Blogger Information
Blog 43
fans 1
comment 0
visits 33960
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
PHP文件上传
蔚蓝世纪
Original
799 people have browsed it

通过PHP,用户可以把文件上传到服务器。文件上传可以分为单个文件上传、多个文件上传和批量上传。

一、单个文件上传

  1. <?php
  2. //$_FILES
  3. printf('<pre>%s</pre>',print_r($_FILES,true));
  4. $errorCode=$_FILES['my_pic']['error'];
  5. // 检查是否有文件被上传
  6. if(UPLOAD_ERR_NO_FILE === $errorCode) echo '<p>没有文件被上传</p>';
  7. foreach ($_FILES as $file) {
  8. // 只要判断 error === 0
  9. if ($file['error'] === 0) {
  10. $destFile = 'uploads/' . $file['name'];
  11. move_uploaded_file($file['tmp_name'], $destFile);
  12. echo "<img src='{$destFile}' width='200'>";
  13. }
  14. }
  15. //检测当前文件是否是通过HTTP POST方式上传的
  16. // $tmpFileName = $_FILES['my_pic']['tmp_name'];
  17. // $orginalFileName = $_FILES['my_pic']['name'];
  18. // if (is_uploaded_file($tmpFileName)) echo "{$orginalFileName}:上传方式合法";
  19. //检测文件类型
  20. //$fileType = $_FILES['my_pic']['type'];
  21. //echo $fileType,'<br>';
  22. //if (strstr($fileType,'/',true) !== 'image') echo '<p>文件类型错误</p>';
  23. //检测上传文件的大小
  24. echo ini_get('upload_max_filesize');
  25. $errorCode = $_FILES['my_pic']['error'] ?? 'null';
  26. switch ($errorCode) {
  27. case 1:
  28. echo '文件超过`php.ini`中`upload_max_filesize`值';
  29. break;
  30. case 2:
  31. echo '文件大小超过表单隐藏域中`MAX_FILE_SIZE`指定的值';
  32. }
  33. //文件上传异常处理
  34. class UploadException extends Exception
  35. {
  36. // 在异常子类中,可以访问并重写Exception中的四个属性,通过__toString()格式化异常输出信息
  37. public function __toString()
  38. {
  39. return <<< UPLOAD
  40. <style>
  41. table {border-collapse: collapse;border:1px solid black;text-align: center;}
  42. td {border:1px solid black;padding: 5px;}
  43. tr:first-of-type {background-color:#eee;}
  44. tr:last-of-type td {color: coral;}
  45. </style>
  46. <table>
  47. <tr><td>代码</td><td>信息</td><td>文件</td><td>行号</td></tr>
  48. <tr><td>$this->code</td><td>$this->message</td><td>$this->file</td><td>$this->line</td></tr>
  49. </table>
  50. UPLOAD;
  51. }
  52. }
  53. ///////////////////////////////////////////////////////////////////////
  54. try {
  55. // 上传出错的代码
  56. $errorCode = $_FILES['my_pic']['error'];
  57. if ($errorCode > UPLOAD_ERR_OK) {
  58. switch ($errorCode) {
  59. case UPLOAD_ERR_INI_SIZE:
  60. throw new UploadException('上传的文件超过了 php.ini 中 upload_max_filesize 选项限制的值', 1);
  61. break;
  62. case UPLOAD_ERR_FORM_SIZE:
  63. throw new UploadException('上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值', 2);
  64. break;
  65. case UPLOAD_ERR_PARTIAL:
  66. throw new UploadException('文件只有部分被上传', 3);
  67. break;
  68. case UPLOAD_ERR_NO_FILE:
  69. throw new UploadException('没有文件被上传', 4);
  70. break;
  71. case UPLOAD_ERR_NO_TMP_DIR:
  72. throw new UploadException('找不到临时文件夹', 6);
  73. break;
  74. case UPLOAD_ERR_CANT_WRITE:
  75. throw new UploadException('文件写入失败', 7);
  76. break;
  77. default:
  78. // 测试时建议关掉default: 避免误报影响
  79. throw new UploadException('未知类型错误', 8);
  80. }
  81. }
  82. // 判断文件类型
  83. $fileType = $_FILES['my_pic']['type'];
  84. if (strstr($fileType, '/', true) !== 'image') throw new UploadException('文件类型错误',9);
  85. } catch (UploadException $e) {
  86. echo $e;
  87. }
  88. ?>
  89. <!DOCTYPE html>
  90. <html lang="en">
  91. <head>
  92. <meta charset="UTF-8">
  93. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  94. <title>文件上传变量$_FILES</title>
  95. </head>
  96. <body>
  97. <!-- 上传文件时通常会写一个表单 -->
  98. <form action="" method="POST" enctype="multipart/form-data">
  99. <fieldset>
  100. <legend>单文件上传</legend>
  101. <input type="hidden" name="MAX_FILE_SIZE" value="500000">
  102. <input type="file" name="my_pic">
  103. <button>上传</button>
  104. </fieldset>
  105. </form>
  106. </body>
  107. </html>

输出效果:

二、多个文件上传

  1. <?php
  2. // $_FILES
  3. printf('<pre>%s</pre>', print_r($_FILES, true));
  4. //文件上传异常处理
  5. class UploadException extends Exception
  6. {
  7. // 在异常子类中,可以访问并重写Exception中的四个属性,通过__toString()格式化异常输出信息
  8. public function __toString()
  9. {
  10. return <<< UPLOAD
  11. <style>
  12. table {border-collapse: collapse;border:1px solid black;text-align: center;}
  13. td {border:1px solid black;padding: 5px;}
  14. tr:first-of-type {background-color:#eee;}
  15. tr:last-of-type td {color: coral;}
  16. </style>
  17. <table>
  18. <tr><td>代码</td><td>信息</td><td>文件</td><td>行号</td></tr>
  19. <tr><td>$this->code</td><td>$this->message</td><td>$this->file</td><td>$this->line</td></tr>
  20. </table>
  21. UPLOAD;
  22. }
  23. }
  24. ///////////////////////////////////////////////////////////////////////
  25. try {
  26. // 上传出错的代码
  27. $errorCode = $_FILES['my_pic']['error'];
  28. if ($errorCode > UPLOAD_ERR_OK) {
  29. switch ($errorCode) {
  30. case UPLOAD_ERR_INI_SIZE:
  31. throw new UploadException('上传的文件超过了 php.ini 中 upload_max_filesize 选项限制的值', 1);
  32. break;
  33. case UPLOAD_ERR_FORM_SIZE:
  34. throw new UploadException('上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值', 2);
  35. break;
  36. case UPLOAD_ERR_PARTIAL:
  37. throw new UploadException('文件只有部分被上传', 3);
  38. break;
  39. case UPLOAD_ERR_NO_FILE:
  40. throw new UploadException('没有文件被上传', 4);
  41. break;
  42. case UPLOAD_ERR_NO_TMP_DIR:
  43. throw new UploadException('找不到临时文件夹', 6);
  44. break;
  45. case UPLOAD_ERR_CANT_WRITE:
  46. throw new UploadException('文件写入失败', 7);
  47. break;
  48. default:
  49. // 测试时建议关掉default: 避免误报影响
  50. throw new UploadException('未知类型错误', 8);
  51. }
  52. }
  53. // 判断文件类型
  54. $fileType = $_FILES['my_pic']['type'];
  55. if (strstr($fileType, '/', true) !== 'image') throw new UploadException('文件类型错误',9);
  56. } catch (UploadException $e) {
  57. echo $e;
  58. }
  59. foreach ($_FILES as $file) {
  60. if ($file['error'] === 0) {
  61. $destFile = 'uploads/' . $file['name'];
  62. move_uploaded_file($file['tmp_name'], $destFile);
  63. echo "<img src='{$destFile}' width='200'>";
  64. }
  65. }
  66. ?>
  67. <!DOCTYPE html>
  68. <html lang="en">
  69. <head>
  70. <meta charset="UTF-8">
  71. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  72. <title>文件上传变量$_FILES</title>
  73. </head>
  74. <body>
  75. <hr>
  76. <form action="" method="POST" enctype="multipart/form-data">
  77. <fieldset>
  78. <legend>多文件上传: 逐个上传(一)</legend>
  79. <input type="hidden" name="MAX_FILE_SIZE" value="3000000">
  80. <input type="file" name="my_pic1">
  81. <input type="file" name="my_pic2">
  82. <input type="file" name="my_pic3">
  83. <button>上传</button>
  84. </fieldset>
  85. </form>
  86. </body>
  87. </html>

输出效果:

三、批量上传文件

  1. printf('<pre>%s</pre>', print_r($_FILES, true));
  2. //文件上传异常处理
  3. class UploadException extends Exception
  4. {
  5. public function __toString()
  6. {
  7. return <<< UPLOAD
  8. <style>
  9. table {border-collapse: collapse;border:1px solid black;text-align: center;}
  10. td {border:1px solid black;padding: 5px;}
  11. tr:first-of-type {background-color:#eee;}
  12. tr:last-of-type td {color: coral;}
  13. </style>
  14. <table>
  15. <tr><td>代码</td><td>信息</td><td>文件</td><td>行号</td></tr>
  16. <tr><td>$this->code</td><td>$this->message</td><td>$this->file</td><td>$this->line</td></tr>
  17. </table>
  18. UPLOAD;
  19. }
  20. }
  21. ///////////////////////////////////////////////////////////////////////
  22. try {
  23. // 上传出错的代码
  24. $errorCode = $_FILES['my_pic']['error'];
  25. if ($errorCode > UPLOAD_ERR_OK) {
  26. switch ($errorCode) {
  27. case UPLOAD_ERR_INI_SIZE:
  28. throw new UploadException('上传的文件超过了 php.ini 中 upload_max_filesize 选项限制的值', 1);
  29. break;
  30. case UPLOAD_ERR_FORM_SIZE:
  31. throw new UploadException('上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值', 2);
  32. break;
  33. case UPLOAD_ERR_PARTIAL:
  34. throw new UploadException('文件只有部分被上传', 3);
  35. break;
  36. case UPLOAD_ERR_NO_FILE:
  37. throw new UploadException('没有文件被上传', 4);
  38. break;
  39. case UPLOAD_ERR_NO_TMP_DIR:
  40. throw new UploadException('找不到临时文件夹', 6);
  41. break;
  42. case UPLOAD_ERR_CANT_WRITE:
  43. throw new UploadException('文件写入失败', 7);
  44. break;
  45. default:
  46. throw new UploadException('未知类型错误', 8);
  47. }
  48. }
  49. // 判断文件类型
  50. $fileType = $_FILES['my_pic']['type'];
  51. if (strstr($fileType, '/', true) !== 'image') throw new UploadException('文件类型错误',9);
  52. } catch (UploadException $e) {
  53. echo $e;
  54. }
  55. if ($_FILES['my_pic'])
  56. foreach ($_FILES['my_pic']['error'] as $key => $error) {
  57. // 只要判断 error === 0
  58. if ($error === UPLOAD_ERR_OK) {
  59. // 临时文件名
  60. $tmpFileName = $_FILES['my_pic']['tmp_name'][$key];
  61. // 原始文件名
  62. $originalFileName = $_FILES['my_pic']['name'][$key];
  63. // 目标文件名
  64. $destFileName = 'uploads/'. $originalFileName;
  65. // 移动文件
  66. move_uploaded_file($tmpFileName, $destFileName);
  67. // 预览
  68. echo "<img src='{$destFileName}' width='200'>";
  69. }
  70. }
  71. ?>
  72. <!DOCTYPE html>
  73. <html lang="en">
  74. <head>
  75. <meta charset="UTF-8">
  76. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  77. <title>文件上传变量$_FILES</title>
  78. </head>
  79. <body>
  80. <hr>
  81. <form action="" method="POST" enctype="multipart/form-data">
  82. <fieldset>
  83. <legend>多文件上传: 批量上传</legend>
  84. <input type="hidden" name="MAX_FILE_SIZE" value="3000000">
  85. <!-- name属性值以数组的形式提供 -->
  86. <input type="file" name="my_pic[]" multiple>
  87. <button>上传</button>
  88. </fieldset>
  89. </form>
  90. </body>
  91. </html>

输出效果:

四、总结

1.允许用户上传文件对于网站来说存在着巨大的安全风险,所以只能允许可信的用户执行文件上传操作。
2.上传文件时,会在服务器的 PHP 临时文件夹创建一个被上传文件的临时副本。这个临时的复制文件会在脚本结束时消失,所以要保存被上传的文件,我们需要把它拷贝到另外的位置。示例中,我们把文件保存到了名为 “upload” 的新文件夹。

Correcting teacher:天蓬老师天蓬老师

Correction status:qualified

Teacher's comments:总结很棒, 文件上传的确有着巨大的风险 , 但也是获取用户数据的重要手段, 因为很多网站都要依赖用户自产内容来维持的, 不是吗?正是因为大量用户上传自己数据 , 才让互联网更精彩, 所以做好审核很重要
Statement of this Website
The copyright of this blog article belongs to the blogger. Please specify the address when reprinting! If there is any infringement or violation of the law, please contact admin@php.cn Report processing!
All comments Speak rationally on civilized internet, please comply with News Comment Service Agreement
0 comments
Author's latest blog post