Cara membuat fungsi upload data di php

Fungsi upload data di PHP digunakan untuk mengirim dan menyimpan data dari form ke server, baik berupa file (gambar, dokumen, dll) maupun data teks ke database.
Pada materi ini, fokus utama adalah upload file (misalnya gambar) menggunakan PHP.

Syarat Upload File di PHP

Agar proses upload berjalan dengan baik, diperlukan:

Form HTML dengan method="POST"
Atribut enctype="multipart/form-data"
PHP menggunakan variabel $_FILES

Struktur Folder

Contoh struktur folder:


project/
│── upload.php
│── proses_upload.php
│── uploads/

Folder uploads/ digunakan untuk menyimpan file yang diupload.

Membuat Form Upload

Form digunakan untuk memilih file yang akan diupload.


<form action="proses_upload.php" method="post" enctype="multipart/form-data">
    <label>Pilih File:</label>
    <input type="file" name="file_upload">
    <button type="submit" name="upload">Upload</button>
</form>

Penjelasan:

enctype="multipart/form-data" → wajib untuk upload file
input type="file" → memilih file
name="file_upload" → nama file diambil di PHP

Mengambil Data File di PHP

PHP menyediakan variabel $_FILES untuk menangani file upload.


$file = $_FILES['file_upload'];

Isi $_FILES:

name → nama file
tmp_name → lokasi sementara file
size → ukuran file
type → tipe file
error → status upload

Membuat Fungsi Upload di PHP

Berikut contoh fungsi upload file.


<?php
function uploadFile($file) {
    $namaFile = $file['name'];
    $tmpFile  = $file['tmp_name'];
    $ukuran   = $file['size'];

    $folderTujuan = "uploads/";
    $namaBaru = uniqid() . "_" . $namaFile;

    if ($ukuran > 2000000) {
        return false; // maksimal 2MB
    }

    move_uploaded_file($tmpFile, $folderTujuan . $namaBaru);
    return $namaBaru;
}
?>

Menggunakan Fungsi Upload

Fungsi dipanggil setelah tombol upload ditekan.


<?php
if (isset($_POST['upload'])) {
    $hasil = uploadFile($_FILES['file_upload']);

    if ($hasil) {
        echo "File berhasil diupload: " . $hasil;
    } else {
        echo "Upload gagal";
    }
}
?>

Membatasi Tipe File (Keamanan)

Untuk keamanan, batasi jenis file yang boleh diupload.


$ekstensiValid = ['jpg', 'png', 'jpeg'];
$ekstensiFile = strtolower(pathinfo($namaFile, PATHINFO_EXTENSION));

if (!in_array($ekstensiFile, $ekstensiValid)) {
    return false;
}

Menyimpan Nama File ke Database

Biasanya nama file disimpan ke database.


$query = "INSERT INTO foto (nama_file) VALUES ('$namaBaru')";
mysqli_query($koneksi, $query);

Tips Keamanan Upload File

Batasi ukuran file
Batasi tipe file
Gunakan nama file unik
Simpan file di folder khusus
Jangan izinkan upload file PHP atau EXE

Silakah copy coding dibawah ini:


<!DOCTYPE html>
<html>
<head>
	<?php include '../config/config_conect.php'; ?>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Upload Data</title>
</head>
	<?php 
if( isset($_POST ["upload"]) ){
	//var_dump($_POST);
	if( upload_data ($_POST) > 0 ) {
        echo "
        <script>
        alert('Data Identitas Web berhasil di Upload !')
        document.location.href = '../rekam_medis/rekam_data.php'
        </script>
        ";
        }else {
          echo "
        <script>
        alert('Data Identitas Web gagal di Upload !')
        //document.location.href = '../rekam_medis/rekam_data.php'
        </script>
          ";
          
        }
}
function upload_data ($data) {
    global $koneksi;
    $id_rm      	= htmlspecialchars($data ["id_rm"]);
    $nama       	= htmlspecialchars($data ["nama"]);
    $id_dataFile  = htmlspecialchars($data ["id_dataFile"]);
    $nama_file		= upload_file();
    
        
  $query = "INSERT INTO data_file  
        VALUES
        ('', '$nama_file', '$id_rm', '$nama') ";


    mysqli_query($koneksi, $query);
    return mysqli_affected_rows($koneksi);
}
function upload_file () {
    $namaFile   = $_FILES['nama_file'] ['name'];
    $error      = $_FILES['nama_file'] ['name'];
    $tmpName    = $_FILES['nama_file'] ['tmp_name'];

    //cek data upload
    $ektensiFilesValid = ['PDF','pdf', 'doc', 'docx',  'jfif', 'JPG', 'jpg',  'PNG', 'png', 'JPEG' ,'jpeg'];


    $ekstensiFile = explode('.',$namaFile);
    $ekstensiFile = strtolower(end($ekstensiFile));

    if( !in_array($ekstensiFile, $ektensiFilesValid) ) {
        echo "<script>
                alert('File yang anda upload bukan tidak sesuai !');
              </script>";
        return false;
    }

    // gambar siap di upload
    // generate nama file
    $namaFileBaru = uniqid();
    $namaFileBaru .= '.';
    $namaFileBaru .= $ekstensiFile;
    move_uploaded_file($tmpName, '../../app/file/' . $namaFileBaru);
    return $namaFileBaru;

}

 ?>
 <?php  
					$id = $_GET['id'];
					$query = mysqli_query($koneksi, "SELECT * FROM rekam_medis WHERE id_rm = '$id' ");
					$Get_akses =mysqli_fetch_array($query);  
				?>
<body>
	<center>
		<h4> FORM UPLOAD DATA</h4>
		<form action="" method="POST" enctype="multipart/form-data">
		<table>
			<tr>
				<td>Nama</td>
				<td>:</td>
				<td>
					<input type="hidden" value=" <?php echo $Get_akses ['id_rm']; ?> " name="id_rm">
					<input type="text"   value=" <?php echo $Get_akses ['nama']; ?> " name="nama">
				</td>
			</tr>
			<tr>
				<td>File</td>
				<td>:</td>
				<td>
					<input type="hidden" name="id_dataFile">
					<input type="file" name="nama_file">
				</td>
			</tr>
			</tr>
			<tr>
				<td></td>
				<td></td>
				<td><button type="submite" name="upload">Simpan</button></td>
			</tr>
		</table>
		</form>
	</center>
</body>
</html>

Menambah url untu view file


   </td>
   <?php  
    $id = $rows_dp['id_siswa'];
    $query = mysqli_query($koneksi, "SELECT * FROM dokumen WHERE id_siswa = '$id' ");
    $Get_akses =mysqli_fetch_array($query);  
    ?>
   <td>
      <a href="/latihan_pgsd/app/file/<?php echo $Get_akses ['nama_file']; ?>">View File</a>  
   </td>