Home >Backend Development >PHP Tutorial >PHP file upload source code analysis (RFC1867)_PHP tutorial
PHP file upload source code analysis (RFC1867) Friends who need to know can refer to
. HTTP-based upload is relatively much easier to use and safer than FTP. The upload methods that can be applied include PUT , WEBDAV, and RFC1867. This article will analyze how to implement file upload based on RFC1867 in PHP.
RFC1867
RCF1867 is the Form-based File Upload in HTML standard protocol, RFC1867 The standard makes two changes to HTML:
1 adds a file option to the type attribute of the input element.
2 The input tag can have an accept attribute, which can specify a list of file types or file formats that can be uploaded.
In addition, this standard also defines a new mime type: multipart/form-data, and when processing a file with enctype="multipart/form-data" and/or containing < The behavior that should be taken when entering a form marked with input type="file">.
For example, when HTML wants the user to upload one or more files, he can write:
The code is as follows | Copy code | ||||||||
|
The code is as follows | Copy code | ||||
|
The code is as follows | Copy code |
//Request headerPOST /upload.php HTTP/1.0rn.. .Host: www.laruence.comrn...Content-length: xxxxxrn...Content-type: multipart/form-data, boundary=---- ----------7d51863950254rn...rnrn//Start POST data content---------------7d51863950254content -disposition: form-data; name="description"laruence's personal introduction---------------7d51863950254content-disposition: form-data; name ="userfile"; filename="laruence.txt"Content-Type: text/plain... Content of laruence.txt...----------- ----7d51863950254 |
The next step is the server, how to process this data.
Accept upload
As the Web server, it is assumed to be Apache (also assume that PHP is installed in Apache as a module ), when receiving the user's data, first it determines the MIME TYPE as the PHP type based on the HTTP request header, and then after some processes (for this part, please refer to my previous PHP Life Cycle ppt), it will eventually control The power is handed over to the PHP module.
At this time, PHP will call sapi_activate to initialize a request. In this process, it first determines the request type, which is POST at this time, and then calls sapi_read_post_data. Through Content-type, find The processing function rfc1867_post_handler of rfc1867 calls this handler to analyze the data from POST.
The source code of rfc1867_post_handler can be found in mian/rfc1867.c. You can also refer to my previous in-depth understanding. PHP file upload, which also lists the source code.
Then, PHP passes the boundary, and for each segment, it checks whether the:
name and filename attributes are both defined. (Famous file upload)
If name is not defined, filename is defined (unnamed upload)
If name is defined, filename is not defined (ordinary data),
to perform different processing.
The code is as follows | Copy code | ||||||||
char *pair=NULL; int end=0;
|
The code is as follows | Copy code |
/* Normal form variable, safe to read all data into memory */if (!filename && param) { unsigned int value_len; char *value = multipart_buffer_read_body(mbuff, &value_len TSRMLS_CC); unsigned int new_val_len; /* Dummy variable */… if (! strcasecmp(param, "MAX_FILE_SIZE")) { max_file_size = atol(value); >} |
If yes, it will check whether the file size is exceeded according to its value.
The code is as follows | Copy code | ||||
} else if (max_file_size && (total_bytes > max_file_size)) { #if DEBUG_FILE_UPLOAD sapi_module.sapi_error(E_NOTICE, "MAX_FILE_SIZE of % ld bytes exceeded - file [%s=%s] not saved", max_file_size, param, filename); #endif cancel_upload = UPLOAD_ERROR_B; } |
代码如下 | 复制代码 |
if (!skip_upload) {
|
By judging the name and filename, if it is a file upload, it will be based on PHP's Settings, create a temporary file with a random name in the file upload directory:
The code is as follows | Copy code |
if (!skip_upload) {
|
Return the file handle, and the temporary random file name.
代码如下 | 复制代码 |
else if (blen > 0) {
|
代码如下 | 复制代码 |
zend_hash_add(SG(rfc1867_uploaded_files), temp_filename,
|
.....
The code is as follows | Copy code | ||||
wlen = write(fd , buff, blen); //Write temporary file. if (wlen == -1) { /* write failed */ #if DEBUG_FILE_UPLOAD sapi_module.sapi_error (E_NOTICE, "write() failed - %s", strerror(errno)); #endif cancel_upload = UPLOAD_ERROR_F; } } ... . |
The code is as follows | Copy code td> |
zend_hash_add(SG(rfc1867_uploaded_files), temp_filename, strlen(temp_filename) + 1, &temp_filename, sizeof(char *), NULL); |
The code is as follows | Copy code |
$_FILES['userfile'] //name="userfile" |
If it is an unnamed upload, tmp_name will be used to set:
The code is as follows
|
Copy code
|
||||
$_FILES['tmp_name'] //Unnamed upload
|
http: //www.bkjia.com/PHPjc/444674.html