这篇文章主要给大家汇总介绍了一些php上传文件问题,需要的朋友可以参考下
1.先做个最简单的上传文件
复制代码 代码如下:
enctype="multipart/form-data">
复制代码 代码如下:
if (($_FILES["file"]["size"]
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "
";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "
";
echo "Type: " . $_FILES["file"]["type"] . "
";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb
";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "
";
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
?>
2.然后了解超级全局变量$_FILES的值
复制代码 代码如下:
$_FILES['userfile']['name']
$_FILES['userfile']['type']
$_FILES['userfile']['size']
$_FILES['userfile']['tmp_name']
$_FILES['userfile']['error']
其中,$_FILES['userfile']['error']的所有值:
UPLOAD_ERR_OK 其值为 0,没有错误发生,文件上传成功。
UPLOAD_ERR_INI_SIZE 其值为 1,上传的文件超过了 php.ini 中 upload_max_filesize 选项限制的值。
UPLOAD_ERR_FORM_SIZE 其值为 2,,上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值。
UPLOAD_ERR_PARTIAL 其值为 3,文件只有部分被上传。
UPLOAD_ERR_NO_FILE 其值为 4,没有文件被上传。
UPLOAD_ERR_NO_TMP_DIR 其值为 6,找不到临时文件夹。PHP 4.3.10 和 PHP 5.0.3 引进。
UPLOAD_ERR_CANT_WRITE 其值为 7,文件写入失败。PHP 5.1.0 引进。
3.很多情况:需要严格判断上传文件类型
我们知道使用$_FILES['userfile']['type']判断上传文件类型是一个很不明智的做法,因为该判断依据是文件的后缀名,任何人都可以将一个mp3文件的后缀改成jpg从而伪装成图片进行上传,因此php官方建议使用php的扩展php_fileinfo来判断文件的mime,开启拓展的方法百度一下有很多,win和linux略有不同。
4.情景一:上传文件重名后自动重命名
复制代码 代码如下:
if (file_exists("./upload/" . $_FILES["file"]["name"]))
{
do{
$suffix ="";
$suffix_length = 4;
$str = "0123456789abcdefghijklmnopqrstuvwxyz";
$len = strlen($str)-1;
//文件名后追加4个随机字符
for($i=0 ; $i
$suffix .= $str[rand(0,$len)];
}
$upload_filename = $_FILES['file']['name'];
$filename = substr($upload_filename,0,strrpos($upload_filename,".")).$suffix.".".substr($upload_filename,strrpos($_FILES["file"]["name"],".")+1);
}while(file_exists("./upload/".$filename));
move_uploaded_file($_FILES["file"]["tmp_name"],"./upload/" . $filename);
}else{
move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);
}
5.情景二:根据日期分目录上传文件
复制代码 代码如下:
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
Dreamweaver CS6
Visual web development tools
WebStorm Mac version
Useful JavaScript development tools
