There are some basic steps to handling image uploads using PHP Programming. The first process is the dsign of the web form to provide a vehicle for then image upload process. A PHP Program must be ready to receive and cleanse the form data and image files. Immediate handling of the uploaded files is required, else a temporary storage method is required. Resizing, cropping and modifying the image uploads is typically performed on the image uploads before finally saving the modified images as separate files, and perhaps tracking the new image files in a database.
Creating a web form to start the image upload process is very easy. It is important that the <form> tag that starts the form section include an "enctype" tag with a value of "multipart/form-data" as follows: The form shoulod contain at least one â€œfileâ€ type input so the user can select a file from their computer for upload, as follows:
<input name="photo" id="photo" type="file">
This form tag creates a field-button set that displays a file browser widow when clicked. The user can then select an image file from their computer to be uploaded when the form is submitted.
When the PHP script makes receipt of the form data, given that the other data types have been handled appropriately, the image uploads can be processed. The first step is to check whether there was an image upload at all. If the data set for a file upload is empty, ignore the upload and bypass the image handler for it. If a file was uploaded, there are steps to take before starting PHP image handler programs. There may have been errors, each of which return a value that correlates to a specific problem. If there were no errors, the next PHP script can be executed. Else, the error may be processed for internal tracking and used to generate useful error messaging to the user. Errors may include no data received or the user aborted the upload. After error checking is out of the way, the file must be evaluated. PHP can check the MIME-Type for the file to see if it is a compatible format for the PHP Image Handler Script you have programmed.
There are many MIME-Types for the many file types that exist. The PHP Image Handler Script may have been developed only for JPEG formats, maybe even for GIF formats, but not for BMP or TIFF. The file upload may not be an image at all, such as a text file (.txt) or some other non-image format. The MIME-Type check is usually sufficient to determine what the file upoad really was, but a programmer can adulterate the file and change the MIME-Type tag inside the file data to appear like a JPEG, but actually contain a virus or other harmful program. Always double check your file data before processing it, both to check that it is compatible with your PHP Image Upload Handler Script as well as not a Network Security issue.
Once you can establish that the file upload is a good image format and is ready for processing, your PHP Program might benefit from storing the raw upload to a temporary directory, or perhaps a â€œrawâ€ storage area for users to access. PHP Web Photo Galleries would typically store the original upload to save the largest size possible. The smaller sizes generated would be used for presentation and searching, before finally accessing the large raw file. The reason for storing the image immediately is because the PHP Server will vaporize the uploaded file when the PHP Script finishes execution. PHP Servers store file uploads to temporary directories with temporary file names until the script has finished execution. At that point, the PHP Server deletes the file and it is not accessible for further handling.
Depending on the goals of the PHP Image Uploader Script, there are some basic steps to take before manipulating the image upload. Check the aspect ratio by dividing the two dimensions. The PHP Program will not inspect resolution tags, so it is processed at the standard 72 dpi resolution by default. Knowing the aspect ratio is important so your script can generate new sizes proportionately to the original upload. Validating the aspect ratio can be important for sites where ratios below 2:3 and above 3:4 can be considered an error, or can be cropped to fit potential site requirements. Generating smaller size images requires a target height or width, which is either multiplied by or divided by the aspect ratio, depending on which target dimension is used and how you calculated your aspect ratio.
The PHP Image Upload Handler Script can define colors in the active color palette. These colors must be defined before applying textual overlays or drawing artwork on the image, such as lines or circles. Lines may be draw on the image at any length or angle within the image borders. Lines maybe used to create a peripheral rule (border) or to obfuscate text in graphical image blockers. There are many shapes and methods for drawing artwork on the image.
Overlays may be used to watermark images with the website address, photographerâ€™s credits, and with company logos. They may be applied from opaque to translucent, and at any size within the image borders. Applying txet to an image is used when the text content is unknown prior to programming, perhaps allowing the user the ability to define that content. When the text content will not change, it can be incorporated into an overlay graphic. Transparent GIF images may be used and the masked area retained. A caveat of using transparent GIFs is that the edges will not anti-alias smoothly. In high contrast situations, the edges of transparent GIFs will not look good. Knowing the dimensions of the uploaded image and iterating the pixels with the associated color palette, the PHP Program can find areas of color, brightness and saturation, allowing the PHP Program to determine where an image overlay should be placed to avoid high contrast situations. For best PHP image generation results, smaller sizes should be generated from the original image upload, not from successively reduced versions of the original.
Image file storage methods depends on the PHP website design and goals. Images of different sizes are used for different website purposes ranging from thumbnails to small search results images, to medium detail age views and large detailed views. The original may be tored as well to provide a size that is not reasonable for web browser viewing but great for userâ€™s to download and re-purpose. Different image sizes can be stored in separate directories for each image size. This results in a THUMBS directory separate from SMALL, MEDIUM, LARGE or RAW image directories. Images may be stored together in the same directory, but with different file names, such as thumb_imagename.jpg, small_imagename.jpg, medium_imagename.jpg, large_imagename.jpg, and raw_imagename.jpg. IMage sets may be stored with this nomenclature in separate subdirectories within a userâ€™s account, or cataloged by any or the numerous options for file storage.
Whichever file storage method chosen, the file names for each image set need a common file name component, so they may be identified as associated to each other. Whether the PHP Program is using MySQL Database Programming or some form of flat file data storage, the file name commonalities must persist. The PHP Program will look for the base component of the file name and PHP will generate the various full file names to associate the image file set together. A useful method for naming file sets is to use a 10 digit timestamp. Timestamps provide an added benefit of knowing the date and time the upload was performed. The timestamp may be stored in a MySQL Database as a DATE value, and can be re-purposed for image tracking, directory naming, and other tracking systems.
Proprietary images and pay-per-use websites would require the PHP Program to protect the images from random and anonymous users. This situation simple requires that the PHP Program store the image uploads to a directory that can be protected. That directory and its subdirectories can be located outside of the web root where the PHP Server can access and deliver the content. It can be located inside the web root with GUEST permissions set to NONE, so only WWW or the PHP Server can read and deliver the content, and the PHP Scripts are required to stream the file content. Secured file storage systems would remove the MIME-Type from the image data, remove the file extension from the file name, store the files outside of the web root, and keep access permissions configured correctly. When the image data is needed for streaming to the user, as a download or for display, the PHP Program can read the image file and stream the data with a generated MIME-Type for the browser to understand. Membership access and other forms of access restrictions may be used to add layers of protection. Although this is not really a subject of Network Security, there are distinct advantages to the PHP Programmer who understands Network Security.