search
HomeBackend DevelopmentPHP TutorialSummary of php file upload problems

Summary of php file upload problems

Jun 27, 2017 pm 01:36 PM
phpSummaryquestion

Let’s summarize some of the problems that are often encountered when uploading files in PHP. You don’t have to look for them when you use them in the future.

1. First make the simplest upload file

 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
 </head>
 <body>
 <form action="upload_file.php" method="post"
 enctype="multipart/form-data">
 <label for="file">Filename:</label>
 <input type="file" name="file" id="file" /> 
 <br />
 <input type="submit" name="submit" value="Submit" />
 </form>
 </body>
 </html>
<?php
if (($_FILES["file"]["size"] < 20000)
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
    } 
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
    if (
file_exists
("upload/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "upload/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
      }
    }
  }
else
  {
  echo "Invalid file";
  }
?>

2. Then understand the value of the super global variable $_FILES

$_FILES[&#39;userfile&#39;][&#39;name&#39;]
$_FILES[&#39;userfile&#39;][&#39;type&#39;]
$_FILES[&#39;userfile&#39;][&#39;size&#39;]
$_FILES[&#39;userfile&#39;][&#39;tmp_name&#39;]
$_FILES[&#39;userfile&#39;][&#39;error&#39;]

Among them, all values ​​of $_FILES['userfile']['error']:

UPLOAD_ERR_OK The value is 0, no error occurs, File upload is successful.

UPLOAD_ERR_INI_SIZE Its value is 1, and the uploaded file exceeds the value limited by the upload_max_filesize option in php.ini.

UPLOAD_ERR_FORM_SIZE With a value of 2, the size of the uploaded file exceeds the value specified by the MAX_FILE_SIZE option in the HTML form.

UPLOAD_ERR_PARTIAL Its value is 3, only part of the file is uploaded.

UPLOAD_ERR_NO_FILE Its value is 4, no file was uploaded.

UPLOAD_ERR_NO_TMP_DIR The value is 6 and the temporary folder cannot be found. Introduced in PHP 4.3.10 and PHP 5.0.3.

UPLOAD_ERR_CANT_WRITE Its value is 7, file writing failed. Introduced in PHP 5.1.0.

3. Many situations: the type of uploaded file needs to be strictly judged

We know that using $_FILES['userfile']['type'] to judge the type of uploaded file is a This is a very unwise approach, because the judgment is based on the suffix of the file. Anyone can change the suffix of an mp3 file to jpg and upload it disguised as a picture. Therefore, PHP officially recommends using the PHP extension php_fileinfoTo determine the mime of the file, there are many ways to enable expansion on Baidu, which are slightly different between win and linux.

4. Scenario 1: Automatically rename after uploading a file with the same name

if (file_exists("./upload/" . $_FILES["file"]["name"]))  
{    
   do{  
       $suffix ="";  
       $suffix_length = 4;  
       $str = "0123456789abcdefghijklmnopqrstuvwxyz";  
       $len = strlen($str)-1; 
       //文件名后追加4个随机字符  
       for($i=0 ; $i<$suffix_length; $i++){  
          $suffix .= $str[rand(0,$len)];  
       }  
       $upload_filename = $_FILES[&#39;file&#39;][&#39;name&#39;];                                            
       $filename = substr($upload_filename,0,strrpos($upload_filename,".")).$suffix.".".substr($upload_filename,strrpos($_FILES["file"]["name"],".")+1); 
   }while(file_exists("./upload/".$filename));  
       move_uploaded_file($_FILES["file"]["tmp_name"],"./upload/" . $filename);  
}else{  
       move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);   
}

5. Scenario 2: Upload files in directories based on date

$structure = &#39;./&#39;.date("Y").&#39;/&#39;.date("m").&#39;/&#39;.date("d").&#39;/&#39;;
if (!mkdir($structure, 0777, true)) {
    die(&#39;Failed to create folders...&#39;);
}
move_uploaded_file($_FILES["file"]["tmp_name"],$structure . $_FILES["file"]["name"]);

6. Scenario 3: Multiple file upload

<form action="" method="post" enctype="multipart/form-data">
 <p>Pictures:
 <input type="file" name="pictures[]" />
 <input type="file" name="pictures[]" />
 <input type="file" name="pictures[]" />
 <input type="submit" value="Send" />
 </p>
 </form>
 <?php
 foreach ($_FILES["pictures"]["error"] as $key => $error) {
     if ($error == UPLOAD_ERR_OK) {
         $tmp_name = $_FILES["pictures"]["tmp_name"][$key];
         $name = $_FILES["pictures"]["name"][$key];
         move_uploaded_file($tmp_name, "data/$name");
     }
 }
 ?>

In some cases, this variable structure of multiple files is not easy to use:

array(1) {
    ["upload"]=>array(2) {
        ["name"]=>array(2) {
            [0]=>string(9)"file0.txt"
            [1]=>string(9)"file1.txt"
        }
        ["type"]=>array(2) {
            [0]=>string(10)"text/plain"
            [1]=>string(10)"text/html"
        }
    }
}

In many cases, what we need is a structure similar to this

array(1) {
    ["upload"]=>array(2) {
        [0]=>array(2) {
            ["name"]=>string(9)"file0.txt"
            ["type"]=>string(10)"text/plain"
        },
        [1]=>array(2) {
            ["name"]=>string(9)"file1.txt"
            ["type"]=>string(10)"text/html"
        }
}
}

Using the following function can easily convert the structure

function perse_array($vector) { 
     $result = array(); 
     foreach($vector as $key1 => $value1) 
         foreach($value1 as $key2 => $value2) 
             $result[$key2][$key1] = $value2; 
     return $result; 
 } 
 $upload = perse_array($_FILES["upload"]);

7. Sometimes: NeedConfigure the serverModify the maximum upload file size

First, on the form


Can limit upload file size (can be bypassed).

Then you also need to adjust the configuration on the server

php.ini:

max_execution_time = 30 The maximum time for each script to run, in seconds
max_input_time = 60, the time that each script can consume, the unit is also seconds
memory_limit = 128M, this is the maximum memory consumed by the script running
post_max_size = 8M, the maximum data submitted by the form is 8M, this item does not limit the upload of a single file The size is limited to the submitted data of the entire form.
upload_max_filesize = 2M, the maximum allowed size of uploaded files

nginx:

location / {
     root   html;
     index  index.html index.htm;
     client_max_body_size    1000m;
  }

The above is the detailed content of Summary of php file upload problems. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
PHP in Action: Real-World Examples and ApplicationsPHP in Action: Real-World Examples and ApplicationsApr 14, 2025 am 12:19 AM

PHP is widely used in e-commerce, content management systems and API development. 1) E-commerce: used for shopping cart function and payment processing. 2) Content management system: used for dynamic content generation and user management. 3) API development: used for RESTful API development and API security. Through performance optimization and best practices, the efficiency and maintainability of PHP applications are improved.

PHP: Creating Interactive Web Content with EasePHP: Creating Interactive Web Content with EaseApr 14, 2025 am 12:15 AM

PHP makes it easy to create interactive web content. 1) Dynamically generate content by embedding HTML and display it in real time based on user input or database data. 2) Process form submission and generate dynamic output to ensure that htmlspecialchars is used to prevent XSS. 3) Use MySQL to create a user registration system, and use password_hash and preprocessing statements to enhance security. Mastering these techniques will improve the efficiency of web development.

PHP and Python: Comparing Two Popular Programming LanguagesPHP and Python: Comparing Two Popular Programming LanguagesApr 14, 2025 am 12:13 AM

PHP and Python each have their own advantages, and choose according to project requirements. 1.PHP is suitable for web development, especially for rapid development and maintenance of websites. 2. Python is suitable for data science, machine learning and artificial intelligence, with concise syntax and suitable for beginners.

The Enduring Relevance of PHP: Is It Still Alive?The Enduring Relevance of PHP: Is It Still Alive?Apr 14, 2025 am 12:12 AM

PHP is still dynamic and still occupies an important position in the field of modern programming. 1) PHP's simplicity and powerful community support make it widely used in web development; 2) Its flexibility and stability make it outstanding in handling web forms, database operations and file processing; 3) PHP is constantly evolving and optimizing, suitable for beginners and experienced developers.

PHP's Current Status: A Look at Web Development TrendsPHP's Current Status: A Look at Web Development TrendsApr 13, 2025 am 12:20 AM

PHP remains important in modern web development, especially in content management and e-commerce platforms. 1) PHP has a rich ecosystem and strong framework support, such as Laravel and Symfony. 2) Performance optimization can be achieved through OPcache and Nginx. 3) PHP8.0 introduces JIT compiler to improve performance. 4) Cloud-native applications are deployed through Docker and Kubernetes to improve flexibility and scalability.

PHP vs. Other Languages: A ComparisonPHP vs. Other Languages: A ComparisonApr 13, 2025 am 12:19 AM

PHP is suitable for web development, especially in rapid development and processing dynamic content, but is not good at data science and enterprise-level applications. Compared with Python, PHP has more advantages in web development, but is not as good as Python in the field of data science; compared with Java, PHP performs worse in enterprise-level applications, but is more flexible in web development; compared with JavaScript, PHP is more concise in back-end development, but is not as good as JavaScript in front-end development.

PHP vs. Python: Core Features and FunctionalityPHP vs. Python: Core Features and FunctionalityApr 13, 2025 am 12:16 AM

PHP and Python each have their own advantages and are suitable for different scenarios. 1.PHP is suitable for web development and provides built-in web servers and rich function libraries. 2. Python is suitable for data science and machine learning, with concise syntax and a powerful standard library. When choosing, it should be decided based on project requirements.

PHP: A Key Language for Web DevelopmentPHP: A Key Language for Web DevelopmentApr 13, 2025 am 12:08 AM

PHP is a scripting language widely used on the server side, especially suitable for web development. 1.PHP can embed HTML, process HTTP requests and responses, and supports a variety of databases. 2.PHP is used to generate dynamic web content, process form data, access databases, etc., with strong community support and open source resources. 3. PHP is an interpreted language, and the execution process includes lexical analysis, grammatical analysis, compilation and execution. 4.PHP can be combined with MySQL for advanced applications such as user registration systems. 5. When debugging PHP, you can use functions such as error_reporting() and var_dump(). 6. Optimize PHP code to use caching mechanisms, optimize database queries and use built-in functions. 7

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
WWE 2K25: How To Unlock Everything In MyRise
1 months agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

SublimeText3 Linux new version

SublimeText3 Linux new version

SublimeText3 Linux latest version

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Dreamweaver Mac version

Dreamweaver Mac version

Visual web development tools

DVWA

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software