES['image']['name'];
23.     //if it is not empty
24.     if ($image)
25.     {
26.     //get the original name of the file from the clients machine
27.         $filename = stripslashes($_FILES['image']['name']);
28.     //get the extension of the file in a lower case format
29.         $extension = getExtension($filename);
30.         $extension = strtolower($extension);
31.     //if it is not a known extension, we will suppose it is an error and will not  upload the file,  
32.     //otherwise we will do more tests
33.  if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
34.         {
35.         //print error message
36.             echo '<h1>Unknown extension!</h1>';
37.             $errors=1;
38.         }
39.         else
40.         {
41. //get the size of the image in bytes
42.  //$_FILES['image']['tmp_name'] is the temporary filename of the file
43.  //in which the uploaded file was stored on the server
44.  $size=filesize($_FILES['image']['tmp_name']);
45.  
46. //compare the size with the maxim size we defined and print error if bigger
47. if ($size > MAX_SIZE*1024)
48. {
49.     echo '<h1>You have exceeded the size limit! Limit is 500kb!</h1>';
50.     $errors=1;
51. }
52.  
53. //we will give an unique name, for example the time in unix time format
54. $image_name=time().'.'.$extension;
55. //the new name will be containing the full path where will be stored (images folder)
56. $newname="images/".$image_name;
57. //we verify if the image has been uploaded, and print error instead
58. $copied = copy($_FILES['image']['tmp_name'], $newname);
59. if (!$copied)
60. {
61.     echo '<h1>Copy unsuccessfull!</h1>';
62.     $errors=1;
63. }}}}
64.  
65. //If no errors registred, print the success message
66.  if(isset($_POST['Submit']) && !$errors)
67.  {
68.     echo "<h1>File Uploaded Successfully! Try again!</h1>";
69.  }
70.  
71.  ?>
72.  
73.  <!--next comes the form, you must set the enctype to "multipart/frm-data" and use an input type "file" -->
74.  <form name="newad" method="post" enctype="multipart/form-data"  action="">
75.  <table>
76.     <tr><td><input type="file" name="image"></td></tr>
77.     <tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
78.  </table>  
79.  </form>