Home > Article > Backend Development > PHP implementation of file upload and download examples and summary, _PHP tutorial
1. Upload principle and configuration
1.1 Principle
Upload the client files to the server, and then move the server files (temporary files) to the specified directory.
1.2 Client Configuration
Required: form page (select upload file);
Specifically: the sending method is POST, add the enctype="multipart/form-data" attribute, both are indispensable (however, both advantages and disadvantages coexist, here also limits the upload method and the call after the uploaded file etc., which will be discussed later)
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <form action="doAction.php" method="post" enctype="multipart/form-data"> 请选择您要上传的文件: <input type="file" name="myFile" /><br/> <input type="submit" value="上传"/> </form> <?php ?> </body> </html>
First is the form page (please ignore the front-end issues automatically...), the key is the attribute of the form; the other is the use of type="file" in the input (reflecting the powerful expansion of PHP, etc.).
Then doAction
<?php //$_FILES:文件上传变量 //print_r($_FILES); $filename=$_FILES['myFile']['name']; $type=$_FILES['myFile']['type']; $tmp_name=$_FILES['myFile']['tmp_name']; $size=$_FILES['myFile']['size']; $error=$_FILES['myFile']['error']; //将服务器上的临时文件移动到指定位置 //方法一move_upload_file($tmp_name,$destination) //move_uploaded_file($tmp_name, "uploads/".$filename);//文件夹应提前建立好,不然报错 //方法二copy($src,$des) //以上两个函数都是成功返回真,否则返回false //copy($tmp_name, "copies/".$filename); //注意,不能两个方法都对临时文件进行操作,临时文件似乎操作完就没了,我们试试反过来 copy($tmp_name, "copies/".$filename); move_uploaded_file($tmp_name, "uploads/".$filename); //能够实现,说明move那个函数基本上相当于剪切;copy就是copy,临时文件还在 //另外,错误信息也是不一样的,遇到错误可以查看或者直接报告给用户 if ($error==0) { echo "上传成功!"; }else{ switch ($error){ case 1: echo "超过了上传文件的最大值,请上传2M以下文件"; break; case 2: echo "上传文件过多,请一次上传20个及以下文件!"; break; case 3: echo "文件并未完全上传,请再次尝试!"; break; case 4: echo "未选择上传文件!"; break; case 5: echo "上传文件为0"; break; } }
Let’s take a look at the information print_r($_FILES) first
Array ( [myFile] => Array ( [name] => 梁博_简历.doc [type] => application/msword [tmp_name] => D:\wamp\tmp\php1D78.tmp [error] => 0 [size] => 75776 ) )
So what you get is a two-dimensional array. How to use it is all basic things (in fact, I like to reduce the dimension and then use it);
It’s basically something you can understand at a glance. It’s not verbose. There are two key points: tmp_name temporary file name; error error message (code name, you can use it later);
Then let’s take a look at the last part of doAction, which uses error information to feed back to the user. What needs to be explained is why the error is reported and what the error message is;
1.3 About error reporting
--Reason for error reporting
Basically, they exceed or do not comply with the server’s configuration for uploading files. So what are the server-side configurations?
First consider uploading what we used? POST, upload
So look for these items in php.ini:
file_upload:On upload_tmp_dir=——临时文件保存目录; upload_max_filesize=2M max_file_uploads=20——允许一次上传的最大文件数量(注意和上面那个的区别,有没有size,别乱想) post_max_size=8M——post方式发送数据的最大值
Other related configurations
max_exectuion_time=-1——maximum execution time to prevent the program from occupying server resources;
max_input_time=60
max_input_nesting_level=64——Input nesting depth;
memory_limit=128M——Maximum independent memory usage of a single thread
In short, it is all about the allocation of resources.
--error number
The following (lazy) quote is from http://blog.sina.com.cn/s/blog_3cdfaea201008utf.html
UPLOAD_ERR_OK Value: 0; No error occurred and the file was uploaded successfully.
UPLOAD_ERR_INI_SIZE Value: 1; The uploaded file exceeds the limit of the upload_max_filesize option in php.ini.
UPLOAD_ERR_FORM_SIZE Value: 2; The size of the uploaded file exceeds the value specified by the MAX_FILE_SIZE option in the HTML form.
UPLOAD_ERR_PARTIAL Value: 3; Only part of the file was uploaded.
UPLOAD_ERR_NO_FILE Value: 4; No file was uploaded.
Note: This error message is the information uploaded in the first step, that is, uploaded to a temporary folder, not the case of move or copy.
2. Upload related restrictions
2.1 Client Limitations
<form action="doAction2.php" method="post" enctype="multipart/form-data"> <input type="hidden" name="MAX_FILE_SIZE" value="101321" /> 请选择您要上传的文件: <input type="file" name="myFile" accept="image/jpeg,image/gif,text/html"/><br/> <input type="submit" value="上传"/> </form>
The input attribute is used here to limit the size and type of uploaded files, but my personal feeling is: first, the html code is "visible"; second, it often doesn't work (I haven't found the reason, but because of the first one I I want to give it up too, just know it.
2.2 Server-side restrictions
The main restrictions are size and type, and then there is the method.
<?php header('content-type:text/html;charset=utf-8'); //接受文件,临时文件信息 $fileinfo=$_FILES["myFile"];//降维操作 $filename=$fileinfo["name"]; $tmp_name=$fileinfo["tmp_name"]; $size=$fileinfo["size"]; $error=$fileinfo["error"]; $type=$fileinfo["type"]; //服务器端设定限制 $maxsize=10485760;//10M,10*1024*1024 $allowExt=array('jpeg','jpg','png','tif');//允许上传的文件类型(拓展名 $ext=pathinfo($filename,PATHINFO_EXTENSION);//提取上传文件的拓展名 //目的信息 $path="uploads"; if (!file_exists($path)) { //当目录不存在,就创建目录 mkdir($path,0777,true); chmod($path, 0777); } //$destination=$path."/".$filename; //得到唯一的文件名!防止因为文件名相同而产生覆盖 $uniName=md5(uniqid(microtime(true),true)).$ext;//md5加密,uniqid产生唯一id,microtime做前缀 if ($error==0) { if ($size>$maxsize) { exit("上传文件过大!"); } if (!in_array($ext, $allowExt)) { exit("非法文件类型"); } if (!is_uploaded_file($tmp_name)) { exit("上传方式有误,请使用post方式"); } if (@move_uploaded_file($tmp_name, $uniName)) {//@错误抑制符,不让用户看到警告 echo "文件".$filename."上传成功!"; }else{ echo "文件".$filename."上传失败!"; } //判断是否为真实图片(防止伪装成图片的病毒一类的 if (!getimagesize($tmp_name)) {//getimagesize真实返回数组,否则返回false exit("不是真正的图片类型"); } }else{ switch ($error){ case 1: echo "超过了上传文件的最大值,请上传2M以下文件"; break; case 2: echo "上传文件过多,请一次上传20个及以下文件!"; break; case 3: echo "文件并未完全上传,请再次尝试!"; break; case 4: echo "未选择上传文件!"; break; case 7: echo "没有临时文件夹"; break; } }
Here, the specific implementation is commented. You can actually try every step by yourself, which is very interesting.
2.3 Packaging
Function
<?php function uploadFile($fileInfo,$path,$allowExt,$maxSize){ $filename=$fileInfo["name"]; $tmp_name=$fileInfo["tmp_name"]; $size=$fileInfo["size"]; $error=$fileInfo["error"]; $type=$fileInfo["type"]; //服务器端设定限制 $ext=pathinfo($filename,PATHINFO_EXTENSION); //目的信息 if (!file_exists($path)) { mkdir($path,0777,true); chmod($path, 0777); } $uniName=md5(uniqid(microtime(true),true)).'.'.$ext; $destination=$path."/".$uniName; if ($error==0) { if ($size>$maxSize) { exit("上传文件过大!"); } if (!in_array($ext, $allowExt)) { exit("非法文件类型"); } if (!is_uploaded_file($tmp_name)) { exit("上传方式有误,请使用post方式"); } //判断是否为真实图片(防止伪装成图片的病毒一类的 if (!getimagesize($tmp_name)) {//getimagesize真实返回数组,否则返回false exit("不是真正的图片类型"); } if (@move_uploaded_file($tmp_name, $destination)) {//@错误抑制符,不让用户看到警告 echo "文件".$filename."上传成功!"; }else{ echo "文件".$filename."上传失败!"; } }else{ switch ($error){ case 1: echo "超过了上传文件的最大值,请上传2M以下文件"; break; case 2: echo "上传文件过多,请一次上传20个及以下文件!"; break; case 3: echo "文件并未完全上传,请再次尝试!"; break; case 4: echo "未选择上传文件!"; break; case 7: echo "没有临时文件夹"; break; } } return $destination; }
Call
<?php header('content-type:text/html;charset=utf-8'); $fileInfo=$_FILES["myFile"]; $maxSize=10485760;//10M,10*1024*1024 $allowExt=array('jpeg','jpg','png','tif'); $path="uploads"; include_once 'upFunc.php'; uploadFile($fileInfo, $path, $allowExt, $maxSize);
3. Implementation of uploading multiple files
3.1 Using single file encapsulation
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <form action="doAction5.php" method="post" enctype="multipart/form-data"> 请选择您要上传的文件:<input type="file" name="myFile1" /><br/> 请选择您要上传的文件:<input type="file" name="myFile2" /><br/> 请选择您要上传的文件:<input type="file" name="myFile3" /><br/> 请选择您要上传的文件:<input type="file" name="myFile4" /><br/> <input type="submit" value="上传"/> </form> </body> </html>
<?php //print_r($_FILES); header('content-type:text/html;charset=utf-8'); include_once 'upFunc.php'; foreach ($_FILES as $fileInfo){ $file[]=uploadFile($fileInfo); }
The idea here can be found from print_r($_FILES). When you print it out, you will see that it is a two-dimensional array. It is very simple. Just traverse it and use it!
Change the definition of the function above and give some default values
function uploadFile($fileInfo,$path="uploads",$allowExt=array('jpeg','jpg','png','tif'),$maxSize=10485760){
In this way, it is simple, but there are some problems.
It is no problem to upload 4 pictures normally, but if the exit in the function is activated in the middle, it will stop immediately, causing other pictures to be unable to be uploaded.
3.2 upgraded version package
Aimed at encapsulating multiple or single file uploads
First write a static file like this
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <form action="doAction5.php" method="post" enctype="multipart/form-data"> 请选择您要上传的文件:<input type="file" name="myFile[]" /><br/> 请选择您要上传的文件:<input type="file" name="myFile[]" /><br/> 请选择您要上传的文件:<input type="file" name="myFile[]" /><br/> 请选择您要上传的文件:<input type="file" name="myFile[]" /><br/> <input type="submit" value="上传"/> </form> </body> </html>
Print $_FILES
Array ( [myFile] => Array ( [name] => Array ( [0] => test32.png [1] => test32.png [2] => 333.png [3] => test41.png ) [type] => Array ( [0] => image/png [1] => image/png [2] => image/png [3] => image/png ) [tmp_name] => Array ( [0] => D:\wamp\tmp\php831C.tmp [1] => D:\wamp\tmp\php834C.tmp [2] => D:\wamp\tmp\php837C.tmp [3] => D:\wamp\tmp\php83BB.tmp ) [error] => Array ( [0] => 0 [1] => 0 [2] => 0 [3] => 0 ) [size] => Array ( [0] => 46174 [1] => 46174 [2] => 34196 [3] => 38514 ) ) )
You can get a three-dimensional array.
It’s complicated, but it’s complicated in a regular way, and all the values are together, which is very convenient for us to get the values! !
So get the file information first and turn it into a single file processing type of information
function getFiles(){ $i=0; foreach($_FILES as $file){ if(is_string($file['name'])){ //单文件判定 $files[$i]=$file; $i++; }elseif(is_array($file['name'])){ foreach($file['name'] as $key=>$val){ //我的天,这个$key用的diao $files[$i]['name']=$file['name'][$key]; $files[$i]['type']=$file['type'][$key]; $files[$i]['tmp_name']=$file['tmp_name'][$key]; $files[$i]['error']=$file['error'][$key]; $files[$i]['size']=$file['size'][$key]; $i++; } } } return $files; }
Then for the exit error before, just change the exit. Use res here
function uploadFile($fileInfo,$path='./uploads',$flag=true,$maxSize=1048576,$allowExt=array('jpeg','jpg','png','gif')){ //$flag=true; //$allowExt=array('jpeg','jpg','gif','png'); //$maxSize=1048576;//1M //判断错误号 $res=array(); if($fileInfo['error']===UPLOAD_ERR_OK){ //检测上传得到小 if($fileInfo['size']>$maxSize){ $res['mes']=$fileInfo['name'].'上传文件过大'; } $ext=getExt($fileInfo['name']); //检测上传文件的文件类型 if(!in_array($ext,$allowExt)){ $res['mes']=$fileInfo['name'].'非法文件类型'; } //检测是否是真实的图片类型 if($flag){ if(!getimagesize($fileInfo['tmp_name'])){ $res['mes']=$fileInfo['name'].'不是真实图片类型'; } } //检测文件是否是通过HTTP POST上传上来的 if(!is_uploaded_file($fileInfo['tmp_name'])){ $res['mes']=$fileInfo['name'].'文件不是通过HTTP POST方式上传上来的'; } if($res) return $res; //$path='./uploads'; if(!file_exists($path)){ mkdir($path,0777,true); chmod($path,0777); } $uniName=getUniName(); $destination=$path.'/'.$uniName.'.'.$ext; if(!move_uploaded_file($fileInfo['tmp_name'],$destination)){ $res['mes']=$fileInfo['name'].'文件移动失败'; } $res['mes']=$fileInfo['name'].'上传成功'; $res['dest']=$destination; return $res; }else{ //匹配错误信息 switch ($fileInfo ['error']) { case 1 : $res['mes'] = '上传文件超过了PHP配置文件中upload_max_filesize选项的值'; break; case 2 : $res['mes'] = '超过了表单MAX_FILE_SIZE限制的大小'; break; case 3 : $res['mes'] = '文件部分被上传'; break; case 4 : $res['mes'] = '没有选择上传文件'; break; case 6 : $res['mes'] = '没有找到临时目录'; break; case 7 : case 8 : $res['mes'] = '系统错误'; break; } return $res; } }
It contains two small ones
function getExt($filename){ return strtolower(pathinfo($filename,PATHINFO_EXTENSION)); } /** * 产生唯一字符串 * @return string */ function getUniName(){ return md5(uniqid(microtime(true),true)); }
Then use the multiple attribute to input multiple files statically;
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <form action="doAction6.php" method="POST" enctype="multipart/form-data"> 请选择您要上传的文件:<input type="file" name="myFile[]" multiple='multiple' /><br/> <input type="submit" value="上传"/> </form> </body> </html>
doAction6
<?php //print_r($_FILES); header("content-type:text/html;charset=utf-8"); require_once 'upFunc2.php'; require_once 'common.func.php'; $files=getFiles(); // print_r($files); foreach($files as $fileInfo){ $res=uploadFile($fileInfo); echo $res['mes'],'<br/>'; $uploadFiles[]=@$res['dest']; } $uploadFiles=array_values(array_filter($uploadFiles)); //print_r($uploadFiles);
A few files like this can realize a relatively powerful process-oriented function of uploading files (it’s a sad thing to learn...);
4. Object-oriented file upload
(It’s not easy to write... Paste it here first and then talk...
<?php class upload{ protected $fileName; protected $maxSize; protected $allowMime; protected $allowExt; protected $uploadPath; protected $imgFlag; protected $fileInfo; protected $error; protected $ext; /** * @param string $fileName * @param string $uploadPath * @param string $imgFlag * @param number $maxSize * @param array $allowExt * @param array $allowMime */ public function __construct($fileName='myFile',$uploadPath='./uploads',$imgFlag=true,$maxSize=5242880,$allowExt=array('jpeg','jpg','png','gif'),$allowMime=array('image/jpeg','image/png','image/gif')){ $this->fileName=$fileName; $this->maxSize=$maxSize; $this->allowMime=$allowMime; $this->allowExt=$allowExt; $this->uploadPath=$uploadPath; $this->imgFlag=$imgFlag; $this->fileInfo=$_FILES[$this->fileName]; } /** * 检测上传文件是否出错 * @return boolean */ protected function checkError(){ if(!is_null($this->fileInfo)){ if($this->fileInfo['error']>0){ switch($this->fileInfo['error']){ case 1: $this->error='超过了PHP配置文件中upload_max_filesize选项的值'; break; case 2: $this->error='超过了表单中MAX_FILE_SIZE设置的值'; break; case 3: $this->error='文件部分被上传'; break; case 4: $this->error='没有选择上传文件'; break; case 6: $this->error='没有找到临时目录'; break; case 7: $this->error='文件不可写'; break; case 8: $this->error='由于PHP的扩展程序中断文件上传'; break; } return false; }else{ return true; } }else{ $this->error='文件上传出错'; return false; } } /** * 检测上传文件的大小 * @return boolean */ protected function checkSize(){ if($this->fileInfo['size']>$this->maxSize){ $this->error='上传文件过大'; return false; } return true; } /** * 检测扩展名 * @return boolean */ protected function checkExt(){ $this->ext=strtolower(pathinfo($this->fileInfo['name'],PATHINFO_EXTENSION)); if(!in_array($this->ext,$this->allowExt)){ $this->error='不允许的扩展名'; return false; } return true; } /** * 检测文件的类型 * @return boolean */ protected function checkMime(){ if(!in_array($this->fileInfo['type'],$this->allowMime)){ $this->error='不允许的文件类型'; return false; } return true; } /** * 检测是否是真实图片 * @return boolean */ protected function checkTrueImg(){ if($this->imgFlag){ if(!@getimagesize($this->fileInfo['tmp_name'])){ $this->error='不是真实图片'; return false; } return true; } } /** * 检测是否通过HTTP POST方式上传上来的 * @return boolean */ protected function checkHTTPPost(){ if(!is_uploaded_file($this->fileInfo['tmp_name'])){ $this->error='文件不是通过HTTP POST方式上传上来的'; return false; } return true; } /** *显示错误 */ protected function showError(){ exit('<span style="color:red">'.$this->error.'</span>'); } /** * 检测目录不存在则创建 */ protected function checkUploadPath(){ if(!file_exists($this->uploadPath)){ mkdir($this->uploadPath,0777,true); } } /** * 产生唯一字符串 * @return string */ protected function getUniName(){ return md5(uniqid(microtime(true),true)); } /** * 上传文件 * @return string */ public function uploadFile(){ if($this->checkError()&&$this->checkSize()&&$this->checkExt()&&$this->checkMime()&&$this->checkTrueImg()&&$this->checkHTTPPost()){ $this->checkUploadPath(); $this->uniName=$this->getUniName(); $this->destination=$this->uploadPath.'/'.$this->uniName.'.'.$this->ext; if(@move_uploaded_file($this->fileInfo['tmp_name'], $this->destination)){ return $this->destination; }else{ $this->error='文件移动失败'; $this->showError(); } }else{ $this->showError(); } } } <?php header('content-type:text/html;charset=utf-8'); require_once 'upload.class.php'; $upload=new upload('myFile1','imooc'); $dest=$upload->uploadFile(); echo $dest;
4. Download
对于浏览器不识别的,可以直接下载,但对于能识别的,需要多一两步
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Insert title here</title> </head> <body> <a href="1.rar">下载1.rar</a> <br /> <a href="1.jpg">下载1.jpg</a> <br /> <a href="doDownload.php?filename=1.jpg">通过程序下载1.jpg</a> <br /> <a href="doDownload.php?filename=../upload/nv.jpg">下载nv.jpg</a> <?php ?> </body> </html> <?php $filename=$_GET['filename']; header('content-disposition:attachment;filename='.basename($filename)); header('content-length:'.filesize($filename)); readfile($filename);
------------------总结-----------------------
a883eb9f3f57796a07128c7d29e943d2
e6b689fdce2c30da7d31e1a121bdd0cd076402276aae5dbec7f672f8f4e5cc81
二维数组的降维处理;
$_FILES变量
move_upload_file();copy();
tmp_name临时文件;
拓展名的提取;
真实图片的验证;
唯一文件名的生成;
函数封装以及调用;
利用单个文件函数实现多文件上传;
小功能的封装;
多文件的遍历;
面向对象的开发过程;