1. 首页
  2. 问答
  3. PHP图像上传

PHP图像上传

2011-08-23 209 views
2

我正在工作的用户有一个选项来上传图像,如果他们没有上传图像然后我将使用他们的个人资料的默认图像,但我有一些问题,我想要验证它们只能上传,但现在,即使他们没有上传我的验证代码运行的图像,而不是让保存下面的表格其余形象是我的代码PHP图像上传

if(isset($_FILES)) 
    { 
     $imagename = $_FILES['uploadimage']['name']; 
     $imagetype = $_FILES['uploadimage']['type']; 
     $imagesize = $_FILES['uploadimage']['size']; 


     if($imagetype != "image/gif" || $imagetype != "image/jpg" || $imagetype == "image/png" || $imagetype == "image/jpeg") 
     { 
      $error = 'Please upload an image with JPG, PNG, GIF'; 
     } 
     elseif($imagesize > 716800) 
     { 
      $error = 'Image Needs to be under 700kb only';  
     } 
     else 
     { 
        $success = 'Uploaded'; 
        }

即使他们没有上传整个代码运行的图像

来源

2011-08-23 Henry

+0

漂亮的小上传库有一些非常漂亮的jQuery功能:https://github.com/blueimp/jQuery-File-Upload – Kzqai

回答

1

您应该使用

if(!empty($_FILES) && array_key_exists('uploadimage', $_FILES) && $_FILES['uploadimage']['size'] > 0)

代替

if(isset($_FILES)).

来源

2011-08-23 18:57:24

+0

仍然在做同样的事情,即使我没有上传它正在运行的那段代码 – Henry

+0

@Henry尝试编辑答案 –

+0

是有道理,并且工作正常,但我也发现一个简单的替代PHP 4.3或更高版本我们可以使用函数if(is_uploaded_file(['file'] ['tmp_name']))但我会使用你的andrej ...谢谢你的帮助 – Henry

1

$ _FILES是一个超全局变量,是始终存在的,不管剧本是如何调用,或者如果一个文件上传实际上是企图。

您需要检查一个特定的文件,而不是,如:

if (isset($_FILES['nameoffilefield']) && ($_FILES['nameoffilefield']['error'] == UPLOAD_ERR_OK)) { 
    ... upload occured ... 
}

来源

2011-08-23 18:57:33

+0

: - 现在它没有运行那段代码,即使我正在上传一个zip文件,它给我一个成功的消息 – Henry

+0

根本不运行代码,但给成功消息?咦? –

+0

是的,它跳过了你提供的if语句,并去了另一个我已经写过的else语句..如果我上传了一个zip文件,它应该说错误如果它正在运行你的if条件BAMM – Henry

1

必须先测试,如果上传更迭,然后测试,如果文件是图像,并与他们合作。

if (isset($_FILES['nameoffilefield']) && ($_FILES['nameoffilefield']['error'] == UPLOAD_ERR_OK)) { 
    if($_FILES['nameoffilefield']['type'] != "image/gif" 
     && $_FILES['nameoffilefield']['type'] != "image/jpg" 
     && $_FILES['nameoffilefield']['type'] != "image/png" 
     && $_FILES['nameoffilefield']['type'] != "image/jpeg") 
    { 
     $error = 'Please upload an image with JPG, PNG, GIF'; 
    } 
    elseif($imagesize > 716800) 
    { 
     $error = 'Image Needs to be under 700kb only';  
    } 
    else 
    { 
     $success = 'Uploaded'; 
     // do something with image 
     move_uploaded_file($_FILES['nameoffilefield']['tmp_name'],$newFileWithDir); 
    } 
}

但它不是好主意,测试$ _FILES [ 'nameoffilefield'] [ '型']在 “图像/ JPEG”,因为攻击者可以用此MIME类型发送PHP文件。

来源

2011-08-23 19:17:19 cubaguest

0

使用此图片上传代码。

<?php 
//define a maxim size for the uploaded images in Kb 
define ("MAX_SIZE","1000"); 

//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension. 
function getExtension($str) { 
     $i = strrpos($str,"."); 
     if (!$i) { return ""; } 
     $l = strlen($str) - $i; 
     $ext = substr($str,$i+1,$l); 
     return $ext; 
} 

//This variable is used as a flag. The value is initialized with 0 (meaning no error found) 
//and it will be changed to 1 if an errro occures. 
//If the error occures the file will not be uploaded. 
$errors=0; 
//checks if the form has been submitted 
if(isset($_POST['Submit'])) 
{ 
    //reads the name of the file the user submitted for uploading 
    $image=$_FILES['image']['name']; 
    //if it is not empty 
    if ($image) 
    { 
    //get the original name of the file from the clients machine 
     $filename = stripslashes($_FILES['image']['name']); 
    //get the extension of the file in a lower case format 
     $extension = getExtension($filename); 
     $extension = strtolower($extension); 
    //if it is not a known extension, we will suppose it is an error and will not upload the file, 
    //otherwise we will do more tests 
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) 
     { 
     //print error message 
      echo '<h1>Unknown extension!</h1>'; 
      $errors=1; 
     } 
     else 
     { 
//get the size of the image in bytes 
//$_FILES['image']['tmp_name'] is the temporary filename of the file 
//in which the uploaded file was stored on the server 
$size=filesize($_FILES['image']['tmp_name']); 

//compare the size with the maxim size we defined and print error if bigger 
if ($size > MAX_SIZE*1024) 
{ 
    echo '<h1>You have exceeded the size limit!</h1>'; 
    $errors=1; 
} 

//we will give an unique name, for example the time in unix time format 
$image_name=time().'.'.$extension; 
//the new name will be containing the full path where will be stored (images folder) 
$newname="images/".$image_name; 
//we verify if the image has been uploaded, and print error instead 
$copied = copy($_FILES['image']['tmp_name'], $newname); 
if (!$copied) 
{ 
    echo '<h1>Copy unsuccessfull!</h1>'; 
    $errors=1; 
}}}} 

//If no errors registred, print the success message 
if(isset($_POST['Submit']) && !$errors) 
{ 
    echo "<h1>File Uploaded Successfully! Try again!</h1>"; 
} 

?> 

<!--next comes the form, you must set the enctype to "multipart/frm-data" and use an input type "file" --> 
<form name="newad" method="post" enctype="multipart/form-data" action=""> 
<table> 
    <tr><td><input type="file" name="image"></td></tr> 
    <tr><td><input name="Submit" type="submit" value="Upload image"></td></tr> 
</table> 
</form>

来源

2011-09-21 14:25:26 karthick

0

您也可以从这个代码::

image.php上载MySQL数据库图像

<form action='image.php' method='post' enctype='multipart/form-data' > 
    <input type='file' name='image'> 
    <input type='submit' name='submit'> 
    </form> 

<?php 
    if(isset($_POST['submit'])) { 
     $image = addslashes(file_get_contents($_FILES['image']['tmp_name'])); 

     $size = getimagesize($_FILES['image']['tmp_name']); 
    if($size != FALSE) 
      mysql_query(" INSERT INTO tableName VALUES ('', '$image')) or die(mysql_error()); 
     else 
     echo "image uploading problem"; 
    } 
?>

来源

2012-03-08 21:15:54 sabbir

+0

查询中缺少'''。 –

2

说实话没有创建自己的图片上传代码,浪费你的时间,只需使用class.upload即可。

来源

2012-08-03 01:57:12 Alex

相关问题

 相关问题