What's the best way to create a single-file upload form using PHP?

Question

I\'ve found a few samples online but I\'d like to get feedback from people who use PHP daily as to potential security or performance considerations and their solutions.

Answer 1

Security is a pretty big thing with regards to file uploads, adding a .htaccess to the uploads folder which stops scripts being run from it could be handy to add just an extra layer of security.

.htaccess

Options -Indexes
Options -ExecCGI
AddHandler cgi-script .php .php3 .php4 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi 

Reference: http://www.mysql-apache-php.com/fileupload-security.htm