PHP Media Upload Library

I'm currently in the process of searching for a media upload library for PHP that can manage multiple types of files. Either a single library or a combination of different ones would work equally well.

I could write some simple upload code that checks what type of file, and incorporate some simple security measures, but I'd much rather leave it up to someone else more qualified.

Features I'm looking for in such a library:

• Checking for file type. I would like the library to have a whitelist of types of files that can be uploaded, and be to able to check if the file uploaded is indeed on that whitelist. The checking process would have to do more than just check the file extension. Example: Only uploading .jpg, .png, .mp3, .avi is allowed.

• Either a very comprehensive settings page/section or understandable and editable code. I'd like to be able to mold the library to fit the structure of my site, not the other 开发者_运维问答way around.

• Security checks. I would like there to be a system of security checks to make sure that files are not a possible security threat to my website.

• Free. I'd rather not buy a library.

Tools I've Found So Far:

Due to the universal need for file upload code, there are tons of upload libraries out there, such as:

• class.upload.php -- Manages the uploading, saving, and resizing of images.

• Pear PHP's HTTP_Upload -- Manages files submitted via HTTP forms.

• Easy PHP Upload -- Validates and manages file upload via Web forms

• EasyUp -- Simply manages file upload.

The problem is, there's just so many libraries, frameworks, and classes out there that it's hard to choose one (or multiple to work in combination) and know that it's going to be reliable and work well.

So, it would be amazing if I could get some recommendations on what in your opinion the best file upload library or libraries are for PHP that contain the features I'm looking for!

Thanks a ton!

Well, it depends on just what you want uploaded. Is it just images? Text files? Videos?

At any rate, a library wouldn't actually be needed because PHP has a very powerful built in upload function.

This page here shows a good example of how to make a basic form and implementing some basic security checks, including checking the file extension. PHP is very secure as it is, though you'll have to decide for yourself what file extensions you will accept. Generally, it's best to choose specifically what you will accept, rather than limiting out a few high risk files only. For example, unless they're needed and you want to support them, avoid supporting archives (such as 7z, bz2, or zip) or executables.

As well, if you want to put a very basic virus scan into the newly uploaded file, you can use a method similar to this one.

You want to be able to meld your site around the desired library? Using PHP lets you do that better than anything, and it's relatively simple to do.