Jinsi ya Kufanya File Type na Size Validation

FAUSTINE MWOYA November 12, 2025

File validation inahakikisha:

User hawezi kupakia files zisizo halali au hatari.

Ukubwa wa file hauzidi limit uliowekwa.

System inabaki salama kutokana na malicious uploads.

Validation inafanywa kabla ya move_uploaded_file().

⚙️ 2. HTML Form ya File Upload
<form action="upload.php" method="POST" enctype="multipart/form-data">
<input type="file" name="uploaded_file" required>
<button type="submit" name="submit">Upload</button>
</form>

enctype="multipart/form-data" lazima iwe.

name="uploaded_file" ni input tunalotumia PHP.

🧩 3. PHP Script ya File Validation
<?php
if(isset($_POST['submit'])){
$target_dir = "uploads/";

if(!is_dir($target_dir)){
mkdir($target_dir, 0755, true);
}

$file_name = basename($_FILES['uploaded_file']['name']);
$target_file = $target_dir . time() . "_" . $file_name;
$file_type = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
$file_size = $_FILES['uploaded_file']['size'];

// Allowed file types
$allowed_types = ['jpg','jpeg','png','gif','pdf','doc','docx'];

// Max file size (5MB)
$max_size = 5 * 1024 * 1024;

// Validate file type
if(!in_array($file_type, $allowed_types)){
die("❌ Error: Only JPG, PNG, GIF, PDF, DOC allowed.");
}

// Validate file size
if($file_size > $max_size){
die("❌ Error: File too large. Max 5MB allowed.");
}

// Move file
if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $target_file)){
echo "✅ File uploaded successfully: <a href='$target_file' target='_blank'>View File</a>";
} else {
echo "❌ Error uploading file.";
}
}
?>

💡 Maelezo:

in_array() inakagua file extension.

$_FILES['uploaded_file']['size'] inakagua size.

time() . "_" . $file_name inazalisha unique filename.

🔑 4. Vidokezo vya Usalama Zaidi

Check MIME type optionally – mime_content_type() kwa extra security.

Store files outside web root – avoid direct access.

Rename files – prevent overwriting & execution.

Limit folder permissions – usually 0755.

Avoid uploading scripts – .php, .js kwenye public folder.

✅ 5. Hitimisho

File type na size validation ni must-have kwa secure uploads.

Combine na authentication & CSRF tokens kwa web security zaidi.

Best practices: validate type & size, unique filenames, secure directory, avoid scripts.

🔗 Tembelea:

👉 https://www.faulink.com/

Kwa mafunzo zaidi ya PHP, file handling, na secure web application development.

Jinsi ya Kufanya File Type na Size Validation

Comments

All Posts

How to Build a Professional School Management System Using PHP and MySQL (Step-by-Step Guide)

Tengeneza Website na Database ya Kisasa Tanzania | Badilisha Biashara Yako Kuwa Mashine ya Mauzo Mtandaoni

Tengeneza Website na Database ya Biashara Tanzania | Ongeza Mauzo na Wateja Mtandaoni Haraka

Huduma ya Kutengeneza Website na Database Tanzania | Mfumo Kamili wa Biashara Mtandaoni

Tengeneza Database ya Kisasa Tanzania | Mfumo Salama wa Kuhifadhi na Kusimamia Taarifa

Huduma ya Kutengeneza Database Tanzania | Mfumo wa Kisasa wa Usimamizi wa Taarifa

Tengeneza Website ya Kisasa Tanzania | Huduma Bora ya Website Design kwa Biashara

Huduma ya Kutengeneza Website Tanzania | Create Professional Website kwa Biashara Yako

Jinsi ya Kuongeza Google Map Kwenye Website (Bila API Key) – Mwongozo Rahisi wa 2026

Jinsi YouTube Inavyolipa Creators (Mwongozo Kamili wa Malipo + Calculation 2026)

Categories

Recent Posts

Faulink Systems

Subscribe