php上传文件详解
上传文件功能由两个部分组成,HTML页面和PHP处理部分。HTML页面主要是让用户选择所要上传的文件,php部分让我们可以把文件存储到服务器的指定目录。
一.HTML部分
upload.html
<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body>
上传Demo:
<form action="upload.php" method="post" enctype="multipart/form-data">
<input type="file" name="img" />
<input type="submit" name="submit" value="上传" />
</form>
</body>
</html>
说明:
1.Input标签中type="file",表明把输入作为文件来处理。
2.Enctype规定了在提交这个表单时要使用哪种内容类型。在表单需要二进制数据时,比如文件内容,请使用"multipart/form-data",如果要上传文件,这个属性是必要的。
更多关于enctype的内容参见《HTML
二.php部分
upload.php
<?php
$DST_DIR = '/data/upload/';
if ($_FILES['img']['name'] != '') {
if ($_FILES['img']['error'] > 0) {
echo "上传失败";
}
else {
if (move_uploaded_file($_FILES['img']['tmp_name'], $DST_DIR.$_FILES['img']['name'])) {
echo "上传成功";
}
else {
echo "上传失败";
}
}
}
else {
echo "请上传文件";
}
说明:
1. 全局变量$_FILE
此数组包含有所有上传的文件信息。
以我们假设文件上传字段的名称如上例所示,为 img。则
$_FILES['img']['name']
客户端上传的文件的原名称。
$_FILES['img']['type']
文件的 MIME 类型,如果浏览器提供此信息的话。一个例子是“image/gif”。不过此 MIME 类型在 PHP 端并不检查,因此不要想当然认为有这个值。$_FILES['img']['size']:已上传文件的大小,单位为字节。
$_FILES['img']['size']
已上传文件的大小,单位为字节。
$_FILES['img']['tmp_name']
文件被上传后在服务端储存的临时文件名。
$_FILES['img']['error']
和该文件上传相关的错误代码。
2. 关于错误码
$_FILES['img']['error']有以下几种类型
UPLOAD_ERR_OK
其值为 0,没有错误发生,文件上传成功。
UPLOAD_ERR_INI_SIZE
其值为 1,上传的文件超过了 php.ini 中 upload_max_filesize选项限制的值。
UPLOAD_ERR_FORM_SIZE
其值为 2,上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值。
UPLOAD_ERR_PARTIAL
其值为 3,文件只有部分被上传。
UPLOAD_ERR_NO_FILE
其值为 4,没有文件被上传。
UPLOAD_ERR_NO_TMP_DIR
其值为 6,找不到临时文件夹。PHP 4.3.10 和 PHP 5.0.3 引进。
UPLOAD_ERR_CANT_WRITE
其值为 7,文件写入失败。PHP 5.1.0 引进。
3.move_uploaded_file
文件被上传后,默认地会被储存到服务端的默认临时目录中(除非 php.ini 中的 upload_tmp_dir设置为其它的路径),文件名是随机的。如果该文件没有被移动到其它地方也没有被改名,则该文件将在表单请求结束时被删除。因此需要通过move_uploaded_file移动临时文件。
经实验copy也能完成move_uploaded_file的功能,为啥要用move_uploaded_file呢?有说法是move_uploaded_file会对上传文件做一些检查,防止copy引起的一些安全漏洞。但具体copy会带来什么问题呢?我并没有查到。有知道的同学,欢迎留言。
Anyway,既然php给了特定的函数,必然有一定道理,先这么用吧。
三.安全检查
可以考虑通过$_FILES['img']['size']和$_FILES['img']['type']对上传的文件做一些安全检查,比如限定上传类型,上传文件的大小等。
附:
《与文件上传有关的php配置参数》
Explain how load balancing affects session management and how to address it.Apr 29, 2025 am 12:42 AMLoad balancing affects session management, but can be resolved with session replication, session stickiness, and centralized session storage. 1. Session Replication Copy session data between servers. 2. Session stickiness directs user requests to the same server. 3. Centralized session storage uses independent servers such as Redis to store session data to ensure data sharing.
Explain the concept of session locking.Apr 29, 2025 am 12:39 AMSessionlockingisatechniqueusedtoensureauser'ssessionremainsexclusivetooneuseratatime.Itiscrucialforpreventingdatacorruptionandsecuritybreachesinmulti-userapplications.Sessionlockingisimplementedusingserver-sidelockingmechanisms,suchasReentrantLockinJ
Are there any alternatives to PHP sessions?Apr 29, 2025 am 12:36 AMAlternatives to PHP sessions include Cookies, Token-based Authentication, Database-based Sessions, and Redis/Memcached. 1.Cookies manage sessions by storing data on the client, which is simple but low in security. 2.Token-based Authentication uses tokens to verify users, which is highly secure but requires additional logic. 3.Database-basedSessions stores data in the database, which has good scalability but may affect performance. 4. Redis/Memcached uses distributed cache to improve performance and scalability, but requires additional matching
Define the term 'session hijacking' in the context of PHP.Apr 29, 2025 am 12:33 AMSessionhijacking refers to an attacker impersonating a user by obtaining the user's sessionID. Prevention methods include: 1) encrypting communication using HTTPS; 2) verifying the source of the sessionID; 3) using a secure sessionID generation algorithm; 4) regularly updating the sessionID.
What is the full form of PHP?Apr 28, 2025 pm 04:58 PMThe article discusses PHP, detailing its full form, main uses in web development, comparison with Python and Java, and its ease of learning for beginners.
How does PHP handle form data?Apr 28, 2025 pm 04:57 PMPHP handles form data using $\_POST and $\_GET superglobals, with security ensured through validation, sanitization, and secure database interactions.
What is the difference between PHP and ASP.NET?Apr 28, 2025 pm 04:56 PMThe article compares PHP and ASP.NET, focusing on their suitability for large-scale web applications, performance differences, and security features. Both are viable for large projects, but PHP is open-source and platform-independent, while ASP.NET,
Is PHP a case-sensitive language?Apr 28, 2025 pm 04:55 PMPHP's case sensitivity varies: functions are insensitive, while variables and classes are sensitive. Best practices include consistent naming and using case-insensitive functions for comparisons.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Atom editor mac version download
The most popular open source editor
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
Dreamweaver Mac version
Visual web development tools
SublimeText3 Linux new version
SublimeText3 Linux latest version
Dreamweaver CS6
Visual web development tools
