当前位置: 首页 > 网络学院 > 服务端脚本教程 > PHP > PHP 文件上传

PHP
php 无限分类的实现
常用PHP代码
windows下安装配置php视频教程
MySQL数据库结构和数据的导出和导入
PHP实现 IP Whois 查询
PHP5 this,self和parent关键字详解
PHP 安全技巧连载 #1[译]
PHP 安全技巧连载 #2[译]
PHP 安全技巧连载 #3[译]
PHP 安全技巧连载 #4[译]
PHP 安全技巧连载 #5[译]
PHP 安全技巧连载 #6[译]
PHP 安全技巧连载 #7[译]
PHP 安全技巧连载 #8[译]
PHP 安全技巧连载 #9[译]
PHP 安全技巧连载 #10[译]
PHP 安全技巧连载 #11[译]
PHP error_reporting的使用
PHP 安全技巧连载 #12
使用PHP做Linux/Unix守护进程

PHP 文件上传


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-03-01   浏览: 1369 ::
收藏到网摘: n/a

With PHP, it is possible to upload files to the server.
我们可以通过PHP把文件上传到服务器。


Create an Upload-File Form
创建一个文件上传的表单

To allow users to upload files from a form can be very useful.
给用户提供一个自行上传文件的表单是很有必要的。

Look at the following HTML form for uploading files:
看一下使用HTML书写的文件上传表单的具体写法:

<html>
<body>
<form action="upload_file.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />

<br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>

</html>

Notice the following about the HTML form above:
上述HTML表单的注意点:

  • The enctype attribute of the <form> tag specifies which content-type to use when submitting the form. "multipart/form-data" is used when a form requires binary data, like the contents of a file, to be uploaded
    <form>标签中的enctype属性指定了当提交表单时,该使用怎样的内容类型[content-type];当表单要求使用二进制数据时,我们使用"multipart/form-data",如:上传文件的内容。
  • The type="file" attribute of the <input> tag specifies that the input should be possessed as a file. For example, when viewed in a browser, there will be a browse-button next to the input field
     <input>标签的type="file"属性指定了输入信息[input]必须包含在文件内。举个例子来说,当我们浏览网页时,在输入框的旁边会有一个browse按钮。

Note: Allowing users to upload files is a big security risk. Only permit trusted users to perform file uploads.
注意:允许用户上传文件这样的做法存在着巨大的安全隐患。所以我们应该只允许我们信任的用户上传他们的文件。


Create The Upload Script
建立一个上传脚本程序[Upload Script]

The "upload_file.php" file contains the code for uploading a file:
"upload_file.php"文件包含了实现文件上传功能的代码,具体如下:

<?php
if ($_FILES["file"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Stored in: " . $_FILES["file"]["tmp_name"];
}
?>

By using the global PHP $_FILES array you can upload files from a client computer to the remote server.
通过使用通用的PHP $_FILES数组[global PHP $_FILES array],你把以把你在本机上的文件上传到远程服务器上。

The first parameter is the form's input name and the second index can be either "name", "type", "size", "tmp_name" or "error". Like this:
第一个参数是表单的输入名称,第二个索引项[index]可以包含"name", "type", "size", "tmp_name" 或 "error",具体如下:

  • $_FILES["file"]["name"] - the name of the uploaded file
    $_FILES["file"]["name"]:需要上传的文件的名称
  • $_FILES["file"]["type"] - the type of the uploaded file
    $_FILES["file"]["type"]:需要上传的文件的类型
  • $_FILES["file"]["size"] - the size in bytes of the uploaded file
    $_FILES["file"]["size"]:需要上传的文件的字节数大小
  • $_FILES["file"]["tmp_name"] - the name of the temporary copy of the file stored on the server
    $_FILES["file"]["tmp_name"]:存储于服务器中的文件副本的名称
  • $_FILES["file"]["error"] - the error code resulting from the file upload
    $_FILES["file"]["error"]:文件上传时出现的错误代码

This is a very simple way of uploading files. For security reasons, you should add restrictions on what the user is allowed to upload.
上传文件的方法其实很简单。出于对安全因素的考虑,你必须对拥有文件上传权利的用户作出严格的限制。


Restrictions on Upload
上传限制

In this script we add some restrictions to the file upload. The user may only upload .gif or .jpeg files and the file size must be under 20 kb:
在下面的脚本中,我们对文件的上传作了一些限制措施。用户只能上传扩展名为“.gif”或扩展名为“.jpeg”的文件,并且文件必须小于20kb:

<?php
if (($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")

&& ($_FILES["file"]["size"] < 20000))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Stored in: " . $_FILES["file"]["tmp_name"];
}
}
else
{
echo "Invalid file";
}
?>


Saving the Uploaded File
保存已上传的文件

The examples above create a temporary copy of the uploaded files in the PHP temp folder on the server.
在上述例子中,我们在服务器端的PHP临时文件夹中创建了一个已上传文件的临时副本。

The temporary copied files disappears when the script ends. To store the uploaded file we need to copy it to a different location:
当脚本解释后,这个临时的副本文件就会自动消失。为了存储已上传的文件,我们需要把它复制到不同的地方。

<?php
if (($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")

&& ($_FILES["file"]["size"] < 20000))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
 if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
?>

The script above checks if the file already exists, if it does not, it copies the file to the specified folder.
上述脚本检查了指定的文件是否已经存在;如果不存在,他将把文件复制到这个指定的文件夹内。

评论 (0) All

登陆 | 还没注册?