Treating this purely as an Apache question, because I tend to think that's what it is.

Does it have to display at all? Or would you settle for forcing the unwanted user to download the raw file instead? (By weird coincidence, someone had a similar problem just a few weeks ago. Or maybe I should say "mirror-image problem", because in his case the download was happening against his wishes and he wanted it to stop.)

One approach is an AddType line:

<FilesMatch "\.(P[Hh][Pp]|pH[Pp]|phP)$">
AddType application/octet-stream
</FilesMatch

The FilesMatch envelope is needed because AddType itself is case-insensitive, darn it, while Files(Match) is case-sensitive. (At least I hope so. I've always worked on the assumption that it is.) The term "octet-stream" simply means "I decline to state what kind of file this is, so you will jolly well be forced to download it".

Wait, did you say that .php (lower-case) is converted to txt at the moment of upload? So there will never be any real, intentional php files? In that case, case may not matter and you could just say outright

AddType application/octet-stream .php

in the relevant directory.

I'm sure there is a cleaner way to do it; I will continue exploring.

Putting in this link [webmasterworld.com] here because it took me forever to find it and past experience says I'll be looking for it again.

Dear Lucy24 thank you for you reply

i don't mind if the file will be downloaded or to display as text,as long it doesn't executed as php script,on my school portal student upload mostly just document file mostly for study (doc,pdf,research document,Img)

but it doesn't forbid any specific file to be uploaded so extension like exe,zip,rar still can be uploaded also a php file but it will auto rename to a Txt file but like i said earlier if some one upload file name as file.Php or File.phP it not auto rename as text .it will be store in uploaded directory with file name File.phP .
and if he/she access directly for example www.domain.com/files/doc/articles_file/architech/student_name_uniquenamexxx/file.Php or www.domain.com/files/doc/file/Math/student_name_uniquenamexxx/file.Php it will executed as php file

I read on stackoverflow how to using htaccess to display php file as text and it work very well but only on static folder but the problem is on my school portal when user submit new report or article and attach an attachment on it,it create auto generate folder name inside files folder(based on category and the name is auto generate with unique on each folder like "student_name_uniquenamexxx") and i have to put manually on each generated folder the htaccess which is really time consuming because so many student

can by just using htaccess we can forbid php file being executed from files directory and its generated subdirectory without copying manualy the htaccess file on each folder? any php (Php,phP php.jpg,PHP.gif%%) file starting from /FILES/ folder

Thank you

it work very well but only on static folder
...
/var/www/host/files/doc/file/
/var/www/host/files/doc/articles_file/

It sounds as if you need to move the htaccess file further upstream. Remember that everything will be inherited. So if you put a rule in /files/doc/ it will continue to work in /files/doc/articles_file/ and /files/doc/otherstuff/ and /files/doc/any/path/here/ et cetera. Similarly if you put the rule in /files/ it will work in /files/doc/ and all its descendants. So the trick is simply to put the rule in the highest possible place.

Does everything end up in /host/files/ ? Is there anything inside /host/files/ that really has the php (lower-case) extension? If you need to allow "real" php files to be processed, use the FilesMatch approach. (I tested. It's case-sensitive-- at least on my server.) If there are none at this stage, just put the rule loose in the htaccess for this directory.

Edit:
Earlier I said

<FilesMatch "\.(P[Hh][Pp]|pH[Pp]|phP)$">

looking only at the extension. If you've also got things like "PhP.jpg" to look out for (really? how does that work?) change the pattern to

\b(P[Hh][Pp]|pH[Pp]|phP)\b