Home > Article > Backend Development > Summary of php file upload problems
Summary of php file upload problems
- 伊谢尔伦Original
- 2017-06-27 13:36:29979browse
Let’s summarize some of the problems that are often encountered when uploading files in PHP. You don’t have to look for them when you use them in the future.
1. First make the simplest upload file
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body> <form action="upload_file.php" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="file" id="file" /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </body> </html>
<?php
if (($_FILES["file"]["size"] < 20000)
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
if (
file_exists
("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
?>2. Then understand the value of the super global variable $_FILES
$_FILES['userfile']['name'] $_FILES['userfile']['type'] $_FILES['userfile']['size'] $_FILES['userfile']['tmp_name'] $_FILES['userfile']['error']
Among them, all values of $_FILES['userfile']['error']:
UPLOAD_ERR_OK The value is 0, no error occurs, File upload is successful.
UPLOAD_ERR_INI_SIZE Its value is 1, and the uploaded file exceeds the value limited by the upload_max_filesize option in php.ini.
UPLOAD_ERR_FORM_SIZE With a value of 2, the size of the uploaded file exceeds the value specified by the MAX_FILE_SIZE option in the HTML form.
UPLOAD_ERR_PARTIAL Its value is 3, only part of the file is uploaded.
UPLOAD_ERR_NO_FILE Its value is 4, no file was uploaded.
UPLOAD_ERR_NO_TMP_DIR The value is 6 and the temporary folder cannot be found. Introduced in PHP 4.3.10 and PHP 5.0.3.
UPLOAD_ERR_CANT_WRITE Its value is 7, file writing failed. Introduced in PHP 5.1.0.
3. Many situations: the type of uploaded file needs to be strictly judged
We know that using $_FILES['userfile']['type'] to judge the type of uploaded file is a This is a very unwise approach, because the judgment is based on the suffix of the file. Anyone can change the suffix of an mp3 file to jpg and upload it disguised as a picture. Therefore, PHP officially recommends using the PHP extension php_fileinfoTo determine the mime of the file, there are many ways to enable expansion on Baidu, which are slightly different between win and linux.
4. Scenario 1: Automatically rename after uploading a file with the same name
if (file_exists("./upload/" . $_FILES["file"]["name"]))
{
do{
$suffix ="";
$suffix_length = 4;
$str = "0123456789abcdefghijklmnopqrstuvwxyz";
$len = strlen($str)-1;
//文件名后追加4个随机字符
for($i=0 ; $i<$suffix_length; $i++){
$suffix .= $str[rand(0,$len)];
}
$upload_filename = $_FILES['file']['name'];
$filename = substr($upload_filename,0,strrpos($upload_filename,".")).$suffix.".".substr($upload_filename,strrpos($_FILES["file"]["name"],".")+1);
}while(file_exists("./upload/".$filename));
move_uploaded_file($_FILES["file"]["tmp_name"],"./upload/" . $filename);
}else{
move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);
}5. Scenario 2: Upload files in directories based on date
$structure = './'.date("Y").'/'.date("m").'/'.date("d").'/';
if (!mkdir($structure, 0777, true)) {
die('Failed to create folders...');
}
move_uploaded_file($_FILES["file"]["tmp_name"],$structure . $_FILES["file"]["name"]);6. Scenario 3: Multiple file upload
<form action="" method="post" enctype="multipart/form-data"> <p>Pictures: <input type="file" name="pictures[]" /> <input type="file" name="pictures[]" /> <input type="file" name="pictures[]" /> <input type="submit" value="Send" /> </p> </form>
<?php
foreach ($_FILES["pictures"]["error"] as $key => $error) {
if ($error == UPLOAD_ERR_OK) {
$tmp_name = $_FILES["pictures"]["tmp_name"][$key];
$name = $_FILES["pictures"]["name"][$key];
move_uploaded_file($tmp_name, "data/$name");
}
}
?>In some cases, this variable structure of multiple files is not easy to use:
array(1) {
["upload"]=>array(2) {
["name"]=>array(2) {
[0]=>string(9)"file0.txt"
[1]=>string(9)"file1.txt"
}
["type"]=>array(2) {
[0]=>string(10)"text/plain"
[1]=>string(10)"text/html"
}
}
}In many cases, what we need is a structure similar to this
array(1) {
["upload"]=>array(2) {
[0]=>array(2) {
["name"]=>string(9)"file0.txt"
["type"]=>string(10)"text/plain"
},
[1]=>array(2) {
["name"]=>string(9)"file1.txt"
["type"]=>string(10)"text/html"
}
}
}Using the following function can easily convert the structure
function perse_array($vector) {
$result = array();
foreach($vector as $key1 => $value1)
foreach($value1 as $key2 => $value2)
$result[$key2][$key1] = $value2;
return $result;
}
$upload = perse_array($_FILES["upload"]);7. Sometimes: NeedConfigure the serverModify the maximum upload file size
First, on the form
65d863758adfcaf74f10173ec9f3c3cd
Can limit upload file size (can be bypassed).
Then you also need to adjust the configuration on the server
php.ini:
max_execution_time = 30 The maximum time for each script to run, in seconds
max_input_time = 60, the time that each script can consume, the unit is also seconds
memory_limit = 128M, this is the maximum memory consumed by the script running
post_max_size = 8M, the maximum data submitted by the form is 8M, this item does not limit the upload of a single file The size is limited to the submitted data of the entire form.
upload_max_filesize = 2M, the maximum allowed size of uploaded files
nginx:
location / {
root html;
index index.html index.htm;
client_max_body_size 1000m;
}The above is the detailed content of Summary of php file upload problems. For more information, please follow other related articles on the PHP Chinese website!