PHP File Upload principle detailed (including source code)

Tag: Attribute body maxsize Path POS cannot find the extension depth max value

1, File Upload principle

Upload the client's files to the server, and then upload the server's temporary files to the specified directory

2. Client Configuration

• Submit Form
• form is sent as Post
• Add Enctype= "Multipart/form-data"

3. Server-side configuration

• file_uploads = ON, HTTP upload support
• upload_max_filesize = 2M, maximum allowed file upload
• max_file_uploads = 20, maximum number of files allowed to be uploaded at one time
• post_max_size = 8m,post the maximum value for sending data
• max_execution_time =- 1, set the maximum allowable execution time before the script is terminated by the parser, in seconds, to prevent the program from writing bad and make up the server resources. -1 for Infinity
• max_input_time = 60, script resolves the maximum time allowed for input data, in seconds
• Span style= "font-size:16px" >max_input_nesting_level = 64, sets the nesting depth of the input variable
• max_input_vars_ = 1000, the number of input variables to accept (restrictions applied to $_get, $_post, and $_cookie, respectively, to the Super global variable, will result in E_ Warning, more input variables will be truncated from the request.
• memory_limit = 128M, maximum single-thread independent memory usage. That is, the definition of a Web request that gives the thread maximum memory usage

4. Error message Description

• UPLOAD_ERR_OK: Its value is 0, no error occurred, file upload succeeded
• Upload_err_ini_size: The value is 1, the uploaded file exceeds the value of the Upload_max_filesize option limit in php.ini
• Upload_err_form_size: Its value is 2, the size of the uploaded file exceeds the value specified by the MAX_FILE_SIZE option in the HTML form
• Upload_err_partial: The value is 3, the file is only partially uploaded
• Upload_err_no_file: Its value is 4, no files are uploaded
• Upload_err_no_tmp_dir: The value is 6 and the Temp folder cannot be found
• Upload_err_cant_write: Its value is 7, file write failed
• Upload_err_extension: The value is 8, the uploaded file is interrupted by the PHP extension

5. Client Limit

•  <  input  type  Span style= "COLOR: #0000ff" >= ' hidden '  name  = ' max_file_size '  value  = ' bytes '  />   

• Restrict upload file types through the Accept property

  <type name accept/>

6, in the client's restrictions, users can modify the code on the page after uploading, it is not practical significance. Should be limited on the server side

• Limit the size of uploaded files
• Limit upload file types
• Detect if a real picture type
• Detects if an HTTP post is being uploaded

7. The complete code is as follows:

upload.php

1 <!DOCTYPE HTML>2 <HTML>3 <Head>4     <title>File Upload</title>5     <MetaCharSet= "Utf-8">6 </Head>7 <Body>8     <formAction= "test.php"Method= "POST"enctype= "Multipart/form-data" >9 Please select a file to upload:Ten         <inputtype= "File"name= "MyFile" /><BR/> One         <inputtype= "Submit"value= "Upload file" /> A     </form> - </Body> - </HTML>

　test.php

1<?PHP2     Header(' Content-type:text/html;charset=utf-8 ');3     include_once' Upload.func.php ';4     //upload five parameters of the package function: $fileInfo, $maxsize, $uploadPath, $allowExt, $flag5     $fileInfo=$_files[' MyFile '];6     //Print_r ($_files);7 //exit;8 //$filename =$_files[' myFile ' [' name '];9 //$type =$_files[' myFile ' [' type '];Ten //$tmp _name=$_files[' myFile ' [' tmp_name ']; One //$size =$_files[' myFile ' [' size ']; A //$error =$_files[' myFile ' [' Error ']; -     $maxsize=2097152; -     $uploadPath= ' uploads '; the     $allowExt=Array(' jpeg ', ' jpg ', ' png ', ' gif '); -     $flag=true; -     $newName=uploadfile ($fileInfo,$maxsize,$uploadPath,$allowExt,$flag); -     Echo"Upload successful, path is:".$newName; +?>

upload.func.php

1<?PHP2 functionUploadFile ($fileInfo,$maxsize,$uploadPath,$allowExt,$flag){3     //Judging the error number4     if($fileInfo[' Error ']>0){5         Switch($fileInfo[' Error ']){6              Case' 1 ':7                 $mes= "The upload file exceeds the value of the upload_max_filesize option in the PHP configuration file";8                  Break;9              Case' 2 ':Ten                 $mes= "exceeds the size of the form max_file_size limit"; One                  Break; A              Case' 3 ': -                 $mes= "File part is uploaded"; -                  Break;  the              Case' 4 ': -                 $mes= "No Upload file selected";  -                  Break; -              Case' 6 ': +                 $mes= "No temp directory Found"; -                  Break; +              Case' 7 ': A              Case' 8 ': at                 $mes= "System Error"; -                  Break; -         } -         Exit($mes); -     } -     $ext=PathInfo($fileInfo[' Name '],pathinfo_extension); in     //detecting the type of upload file -     if([email protected]In_array($ext,$allowExt)) { to         Exit(' Illegal file type '); +     } -     //Check that the upload file size conforms to specifications the //$maxsize =2097152;//default value is 2M *     if($fileInfo[' Size ']>$maxsize) { $         Exit(' Upload file exceeded '. ($maxsize/1024/1024). ' M);Panax Notoginseng     } -     //detect whether the picture is a real image type, set flag, if you do not need to detect, the flag is false can be the //$flag =true; +     if($flag){ A         if([email protected]getimagesize($fileInfo[' Tmp_name '])) { the             Exit(' Not a real picture type '); +         } -     } $     //detects if the file was uploaded via HTTP post $     if([email protected]Is_uploaded_file($fileInfo[' Tmp_name '])) { -         Exit(' file is not uploaded via HTTP post. ')); -     } the     //Storage DirectoryWuyi     if([email protected]file_exists($uploadPath)){ the         mkdir($uploadPath, 0777,true); -         chmod($uploadPath, 0777); Wu     } -     $uniName=MD5(uniqid(Microtime(true),true)).‘.‘.$ext; About     $destination=$uploadPath.‘ /‘.$uniName; $     if([email protected]Move_uploaded_file($fileInfo[' Tmp_name '],$destination)) { -         Exit(' File upload failed '); -     } -     //echo "File upload succeeded"; A //Return array{ + //' newName ' = $destination; the //' size ' = $fileInfo [' size ']; - //' type ' = = $fileInfo [' type '] $     // }; the     return $destination; the } the?>

PHP File Upload principle detailed (including source code)