文件上傳我們需要用到html里面表單的type=file類型,及其enctype屬性。這是我們大家必須要用的。當(dāng)然了php函數(shù)庫當(dāng)中的file函數(shù)庫,字符串類型函數(shù)庫,目錄函數(shù)庫及$_files[]的使用是我們必須要用到的。
也許每一個站點都可能會對上傳文件有許多的限制,這些限制會包括 文件類型,文件大小,擴展名,以及上傳目錄的存在與否,上傳文件的存在與否,目錄的可寫性,可讀性,上傳文件的改名及怎樣把文件從緩存當(dāng)中復(fù)制到你所需要的目錄當(dāng)中。
當(dāng)然出錯的預(yù)處理也是我們不容忽視的!如果再深一步的討論我們還可以對文件的操作起用事件日志的記錄。
下面我們通過一段程序來實現(xiàn)這些功能:
首先是我們預(yù)設(shè)的變量值,它包括文件大小,文件擴展名類型,mimi類型,及是否刪除的開關(guān)變量
$max_size = 2000000;
$file_mimes = array('image/jpeg','image/jpg','image/gif'
,'image/png','application/msword');
$file_exts = array('.zip','.jpg','.png','.gif');
$deletable = true;
下一部就是設(shè)置瀏覽器訪問變量及目錄訪問變量:
$site_name = $_server['http_host'];
$url_dir = http://.$_server['http_host'].dirname($_server['php_self']);
$url_this = http://.$_server['http_host'].$_server['php_self'];
$upload_dir = files/;
$upload_url = $url_dir./files/;
$message =;
建立上傳目錄并相應(yīng)改變權(quán)限:
if (!is_dir(files)) {
if (!mkdir($upload_dir))
die (upload_files directory doesn't exist and creation failed);
if (!chmod($upload_dir,0755))
die (change permission to 755 failed.);
}
用戶請求的處理:
if ($_request[del] && $deletable) {
$resource = fopen(log.txt,a);
fwrite($resource,date(ymd h:i:s).delete - $_server[remote_addr].$_request[del]//n);
fclose($resource);
if (strpos($_request[del],/.)>0); //possible hacking
else if (strpos($_request[del],files/) === false); //possible hacking
else if (substr($_request[del],0,6)==files/) {
unlink($_request[del]);
print <script>window.location.href='$url_this?message=deleted successfully'</script>;
}
}
else if ($_files['userfile']) {
$resource = fopen(log.txt,a);
fwrite($resource,date(ymd h:i:s).upload - $_server[remote_addr]
.$_files['userfile']['name'].
.$_files['userfile']['type'].//n);
fclose($resource);
$file_type = $_files['userfile']['type'];
$file_name = $_files['userfile']['name'];
$file_ext = strtolower(substr($file_name,strrpos($file_name,.)));
//文件大小的檢查:
if ( $_files['userfile']['size'] > $max_size)
$message = the file size is over 2mb.;
//file type/extension check
else if (!in_array($file_type, $file_mimes)
&& !in_array($file_ext, $file_exts) )
$message = sorry, $file_name($file_type) is not allowed to be uploaded.;
else
$message = do_upload($upload_dir, $upload_url);
print <script>window.location.href='$url_this?message=$message'</script>;
}
else if (!$_files['userfile']);
else
$message = invalid file specified.;
列出我們上傳的文件:
$handle=opendir($upload_dir);
$filelist = ;
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist .= <a href='$upload_dir$file'>.$file.</a>;
if ($deletable)
$filelist .= <a href='?del=$upload_dir$file' title='delete'>x</a>;
$filelist .= <sub><small><small><font color=grey> .date(d-m h:i, filemtime($upload_dir.$file))
.</font></small></small></sub>;
$filelist .=<br>;
}
}
function do_upload($upload_dir, $upload_url) {
$temp_name = $_files['userfile']['tmp_name'];
$file_name = $_files['userfile']['name'];
$file_name = str_replace(////,,$file_name);
$file_name = str_replace(',,$file_name);
$file_path = $upload_dir.$file_name;
//file name check
if ( $file_name ==) {
$message = invalid file name specified;
return $message;
}
$result = move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0777))
$message = change permission to 777 failed.;
else
$message = ($result)?$file_name uploaded successfully. :
somthing is wrong with uploading a file.;
return $message;
}
?>
<center>
<font color=red><?=$_request[message]?></font>
<br>
<form name=upload id=upload enctype=multipart/form-data method=post>
upload file <input type=file id=userfile name=userfile>
<input type=submit name=upload value=upload>
</form>
<br><b>my files</b>
<hr width=70%>
<?=$filelist?>
<hr width=70%>
<small><sup>developed by
<a style=text-decoration:none href=http://tech.citypost.ca>citypost.ca</a>
</sup></small>
</center>
注冊會員,創(chuàng)建你的web開發(fā)資料庫,
