After a long period of development of PHP, many users know PHP very well. Here I will express my personal understanding and discuss it with everyone. PHP is a server-side scripting language used to create dynamic WEB pages. Like ASP and ColdFusion, users can use a mixture of PHP and HTML to write WEB pages. When a visitor browses to the page, the server will first process the PHP commands in the page, and then transmit the processed results together with the HTML content to Access browser.
Users can enter PHP command codes directly on the WEB page, so no special development environment is required. In WEB pages, all PHP code is placed in "". Additionally, users can choose to use forms such as . The PHP engine will automatically identify and process all code between PHP delimiters in the page.
The grammatical structure of the PHP scripting language is very similar to the grammatical style of the C language and Perl language. Users do not need to declare variables before using them. The process of creating an array using PHP is also very simple. PHP also has basic object-oriented component functions, which can greatly facilitate users to effectively organize and encapsulate the code they write. Here I would like to introduce to you the issues regarding PHP upload.
Example 1. Enable file PHP upload
Please check the functions is_uploaded_file() and move_uploaded_file() for further information. The following example handles file upload provided by a form.
<ol class="dp-xml"> <li class="alt"><span><span class="tag"><?</SPAN><SPAN class=tag-name>php</SPAN><SPAN> </SPAN></SPAN><LI class=""><SPAN>// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead </SPAN><LI class=alt><SPAN>// of $_FILES. </SPAN><LI class=""><SPAN> </SPAN><LI class=alt><SPAN>$</SPAN><SPAN class=attribute>uploaddir</SPAN><SPAN> = </SPAN><SPAN class=attribute-value>'/var/www/uploads/'</SPAN><SPAN>; </SPAN></SPAN><LI class=""><SPAN>$</SPAN><SPAN class=attribute>uploadfile</SPAN><SPAN> = $uploaddir . basename($_FILES['userfile']['name']); </SPAN></SPAN><LI class=alt><SPAN> </SPAN><LI class=""><SPAN>echo '</SPAN><SPAN class=tag><</SPAN><SPAN class=tag-name>pre</SPAN><SPAN class=tag>></span><span>'; </span></span></li> <li class="alt"><span>if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) { </span></li> <li class=""><span> echo "File is valid, and was successfully uploaded.n"; </span></li> <li class="alt"><span>} else { </span></li> <li class=""><span> echo "Possible file upload attack!n"; </span></li> <li class="alt"><span>} </span></li> <li class=""><span> </span></li> <li class="alt"><span>echo 'Here is some more debugging info:'; </span></li> <li class=""><span>print_r($_FILES); </span></li> <li class="alt"><span> </span></li> <li class=""> <span>print "</span><span class="tag"></</SPAN><SPAN class=tag-name>pre</SPAN><SPAN class=tag>></span><span>"; </span> </li> <li class="alt"><span> </span></li> <li class=""> <span></span><span class="tag">?></span><span> </span> </li> </ol>
A script that accepts a PHP uploaded file should implement any logically necessary checks in order to decide what operations to do with the file next. For example, you can use the $_FILES['userfile']['size'] variable to exclude files that are too large or too small, or you can use the $_FILES['userfile']['type'] variable to exclude file types and certain standards. File that does not match, but only consider this as the first step in a series of checks, since this value is completely controlled by the client and is not checked on the PHP side. Since PHP 4.2.0, you can also use the $_FILES['userfile']['error'] variable to plan the next step based on different error codes. Either way, either delete the file from the temporary directory or move it somewhere else.
If no uploaded file is selected in the form, the value of the PHP variable $_FILES['userfile']['size'] will be 0 and $_FILES['userfile']['tmp_name'] will be null. If the file has not been moved or renamed, it will be deleted at the end of the form request.