PHP File Upload problem Summary (file size detection, large file upload processing), _php tutorial

Source: Internet
Author: User
Tags comparison table file handling php file upload temporary file storage

PHP File Upload problem Summary (file size detection, large file upload processing),


Due to both local and server security issues, page file uploads based on input type= "file" have been in a very awkward position. On the one hand, users do not want privacy disclosure, so the browser can not be the user at the time of uploading the files selected to make effective judgments. On the other hand, in order to secure the server side, reduce the burden of transmission, the system would like to be able to start uploading illegal files before users.
One to go, based on the original input mode of uploading, as the network storage site to avoid the problem of the left, but also created a strange plug-ins, uploading clients.
is the upload of input way so bad? Of course not. When uploading a file, it is very simple and reliable, in PHP, we only need a composite form: Copy Code code is as follows:


An input box: Copy CodeThe code is as follows:
and the server-side line of code: Copy CodeThe code is as follows: Move_uploaded_file ($_files[' userfile ' [' tmp_name '], '/var/www/uploads/'. basename ($_files[' userfile '] [' Name ']));
You can implement the entire upload process.
But as the file grows, the lack of form uploads is exposed. In particular, the simple idea that we want to get the most basic file size to prevent large file uploads has become so difficult. The following one by one lanes come:
by Max_file_size
Max_file_size hidden Fields (in bytes) must precede the file input field with a value of the maximum size of the received file. This is a suggestion for the browser, PHP will also check this. This setting can be bypassed easily on the browser side, so do not expect this feature to block large files. In fact, the maximum upload file value in PHP settings is not invalidated. However, it is best to add this item to the form because it avoids the hassle of having to wait for a large file to be uploaded before the user discovers that the file is too large to upload.
Obviously PHP developers also consider the issue of large file uploads, but as the manual says, max_file_size is just a suggestion for the browser, in fact, so far all the mainstream browser has not adopted this recommendation, so the use of max_file_size constrained file size with the device, cannot be done.
through the server-side
Max_file_size since invalid, then the user can upload files to the server, the server side through $_files[' userfile ' [' Size '] to determine the size of the user uploaded files, and then decide whether to accept the upload and return information. Excluding server load and possible malicious vandalism, this solution sounds like a waste of bandwidth, as well as the ability to bind users to upload files.
This is not possible, however, and PHP file uploads are affected by the following settings: php.ini

    • Post_max_size
    • Upload_max_filesize
    • Max_execution_time
    • Memory_limit

Although the Setup method in the manual has a more detailed description, the reason is still said that this method is not feasible, because the PHP execution script when more than Memory_limit, the post data will be all lost and will not error!
Imagine the user filled out a long form, and accompanied by a file more than Memory_limit upload, after a long wait time to find and so on is a clean blank form, that is how impressive user experience ah. Moreover, dozens of m of server traffic is only used to detect file size, is not allowed in the current network environment.
Through JavaScript
JavaScript is browser-based, although JS can accomplish a lot of seemingly impossible tasks, but the browser can't do things JS also can not do. Congenital deficiency is doomed to this job only by JavaScript is not competent. However, some IE only methods are still exist, for reference only.
Via Flash
Flash's Filereference class provides a comprehensive set of file handling methods, and most large file uploads now use flash-based solutions. If the use of flash and JS interaction, can realize the client file size detection? The answer is doable.
First, instantiate the Filereference class in the Flash file.

var fr = new Filereference ();

Based on this class, you can replace the browser's events with the file browse and Selectfile events provided by Flash. We need to:
1. Binding Selectfile

Fr.addeventlistener (Event.select, onselectfile);

2, create a JS access to the object, used to place flash to get the file information

var s = {size:0, name: ', type: '}

3. Create the file browse method

function Browsefile (): void {
Fr.browse ();
}

4, when the Selectfile event triggered, the transfer of file information

function Onselectfile (e:event): void {
S.size = fr.size;
S.name = Fr.name;
S.type = Fr.type;
}

5. The Browsefile method is publicly available for JS invocation

Externalinterface.addcallback ("Browsefile", browsefile);

6. Pass the obtained file information to JS

Externalinterface.call ("Onselectfile", s);

Now we can get the file size information sent by flash through JS, the specific implementation can see the demo.
Conclusion
The problem seems to have been solved, we have successfully verified the size of the file is not it. However, the final conclusion of this paper is that the file size check based on Flash is still not feasible.
The only purpose of the file size check is to upload. In the demo above you can see that the file name of the verification success is displayed in an input box. The students who are familiar with uploading do not feel anything less? Yes, through Flash can only get the file name, but not the full path of the files, and the file path is the input method to upload the necessary conditions. So although can be successful through the Flash and JS Interactive check file size, but we can do is just a verification, and then want to upload, only continue through the flash way.
Flash development for security reasons blocked the full path of the file this is understandable, but the file upload, especially in PHP environment file verification upload scheme still not get the best solution.
Of course there are many ways to compensate:

Perl-based project Filechucker, Xupload, Uber-uploader
Flash-based project SWFUpload
and the package with PHP directly in the server gorgeous build socket link

But after all, I hope that one day I can see the thorough robust uploading scheme based on HTML only, I hope this day will not be too far.
Finally, this time the code download.
PHP File upload size settings detailed
Uploading files in PHP, the most problematic thing is to upload a large volume file when an error occurs. This involves the PHP configuration file--php.ini
In this configuration file, there are several values that are closely related to file uploads:

    • File_uploads = ON//allows system support for file uploads
    • Upload_tmp_dir//Temporary file storage path, Linux is the system default path, Win32 need to specify
    • Upload_max_filesize = 2m//Allow file upload maximum volume
    • Post_max_size = 2m//The maximum amount of data that PHP can accept when given to PHP via the Post method

If you upload a file that is 8m in size (usually), then modifying the settings above will satisfy your requirements.
But to >8m, that in addition to the above several values, but also pay special attention to the other two values:

    • Max_execution_time = 30//maximum time per script (PHP upload is big, it's a matter of time)
    • Memory_limit = 8m//maximum memory that each script can consume

Try to make these two values bigger. Most problems can be solved in general.

This concludes that the volume of uploaded files can be infinitely large. But also to consider your network situation, and so on.
On the php.net, some people say that following this method changed, more than 100m files will be error, do not know that is not the problem of PHP itself.

The problem is first introduced to this, we hope to solve the problem of PHP file upload to help.

Articles you may be interested in:

    • PHP File Upload instance detailed!!!
    • JQuery ajax File Upload (PHP)
    • php file upload suffix name and file type comparison table (almost all files covered)
    • PHP image File Upload implementation code
    • Php+ajax implement image File Upload function instance
    • PHP implementation of video file upload complete instance
    • Thinkphp combining Ajaxfileuploader to realize the method of no-refresh file uploading
    • A classic PHP file upload class to share
    • Real resolution of PHP file upload size limit by modifying configuration (nginx+php)

http://www.bkjia.com/PHPjc/1084546.html www.bkjia.com true http://www.bkjia.com/PHPjc/1084546.html techarticle php File Upload problem Summary (file size detection, large file upload processing), due to both local and server security issues, so based on input type= "file" form of the page ...

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.