文件上传我们需要用到HTML里面表单的type=file类型及其enctype属性这是我们大家必须要用的当然了PHP函数库当中的FILE函数库字符串类型函数库目录函数库及$_FILES[]的使用是我们必须要用到的
也许每一个站点都可能会对上传文件有许多的限制这些限制会包括 文件类型文件大小扩展名以及上传目录的存在与否上传文件的存在与否目录的可写性可读性上传文件的改名及怎样把文件从缓存当中复制到你所需要的目录当中
当然出错的预处理也是我们不容忽视的!如果再深一步的讨论我们还可以对文件的操作起用事件日志的记录
下面我们通过一段程序来实现这些功能
首先是我们预设的变量值它包括文件大小文件扩展名类型MIMI类型及是否删除的开关变量
$MAX_SIZE = ;
$FILE_MIMES = array(image/jpegimage/jpgimage/gif
image/pngapplication/msword);
$FILE_EXTS = array(zipjpgpnggif);
$DELETABLE = true;
下一部就是设置浏览器访问变量及目录访问变量
$site_name = $_SERVER[HTTP_HOST];
$url_dir = http://$_SERVER[HTTP_HOST]dirname($_SERVER[PHP_SELF]);
$url_this = http://$_SERVER[HTTP_HOST]$_SERVER[PHP_SELF];
$upload_dir = files/;
$upload_url = $url_dir/files/;
$message =;
建立上传目录并相应改变权限
if (!is_dir(files)) {
if (!mkdir($upload_dir))
die (upload_files directory doesnt exist and creation failed);
if (!chmod($upload_dir))
die (change permission to failed);
}
用户请求的处理
if ($_REQUEST[del] && $DELETABLE) {
$resource = fopen(logtxta);
fwrite($resourcedate(Ymd h:i:s)DELETE $_SERVER[REMOTE_ADDR]$_REQUEST[del]\\n);
fclose($resource);
if (strpos($_REQUEST[del]/)﹥); //possible hacking
else if (strpos($_REQUEST[del]files/) === false); //possible hacking
else if (substr($_REQUEST[del])==files/) {
unlink($_REQUEST[del]);
print ﹤script﹥windowlocationhref=$url_this?message=deleted successfully﹤/script﹥;
}
}
else if ($_FILES[userfile]) {
$resource = fopen(logtxta);
fwrite($resourcedate(Ymd h:i:s)UPLOAD $_SERVER[REMOTE_ADDR]
$_FILES[userfile][name]
$_FILES[userfile][type]\\n);
fclose($resource);
$file_type = $_FILES[userfile][type];
$file_name = $_FILES[userfile][name];
$file_ext = strtolower(substr($file_namestrrpos($file_name)));
//文件大小的检查
if ( $_FILES[userfile][size] ﹥ $MAX_SIZE)
$message = The file size is over MB;
//File Type/Extension Check
else if (!in_array($file_type $FILE_MIMES)
&& !in_array($file_ext $FILE_EXTS) )
$message = Sorry $file_name($file_type) is not allowed to be uploaded;
else
$message = do_upload($upload_dir $upload_url);
print ﹤script﹥windowlocationhref=$url_this?message=$message﹤/script﹥;
}
else if (!$_FILES[userfile]);
else
$message = Invalid File Specified;
列出我们上传的文件
$handle=opendir($upload_dir);
$filelist = ;
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist = ﹤a href=$upload_dir$file﹥$file﹤/a﹥;
if ($DELETABLE)
$filelist = ﹤a href=?del=$upload_dir$file title=delete﹥x﹤/a﹥;
$filelist = ﹤sub﹥﹤small﹥﹤small﹥﹤font color=grey﹥ date(dm H:i filemtime($upload_dir$file))
﹤/font﹥﹤/small﹥﹤/small﹥﹤/sub﹥;
$filelist =﹤br﹥;
}
}
function do_upload($upload_dir $upload_url) {
$temp_name = $_FILES[userfile][tmp_name];
$file_name = $_FILES[userfile][name];
$file_name = str_replace(\\\\$file_name);
$file_name = str_replace($file_name);
$file_path = $upload_dir$file_name;
//File Name Check
if ( $file_name ==) {
$message = Invalid File Name Specified;
return $message;
}
$result = move_uploaded_file($temp_name $file_path);
if (!chmod($file_path))
$message = change permission to failed;
else
$message = ($result)?$file_name uploaded successfully :
Somthing is wrong with uploading a file;
return $message;
}
?﹥
﹤center﹥
﹤font color=red﹥﹤?=$_REQUEST[message]?﹥﹤/font﹥
﹤br﹥
﹤form name=upload id=upload ENCTYPE=multipart/formdata method=post﹥
Upload File ﹤input type=file id=userfile name=userfile﹥
﹤input type=submit name=upload value=Upload﹥
﹤/form﹥
﹤br﹥﹤b﹥My Files﹤/b﹥
﹤hr width=%﹥
﹤?=$filelist?﹥
﹤hr width=%﹥
﹤small﹥﹤sup﹥Developed By
﹤a style=textdecoration:none href=http://techcitypostca﹥CityPostca﹤/a﹥
﹤/sup﹥﹤/small﹥
﹤/center﹥
