Wordpress file upload

Question

I have this plugin im making and in the file upload system i have this:

$mimes = array('image/jpeg','image/jpg','image/gif','image/png','application/pdf');
if(in_array($_FILES['attach']['type'], $mimes)){
    $error = 0;
}
else {
    $error = 1;
}

Then, along with other error checking i have this to upload the files to a custom folder

if($error == 0) {
    $folder = PLUGIN_DIR . '/uploads/';
    if(is_dir($folder)) {
        $file = $_FILES["attach"]["tmp_name"];
        move_uploaded_file($file, $folder.date('Ymd').'_'.$name);
    }
}

This works perfectly. I've tested it but, is it ok to do like this? Or is there a better way to do it?

Thanks in advance!

Answer 1

check whether free space availability. I had the same issue I have checked every thing and done more but the issue was with my file storage

Answer 2

I think better use this codex.wordpress.org

<?php
// We will check the protection of nonce and that the user can edit this post.
if ( 
    isset( $_POST['my_image_upload_nonce'], $_POST['post_id'] ) 
    && wp_verify_nonce( $_POST['my_image_upload_nonce'], 'my_image_upload' )
    && current_user_can( 'edit_post', $_POST['post_id'] )
) {
    // all OK! We continue.
    // These files must be connected to the front end (front end).
    require_once( ABSPATH . 'wp-admin/includes/image.php' );
    require_once( ABSPATH . 'wp-admin/includes/file.php' );
    require_once( ABSPATH . 'wp-admin/includes/media.php' );

    // Let WordPress catch the download.
    // Do not forget to specify the attribute name field input - 'my_image_upload'
    $attachment_id = media_handle_upload( 'my_image_upload', $_POST['post_id'] );

    if ( is_wp_error( $attachment_id ) ) {
        echo "Error loading media file.";
    } else {
        echo "The media file has been successfully uploaded!";
    }

} else {
    echo "Verification failed. Unable to load file.";
}
?>