upload_form.html
----------------

<FORM ENCTYPE="multipart/form-data" ACTION="upload_process.html" METHOD=POST>
Send File: <INPUT NAME="upload" TYPE="file">
<INPUT TYPE="submit" VALUE="Send">
</FORM>

upload_process.html
-------------------

<?php

// set maximum sizes
//
$max_size   = 100000; // 100KB
$max_width  = 100;    // 100 pixels wide
$max_height = 200;    // 200 pixels high

// PHP 4.x makes four variables available, based on the INPUT NAME form field:
//
//  $HTTP_POST_FILES['upload']['tmp_name'] => temporary filename on server
//  $HTTP_POST_FILES['upload']['name']     => original filename on client
//  $HTTP_POST_FILES['upload']['size']     => file size in bytes
//  $HTTP_POST_FILES['upload']['type']     => file MIME type, if set by browser
//

// require browser to set file MIME type
//
if (($HTTP_POST_FILES['upload']['type'] != "image/gif") &&
    ($HTTP_POST_FILES['upload']['type'] != "image/jpg") &&
    ($HTTP_POST_FILES['upload']['type'] != "image/png") &&
    ($HTTP_POST_FILES['upload']['type'] != "image/swf")) {

  die("ERROR: file was not a GIF, JPEG, PNG, or SWF image");

} // MIME type check

// reject files larger than $max_size
//
if ($HTTP_POST_FILES['upload']['size'] > $max_size) {

  die ("ERROR: file was larger than $max_size bytes");

} // file size check

// test image dimensions using standard PHP function
//
$size = GetImageSize($HTTP_POST_FILES['upload']['tmp_name']);
if ($size[0] > $max_width || $size[1] > $max_height) {

  die ("ERROR: file was more than $max_width pixels wide and $max_height pixels tall");

}

// move file to new location
//
move_uploaded_file($HTTP_POST_FILES['upload']['tmp_name'], "/path/to/uploads/new_file_name");

?>