Handle AJAX Multiple File Upload Using PHP And MariaDB

Live stream set for 2025-10-22 at 14:00:00 Eastern

Ask questions in the live chat about any programming or lifestyle topic.

This livestream will be on YouTube or you can watch below.

Beginner’s Guide: Secure File Uploads with PHP, AJAX, and MariaDB

In our previous tutorial, we focused on the frontend, using HTML5 and the Fetch API to create a sleek, drag-and-drop user interface for file uploads. That was all about making the user experience seamless.

Now, we shift our focus to the engine room: the backend. This is where the real work happens- where we secure the data, process the files, and permanently store information in our database. This guide will walk you through setting up a robust PHP script to handle the Fetch API requests and interact with a MariaDB database.

1. Understanding the Backend’s Role

The backend’s primary job is to process the data sent from the frontend securely and efficiently. For file uploads, this means:

Validation: Checking file size, type, and quantity.
Processing: Saving the file to a secure location on the server.
Database Interaction: Recording the file’s information (like its name, path, and user ID) into the database.
Action Handling: Managing operations like deletion and replacement.

2. Setting up the PHP Handler for Fetch

The frontend sends the files and other data to your PHP script via the Fetch API. On the backend, PHP reads this data from the global $_FILES superglobal array.

Your PHP handler needs to listen for a specific action passed in the request. For example, the request might include an action flag like ‘upload’, ‘delete’, or ‘replace’.

<?php
// PHP Script to handle AJAX/Fetch requests (e.g., upload_handler.php)

// 1. Database Connection Setup (Replace with your credentials)
$conn = new mysqli("localhost", "user", "password", "database");

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

// 2. Security and Setup
$upload_dir = 'uploads/'; // Ensure this directory exists and is writable!
// ... (Your security checks for user authentication would go here)

if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['file_data'])) {
    $action = $_POST['action'] ?? 'upload'; // Get the intended action

    foreach ($_FILES['file_data']['name'] as $key => $name) {
        // Basic security and sanitization before proceeding
        $safe_name = preg_replace("/[^A-Za-z0-9.]/", '_', $name);
        $temp_path = $_FILES['file_data']['tmp_name'][$key];
        $target_file = $upload_dir . basename($safe_name);

        if ($action === 'upload' && move_uploaded_file($temp_path, $target_file)) {
            // Success: Save details to MariaDB
            $stmt = $conn->prepare("INSERT INTO files (file_name, file_path) VALUES (?, ?)");
            $stmt->bind_param("ss", $safe_name, $target_file);
            $stmt->execute();
            // ... Respond to frontend
        } else {
            // Handle error or other actions
        }
    }
}
?>

3. Handling Replacement and Deletion Actions

This is where the power of a database comes in. To handle file replacement or deletion, you primarily interact with MariaDB.

File Deletion

When the frontend sends a ‘delete’ action along with a unique file ID:

Delete from Server: Use PHP’s unlink() function to remove the physical file from the uploads/ directory.
Delete from Database: Run a SQL DELETE command on your MariaDB table using the file ID.

DELETE FROM files WHERE id = [file_id];

File Replacement

When the frontend sends a ‘replace’ action:

Get Old Data: Retrieve the existing file path from MariaDB using the old file’s ID.
Upload New File: Save the new file to the server (as shown in Step 2).
Remove Old File: Use unlink() to delete the original file.
Update Database: Run a SQL UPDATE command to point the existing file ID to the new file name and path.

UPDATE files SET file_name = 'new_name.jpg', file_path = 'uploads/new_name.jpg' WHERE id = [file_id];

Screenshots and Screencast

Gnome Text Editor Displaying Fetch URL For File Upload HTML Code

Gnome Text Editor Displaying PHP File Upload Code

Web Browser Displaying A Drag And Drop Multiple File Upload Form

Web Browser Displaying A Failed Multiple File Upload

Web Browser RUnning PHPMyAdmin Displaying A List Of Uploaded Files

PHP Multiple File Upload AJAX Video

Ready to Master PHP?

This backend process is a core skill for any serious web developer. If youâ€™re a beginner ready to dive deep into PHP, I highly recommend checking out my resources:

My Book: Learning PHP Programming
It’s the perfect structured guide for building a strong foundation in PHP.

https://www.amazon.com/Learning-PHP-Programming-Edward-Ojambo-ebook/dp/B0D442PR8T
My Course: Learning PHP
A comprehensive course designed to take you from novice to confident PHP developer.

https://ojamboshop.com/product/learning-php

Need hands-on help with your projects? I’m available for one-on-one programming tutorials and services like framework updates or migration.

Contact me for direct consultation:

https://ojambo.com/contact

Recommended Resources:

Starlink Residential Service

Disclosure: Some of the links above are referral (affiliate) links. I may earn a commission if you purchase through them - at no extra cost to you.