Zend File Upload Tutorial | Handling File Uploads with Zend\Form & InputFilter

File Upload in Zend allows users to upload files (e.g., images, videos, documents) from a form to the server. Zend provides native support via $_FILES handling and offers additional tools like Input Filters and Validators.

Why Use File Upload?

Feature	Benefit
Upload Media	Let users upload images, videos, documents
Server-side Validation	Ensure only safe, allowed file types are uploaded
File Previews	Show preview of images/videos after upload
Save in Public Directory	Easily access and use uploaded files in your app

Basic File Upload Structure

1. Add Route in `module.config.php` (module/Application/config/module.config.php)

'upload' => [
  'type' => 'Literal',
  'options' => [
    'route'  => '/upload',
    'defaults' => [
      'controller' => \Application\Controller\UploadController::class,
      'action'   => 'index',
    ],
  ],
],

2. Create Controller (module\Application\src\Controller\UploadController.php)

namespace Application\Controller;

use Laminas\Mvc\Controller\AbstractActionController;
use Laminas\View\Model\ViewModel;

class UploadController extends AbstractActionController
{
   public function indexAction()
   {
      $request = $this->getRequest();
      $fileUrl = null;
      $mimeType = null;

      if ($request->isPost()) {
         $files = $request->getFiles();
         $file = $files['file'] ?? null;

         if ($file && $file['error'] === UPLOAD_ERR_OK) {
            $mimeType = mime_content_type($file['tmp_name']);
            $allowedTypes = ['image/jpeg', 'image/png', 'image/gif', 'video/mp4', 'video/avi', 'video/mov'];

            if (!in_array($mimeType, $allowedTypes)) {
               return new ViewModel(['error' => 'Invalid file type']);
            }

            $uploadDir = 'public/uploads';
            if (!is_dir($uploadDir)) {
               mkdir($uploadDir, 0777, true);
            }

            $filename = time() . '_' . basename($file['name']);
            $targetPath = $uploadDir . '/' . $filename;

            move_uploaded_file($file['tmp_name'], $targetPath);
            $fileUrl = '/uploads/' . $filename;
         } else {
            return new ViewModel(['error' => 'Upload error']);
         }
      }

      return new ViewModel([
         'fileUrl' => $fileUrl,
         'mime'    => $mimeType,
         'error'   => $request->getPost('error', null)
      ]);
   }
}

3. View Template (module\Application\view\application\main\home.phtml)

<h2>📤 File Upload (Image / Video)</h2>

<?php if (!empty($this->error)): ?>
    <div style="color: red;">❌ <?= $this->error ?></div>
<?php endif; ?>

<form method="POST" enctype="multipart/form-data">
    <label>Select File (image/video):</label><br>
    <input type="file" name="file" accept="image/*,video/*" required><br><br>
    <button type="submit">Upload</button>
</form>

<?php if (!empty($this->fileUrl)): ?>
    <h3>✅ Preview:</h3>
    <?php if (strpos($this->mime, 'image/') === 0): ?>
        <img src="<?= $this->fileUrl ?>" alt="Uploaded Image" style="max-width: 300px;">
    <?php elseif (strpos($this->mime, 'video/') === 0): ?>
        <video controls style="max-width: 300px;">
            <source src="<?= $this->fileUrl ?>" type="<?= $this->mime ?>">
            Your browser does not support the video tag.
        </video>
    <?php endif; ?>
<?php endif; ?>

Form Requirement

Element	Required
enctype="multipart/form-data"	Needed to allow file uploads
POST method	Must use POST method

Security Tip

Check	Purpose
mime_content_type()	Ensure file is really an image/video
basename()	Avoid directory traversal
Rename uploaded file	Prevent file name conflicts
CSRF token (optional)	Prevent Cross-Site Request Forgery

❮ Previous

Next ❯

Whereisstuff is simple learing platform for beginer to advance level to improve there skills in technologies.we will provide all material free of cost.you can write a code in runkit workspace and we provide some extrac features also, you agree to have read and accepted our terms of use, cookie and privacy policy.

What is File Upload?