The FileControl Control
The FileControl control presents a Select File button that allows the user to select a file to upload to the
server. The control itself is fairly simple, offering a basic "file" type of textbox that all browsers support.
However, the bigger subject of how to support file uploads can be quite complicated.
PHP itself has some built-in support for file uploads, using the $_FILES super global to provide the names of files
uploaded when a POST call is made to the browser. The FileControl control uses this built-in support to get the file
the user selected. Since this only works with POST calls, to initiate the actual upload, you must use a
Server action. Ajax actions will not work.
Your Server action should do something with the file immediately. PHP will automatically delete
the uploaded file after the server call is processed. PHP provides some functions to manage this process.
See PHP's Handling File Uploads
article for more information.
Any time you allow a user to upload a file to your server, you are creating a security risk. You must be sure
you understand the risks and how to mitigate them. PHP will take care of uploading the file itself to a temporary
directory, and you can find out where the file is with the ->File attribute of the FileControl.
After that, it is up to you to check the file to make sure it is the type of file you expect, and then either move the file
out of the temporary directory, or process it how you would like. You could put the file into a BLOB in your database, move
it to another directory, upload it to a cloud service, or whatever. Just be sure that you take precautions to prevent a
malicious attack unexpectedly coming from a file upload.
This particular example is a simple example of handling upload of a single jpeg file, but is not complete. It does not
handle multiple files selected, nor does it provide enough checks to ensure that the file uploaded is actually a jpeg file,
but it should get you started.