PHP File upload detection and processing

This article mainly introduces the PHP file upload detection and processing, interested in the friend's reference, I hope to help you.

is the upload of input way so bad? Of course not. When uploading a file, it is very simple and reliable, in PHP, we only need a composite form:

The code is as follows:

<form enctype= "Multipart/form-data" action= "__url__" method= "POST" >

An input box:

The code is as follows:

<input name= "UserFile" type= "file"/>

and the server-side line of code:

The code is as follows:

Move_uploaded_file ($_files[' userfile ' [' tmp_name '], '/var/www/uploads/'. basename ($_files[' userfile ' [' name ']));

The

allows the entire upload process to be implemented.
But as the file grows, the lack of form uploads is exposed. In particular, the simple idea that we want to get the most basic file size to prevent large file uploads has become so difficult. The following one by one-way:
through max_file_size max_file_size The hidden Field (in bytes) must precede the file input field, and its value is the maximum size of the received file. This is a suggestion for the browser, PHP will also check this. This setting can be bypassed easily on the browser side, so do not expect this feature to block large files. In fact, the maximum upload file value in PHP settings is not invalidated. However, it is best to add this item to the form because it avoids the hassle of having to wait for a large file to be uploaded before the user discovers that the file is too large to upload.
Obviously PHP developers have also considered the issue of uploading large files, but as the manual says, max_file_size is just a suggestion for browsers, and in fact all the mainstream browsers so far have not adopted this recommendation, so use Max_file_ Size constraint file sizes are not the same as the configuration.
through the server-side max_file_size since it is invalid, the user can upload the file to the server, the server side through the $_files [' UserFile '] [' Size '] determines the size of the file uploaded by the user and then decides whether to accept the upload and return the information. Excluding server load and possible malicious vandalism, this solution sounds like a waste of bandwidth, as well as the ability to bind users to upload files.
This is not possible, however, and PHP file uploads are affected by these settings in the following php.ini:

• post_max_size

• upload_max_filesize

• max_execution_time

• memory_limit

Although the Setup method in the manual has a more detailed description, the reason is still said that this method is not feasible, because the PHP execution script when more than Memory_limit, the post data will be all lost and will not error!
Imagine the user filled out a long form, and accompanied by a file more than Memory_limit upload, after a long wait time to find and so on is a clean blank form, that is how impressive user experience ah. Moreover, dozens of m of server traffic is only used to detect file size, is not allowed in the current network environment.
through JavaScript JavaScript is browser-based, although JS can accomplish a lot of seemingly impossible tasks, but the browser can't do things JS also can not do. Congenital deficiency is doomed to this job only by JavaScript is not competent. However, some IE only methods are still exist, for reference only.
via Flash Flash's Filereference class provides a comprehensive set of file handling methods, and most large file uploads now use flash-based solutions. If the use of flash and JS interaction, can realize the client file size detection? The answer is doable.
First, instantiate the Filereference class in the Flash file.

var fr = new Filereference ();

Based on this class, you can replace the browser's events with the file browse and Selectfile events provided by Flash. We need to:
1. Binding Selectfile

Fr.addeventlistener (Event.select, onselectfile);

2, create a JS access to the object, used to place flash to get the file information

var s = {size:0, name: ', type: '}

3. Create the file browse method

function Browsefile (): void {<br> fr.browse (); <br>}

4, when the Selectfile event triggered, the transfer of file information

function Onselectfile (e:event): void {<br> s.size = fr.size;<br> S.name = fr.name;<br> S.type = fr.type; <br>}

5. The Browsefile method is publicly available for JS invocation

Externalinterface.addcallback ("Browsefile", browsefile);

6. Pass the obtained file information to JS

Externalinterface.call ("Onselectfile", s);

Now we can get the file size information sent by flash through JS, the specific implementation can see the demo.
Conclusion
The problem seems to have been solved, we have successfully verified the size of the file is not it. However, the final conclusion of this paper is that the file size check based on Flash is still not feasible.
The only purpose of the file size check is to upload. In the demo above you can see that the file name of the verification success is displayed in an input box. The students who are familiar with uploading do not feel anything less? Yes, through Flash can only get the file name, but not the full path of the files, and the file path is the input method to upload the necessary conditions. So although can be successful through the Flash and JS Interactive check file size, but we can do is just a verification, and then want to upload, only continue through the flash way.
Flash development for security reasons blocked the full path of the file this is understandable, but the file upload, especially in PHP environment file verification upload scheme still not get the best solution.
Of course there are many ways to compensate:

Perl-based Project Filechucker, Xupload, Uber-uploader Flash-based project SWFUpload and a package with PHP directly on the server to build a beautiful socket link

But after all, I hope that one day I can see the thorough robust uploading scheme based on HTML only, I hope this day will not be too far.
Finally, this time the code download.
php File Upload size settings explained in PHP to upload files, the most problematic is to upload large volume files when an error occurs. This involves the PHP configuration file--php.ini
In this configuration file, there are several values that are closely related to file uploads:

• File_uploads = ON//allows system support for file uploads

• Upload_tmp_dir//Temporary file storage path, Linux is the system default path, Win32 need to specify

• Upload_max_filesize = 2m//Allow file upload maximum volume

• Post_max_size = 2m//The maximum amount of data that PHP can accept when given to PHP via the Post method

If you upload a file that is 8m in size (usually), then modifying the settings above will satisfy your requirements.
But to >8m, that in addition to the above several values, but also pay special attention to the other two values:

• Max_execution_time = 30//maximum time per script (PHP upload is big, it's a matter of time)

• Memory_limit = 8m//maximum memory that each script can consume

Try to make these two values bigger. Most problems can be solved in general.

This concludes that the volume of uploaded files can be infinitely large. But also to consider your network situation, and so on.
On the php.net, some people say that following this method changed, more than 100m files will be error, do not know that is not the problem of PHP itself.

Summary : The above is the entire content of this article, I hope to be able to help you learn.

Related recommendations:

A method of implementing timed execution function based on sleep function in PHP

PHP Output Buffer Control detailed

PHP input and output stream details and example analysis