1. 首页
  2. 问答
  3. 文件上传在IE和Firefox中不起作用

文件上传在IE和Firefox中不起作用

2011-04-15 58 views
1

我有以下代码将文件上传到服务器。出于某种奇怪的原因,它在IE和Mozilla Firefox中不起作用,但在Chrome中完美运行。问题是什么?文件上传在IE和Firefox中不起作用

PHP:

// Check post_max_size (http://us3.php.net/manual/en/features.file-upload.php#73762) 
    $POST_MAX_SIZE = ini_get('post_max_size'); 
    $unit = strtoupper(substr($POST_MAX_SIZE, -1)); 
    $multiplier = ($unit == 'M' ? 1048576 : ($unit == 'K' ? 1024 : ($unit == 'G' ? 1073741824 : 1))); 

    if ((int)$_SERVER['CONTENT_LENGTH'] > $multiplier*(int)$POST_MAX_SIZE && $POST_MAX_SIZE) 
     HandleError('File exceeded maximum allowed size. Your file size <b>MUST NOT</b> be more than 100kb.'); 

// Settings 
    $save_path = 'uploads/'; //getcwd() . '/uploads/';The path were we will save the file (getcwd() may not be reliable and should be tested in your environment) 
    $upload_name = 'userfile';       // change this accordingly 
    $max_file_size_in_bytes = 102400;    // 100k in bytes 
    $whitelist = array('jpg', 'png', 'gif', 'jpeg'); // Allowed file extensions 
    $blacklist = array('php', 'php3', 'php4', 'phtml','exe','txt','scr','cgi','pl','shtml'); // Restrict file extensions 
    $valid_chars_regex = 'A-Za-z0-9_-\s ';// Characters allowed in the file name (in a Regular Expression format) 

// Other variables 
    $MAX_FILENAME_LENGTH = 260; 
    $file_name = $_FILES[$upload_name]['name']; 
    //echo "testing-".$file_name."<br>"; 
    //$file_name = strtolower($file_name); 
    ////////$file_extension = end(explode('.', $file_name)); 

    $parts = explode('.', $file_name); 
    $file_extension = end($parts); 

    $uploadErrors = array(
     0=>'There is no error, the file uploaded with success', 
     1=>'The uploaded file exceeds the upload max filesize allowed.', 
     2=>'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form', 
     3=>'The uploaded file was only partially uploaded', 
     4=>'No file was uploaded', 
     6=>'Missing a temporary folder' 
    ); 

// Validate the upload 
    if (!isset($_FILES[$upload_name])) 


     **HandleError('No upload found for ' . $upload_name);**//THROWS UP ERROR HERE in IE and Firefox 


    else if (isset($_FILES[$upload_name]['error']) && $_FILES[$upload_name]['error'] != 0) 
     HandleError($uploadErrors[$_FILES[$upload_name]['error']]); 
    else if (!isset($_FILES[$upload_name]['tmp_name']) || [email protected]_uploaded_file($_FILES[$upload_name]['tmp_name'])) 
     HandleError('Upload failed.'); 
    else if (!isset($_FILES[$upload_name]['name'])) 
     HandleError('File has no name.');

HTML:

<form name="upload" action="/upload" method="POST" ENCTYPE="multipart/formdata"> 
     <table border="0" cellpadding="3" cellspacing="3" class="forms"> 
      <tr> 
      <tr> 
      <td style="height: 26px" align="center"> 
<font class="font_upload_picture">'.MSG142.': <input class="font_upload_picture" type="file" name="userfile"> 
<input type=hidden name=MAX_FILE_SIZE value=102400 /> 
      </td> 
      </tr> 
      <tr> 
      <td colspan="2"> 
        <p align="center"> 
           <input type="image" name="upload" value="upload" src="/img/layout/btnupload.gif" border="0" /> 
           </p> 
           <p>&nbsp;</p> 
           <td><a href="/picturecamerasettings"><img src="/img/layout/takepicture.gif" border="0" /><br> '.MSG143.'</a></td> 
           </tr> 
     </table> 
     </form>

来源

2011-04-15 Frank Nwoko

+3

请提供形式的标记。 – Sean 2011-04-15 20:40:02

+0

你能显示上传表单吗?另外,你从系统中得到什么错误? – Wige 2011-04-15 20:40:55

+0

另外,你在IE和Firefox中看到了什么症状?它是你的代码片段中的错误之一吗?或者它挂起或抛出一个HTTP错误代码? – 2011-04-15 20:41:40

回答

5

形式的加密类型应该是multipart/form-data

来源

2011-04-15 20:56:25

+1

//抛出错误啊,好眼睛^^这可能是问题 – 2011-04-15 21:04:45

+0

我能为你做什么?那就是问题所在。 5颗星给你。奇怪,但为什么它在Chrome中工作..? – 2011-04-15 21:13:33

+1

喝我的荣誉啤酒^^ – 2011-04-15 21:18:40

0

您的HTML错误。您遗漏了trtd标记的结束标记。另外,关闭你的文件上传输入标签/>

来源

2011-04-15 20:59:00

0

一些你的逻辑是关闭:

if (!isset($_FILES[$upload_name]))

,永远传承。对于表单中的每个<input type="file">,都会有一个匹配的$_FILES条目,无论文件是否实际上传。如果没有文件上传到,那么你会得到错误代码4

else if (isset($_FILES[$upload_name]['error']) && $_FILES[$upload_name]['error'] != 0)

您不必检查是否设置了错误参数。只要$upload_name中有一个有效的文件字段名称,error部分就在那里。但是,您可以检查$_FILES[$upload_name]。以防你的变量设置错误。

您已经评论过,但您正在通过检查用户提供的文件名来检查有效的上传类型。请记住,$ _FILES中的参数['type']['name']是用户提供的,可以被破坏。没有任何说恶意用户不能将bad_virus.exe重命名为cute_puppies.jpg并通过“验证”检查。始终使用类似Fileinfo的内容来确定服务器上的MIME类型。这检查文件的实际内容,而不仅仅是文件名。

所以,你的上传验证应该是这个样子:

if (isset($_FILES[$upload_name]) && ($_FILES[$upload_name]['error'] === UPLOAD_ERR_OK)) { 
    $fi = finfo_open(FILE_INFO_MIME_TYPE); 
    $mime = finfo_file($fi, $_FILES[$upload_name]['tmp_name']); 
    if (!in_array($valid_mime_type, $mime)) { 
     HandleError("Invalid file type $mime"); 
    } 
    etc... 
} else { 
    HandleError($uploadErrors[$_FILES[$upload_name]['error']]); 
}

来源

2011-04-15 21:17:36

+0

我其实已经做了,但是没有上传那部分代码,因为它没有必要对相关问题进行处理.----- //验证它是一个图像 $ imageinfo = getimagesize($ _ FILES [$ upload_name] ['tmp_name']); if($ imageinfo ['mime']!='image/gif'&& $ imageinfo ['mime']!='image/jpeg'&& $ imageinfo ['mime']!='image/png'&& isset($ imageinfo)) HandleError('抱歉,我们只接受GIF和JPEG图片'); – 2011-04-15 22:28:57

相关问题

 相关问题