文件上传 – PHP 进阶

文件上传 – PHP 进阶

将文件上传到服务器很容易，但容易就会带来被销毁的风险，因此在允许文件上传时要小心。

设置“php.ini”文件

在“php.ini”文件中搜索 file_uploads 指令并将其设置为 On ：

file_uploads = On

现在，

创建 HTML 表单：允许用户选择他们想要上传的文件

对于 HTML 上传表单，请确保使用 method=”post” 和 enctype=”multipart/form-data”。因为没有这些,文件上传将无法工作。

<!DOCTYPE html>
 <html>
 <body>

<form action="fileToupload.php" method="post" enctype="multipart/form-data">
 Select an Image To Upload:-
 <input type="file" name="fileToUpload" id="fileToUpload">
 <input type="submit" value="Upload Image" name="submit">
 </form>

</body>
 </html>

输出 ：

制作上传文件PHP脚本

<?php
 $target_dir = "uploads/";
 $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
 $uploadOk = 1;
 $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
 // Check if image file is a actual image or fake image
 if(isset($_POST["submit"])) {
    
    
 $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
 if($check !== false) {
    
    
 echo "File is an image - " . $check["mime"] . ".";
 $uploadOk = 1;
 } else {
    
    
 echo "File is not an image.";
 $uploadOk = 0;
 }
 }
 ?>

在上面的代码中，

“$target_file”定义要上传的文件路径

稍后将使用“$uploadOk=1”。

“$target_dir = uploads/” – 定义要放置文件的目录

“$imageFileType”保存文件的文件扩展名。

检查文件是否已存在

首先，让我们检查“uploads”文件夹中是否已存在文件。如果存在，则显示错误消息，并将 $uploadOk 设置为 0：

//To check if file already exists or not
 if (file_exists($target_file)) {
    
    
 echo "Sorry, the file already exists.";
 $uploadOk = 0;
 }

限制文件大小和类型

现在检查文件的大小是否大于 500kb；将显示错误消息并且 $uploadOk 设置为 0。

// To check file size
 if ($_FILES["fileToUpload"]["size"] > 500000) {
    
    
 echo "Sorry, your file is too large.";
 $uploadOk = 0;
 }

给定代码仅允许用户上传 JPEG、JPG、GIF 和 PNG 文件。如果上传其他文件类型，则在将 $uploadOk 设置为 0 之前会显示错误消息：

// To allow certain file formats
 if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
 && $imageFileType != "gif" ) {
    
    
 echo "Sorry, only JPEG, JPG, GIF & PNG files are allowed.";
 $uploadOk = 0;
 }

最后，结合以上所有代码。这是完整的填充上传 PHP 脚本：

<?php
 $target_dir = "uploads/";
 $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
 $uploadOk = 1;
 $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);

// To check if image file is  actual or fake image
 if(isset($_POST["submit"])) {
    
    
 $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
 if($check !== false) {
    
    
 echo "File is an image - " . $check["mime"] . ".";
 $uploadOk = 1;
 } else {
    
    
 echo "File is not an image.";
 $uploadOk = 0;
 }
 }
 // To check if file already exists
 if (file_exists($target_file)) {
    
    
 echo "Sorry, the file already exists.";
 $uploadOk = 0;
 }
 //To check the file size
 if ($_FILES["fileToUpload"]["size"] > 500000) {
    
    
 echo "Sorry, your file is too large.";
 $uploadOk = 0;
 }
 // To allow certain file formats
 if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
 && $imageFileType != "gif" ) {
    
    
 echo "Sorry, only JPEG, JPG, GIF & PNG files are allowed.";
 $uploadOk = 0;
 }
 // To check if $uploadOk is set to 0 by an error
 if ($uploadOk == 0) {
    
    
 echo "Sorry, your file was not uploaded.";
 } else {
    
    
 if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
    
    
 echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
 } else {
    
    
 echo "Sorry, there was an error uploading your file.";
 }
 }
 ?>