PHP: cov ntaub ntawv upload mus rau lub neeg rau zaub mov

Daus ntaub ntawv ntawm PHP - ib tug heev nthuav cov ntaub ntawv, uas yuav tsum tau mus heev kom zoo zoo. Nyob rau hauv Internet koj yuav nrhiav tau heev heev piv txwv ntawm qhov kev siv ntawm cov ntaub ntawv upload, tab sis tsis yog txhua txhua ntawm lawv yog cov zoo thiab tau raws li kev ruaj ntseg cov kev cai.

Tej yam uas yuav tsum coj mus rau ib tug xaus, txawm yog hais tias nws yuav siv sij hawm ib tug ntev lub sij hawm. Yog hais tias koj tawm hauv ib lub ntxi nyob rau hauv lub code, ces tag nrho koj cov neeg rau zaub mov yuav nyom.

kev nyab xeeb

Nrog PHP ntaub ntawv upload mus rau lub neeg rau zaub mov yog nqa tawm yooj yim heev. Lub code yog heev luv luv thiab yooj yim. Cia li ib ob peb ntawm cov kab. Txawm li cas los, qhov no txoj kev yog txaus ntshai. Ntau npaum li cas lub sij hawm thiab kab kev cai tseg rau kev nyab xeeb.

Cov kev txaus ntshai mas, yog tias koj tsis ua li inspections, tej attacker yuav upload lawv scripts rau koj neeg rau zaub mov. Nyob rau hauv cov ntaub ntawv no, nws yuav muaj tag nrho cov kev nkag. Nws yuav ua tau xijpeem nws xav:

• rho tawm hauv cov database;
• rho tawm cov ntaub ntawv qhov chaw;
• hloov cov ntaub ntawv qhov chaw;
• ntxiv koj ad rau koj lub website;
• download tau cov kab mob;
• redirect tag nrho cov neeg nyob rau hauv lawv qhov chaw;
• thiab ntau lwm yam uas tuaj mus mloog attacker.

Koj yuav tsum nco ntsoov xyuas tias attempts mus download tau ib cov ntaub ntawv rau cov neeg siv. Piv txwv li, yog tias koj upload dluab xwb, nws yog tsim nyog kom paub tseeb tias cov ntaub ntawv yog ib daim duab yog. Txwv tsis pub, koj yuav download tau dab tsi.

Raws nraim yuav ua li cas siv pov thawj, nws yuav tsum tau qhia, nrog rau hauv tib neeg kev xeem tsab ntawv mus rau upload ntaub ntawv.

Tsim ib PHP daim ntawv

cov ntaub ntawv upload daim ntawv yooj yim heev. Nco cov xauj khawm thiab upload nyees khawm.

Piav yuav ua li cas los tsim ntaub ntawv yuav tsis, vim hais tias nws yog ib qho yooj yim. Ntxiv cov lus qhia xav hais tias koj twb muaj tus tswv yim ntawm HTML (txwv tsis pub koj yuav tsis tau nrhiav cov lus qhia txog daus rau PHP).

Tab sis nco ntsoov tias cov ntaub ntawv nyob rau hauv daim ntawv uas koj xav tau ntxiv cov enctype attribute.

Txwv tsis pub, cov ntaub ntawv nyob rau hauv cov ntaub ntawv handler yuav tsis yuav kis tau.

Yuav ua li cas nws yuav tsum ua hauj lwm?

Thaum koj nyem rau ntawm tus xauj khawm koj yuav tsum pom ib lub thawv uas hais kom xaiv ib tug cov ntaub ntawv.

Tom qab ntawd nws yuav tsum tau txais ib txoj kev nyob qhov twg cov ntaub ntawv nyob.

Yog hais tias txoj kev tsis tshwm sim, ua qhov kev txiav txim dua.

Tom qab txhaj rau cov ntaub ntawv download handler yuav muab tej ntaub ntawv.

Piv txwv li, koj muaj peev xwm sau ntawv mus rau txoj kab uas hais tias cov ntaub ntawv yog "yog li ntawd thiab thiaj li" lub npe twb tau ntse uploaded mus rau lub "xws thiab xws li" nplaub tshev. Ntawm cov hoob kawm, cov ntaub ntawv npe yuav tau muab yeej sib txawv.

Feem ntau, cov ntaub ntawv no yog siv los debug code. Yog li ntawd nws yog tau kom paub tseeb tias cov ntaub ntawv yog kis tau thiab sau tshwm sim nyob rau hauv cov yam directory. Uas yog, txawm cov ntaub ntawv npe yog tsis sau lwm tus. Vim qhov no ntxiv cov ntaub ntawv uas tus neeg siv tsis tau.

Nws ua rau kev txiav txim zoo mus tso zis lub npe xwb yog hais tias tus neeg siv downloads ntau yam ntaub ntawv. Xws li yog cov ntaub ntawv, xav txog ib tug me ntsis ntxiv. Wb tsis tau txais ua ntej ntawm peb tus kheej.

hloov

Nyob rau hauv PHP ntaub ntawv upload mus rau lub neeg rau zaub mov yuav tsum tau tej yam muaj nqis, uas yuav tsum tau ua nyob rau hauv lub php.ini cov ntaub ntawv. Qhov no cov ntaub ntawv muaj ib tug ntau ntawm chaw. Lawv tag nrho cov peb tsis tas yuav. Peb txaus siab nyob rau hauv peb kab lus no: file_uploads, upload_tmp_dir thiab upload_max_filesize.

Thov nco ntsoov tias cov chaw yuav muaj kev cuam tshuam tag nrho cov ntawm koj qhov chaw nyob rau hauv lub neeg rau zaub mov, tsis yog ib tug. Yog li ntawd, yuav teev lub siab tshaj plaws loj raws li nyob rau hauv lub fact tias koj yuav tau thauj cov neeg siv. Nws tsis pom zoo kom muab ib yam nkaus thiab loj.

Thaum koj hloov lub qhov tseem ceeb nyob rau hauv cov tsis, koj yuav tau pib dua lub neeg rau zaub mov. Txwv tsis pub cov chaw yuav pab tsis tau, raws li lawv nyeem thaum lub sij hawm ntawm lub neeg rau zaub mov load.

Koj yuav tau ua qhov no nyob rau hauv lub console los ntawm txuas ntawm SSH mus rau lub neeg rau zaub mov. Cias nkag mus rau qhov hais kom ua qhov kev pab httpd restart, thiab ces lub chaw yuav siv tau.

Lwm txoj kev - ib tug restart los ntawm ISP-vaj huam sib luag los yog los ntawm kev them nqi vaj huam sib luag kws kho mob.

array cov ntaub ntawv

Nyob rau hauv PHP ntaub ntawv upload yog ua los ntawm cov array $ _FILES. Nws muaj tag nrho cov lus qhia txog cov ntaub ntawv uas peb tau.

Yuav kom pom zoo li cas cov lus qhia yog muaj nyob rau hauv lub array, txaus sau nyob rau hauv cov ntaub ntawv handler nram qab no.

Xaiv tej ntaub ntawv thiab nias "Upload." Nyob rau handler nplooj yuav tso saib cov ntaub ntawv uas yog cia nyob rau hauv $ _FILES. Cov nce mus nce los yog sau nkaus nrog cov niam ntawv loj. PHP - ib hom lus-sensitive.

Raws li koj tau pom, nyob rau hauv no array muaj ib tug ntau ntawm cov teb. Tag nrho cov ntawm lawv yog cov tseem ceeb rau peb. Tus thawj teb muaj cov ntaub ntawv npe rau hauv daim ntawv nyob rau hauv uas nws yog siv nyob rau hauv koj lub computer.

Lub hom kem teev ntaub ntawv. Tmp_name teb sau raws nkaus Ii lub npe ntawm tus ib ntus ua ntaub ntawv thov. Tom qab qhov kawg ntawm tsab ntawv yuav muab deleted.

Cov kev ua yuam kev teb muaj ib qho yuam kev code. Qhov no yog ib me ntsis ntxiv. Loj - qhov luaj li cas nyob rau hauv bytes.

uas tsis

Nqa tawm los ntawm lub PHP ntaub ntawv upload yog yeej ib txwm nrog ib tug yuam kev code. Ib qho yuam kev lus nkag mus rau hauv lub "yuam kev". Lub screenshot kev ua yuam kev yog pes tsawg.

Xav txog cov nqi ntawm tag nrho cov uas tsis:

Nws twb hais tias saum toj no txog lub parameter uas yuav muab teev nyob rau hauv lub li ib txwm HTML.

Ntawm no yog ib cov qauv daim ntawv mus download tau cov ntaub ntawv, uas qhia ib tug txwv ntawm cov nyiaj uas lub uploaded ntaub ntawv.

PHP: cov ntaub ntawv upload tsab ntawv

Raws li tag nrho nqa tawm nyob rau hauv kev xyaum? Nyob rau hauv PHP ntaub ntawv upload tshwm sim daim ntawv hais kom ua. Yog hais tias koj xav nyob rau hauv cov nqe lus nug ntawm yuav ua li cas mus download tau ib cov ntaub ntawv, cov lus teb yog yooj yim copy-, uas siv ob tsis - qhov ua ntaub ntawv thov thiab cov lo lus uas peb cov ntaub ntawv.

Tab sis, raws li tau teev los saum no, nws tsis tau txwv rau kev ruaj ntseg yog vim li cas. Piv txwv li, mus saib zoo li cas ntawm cov ntaub ntawv peb nkoj, koj muaj peev xwm siv lub teb hom nyob rau hauv lub array $ _FILES. Ua ntej, peb nrog kev soj ntsuam, thiab ces tsiv mus rau tag nrho cov tsab ntawv

Wb hais tias koj xav tso cai rau cov neeg siv kom upload ib tug yees duab nrog ib tug daws teeb meem ntawm tsuas GIF, JPEG los yog PNG. Qhia nws yuav ua tau zoo li no.

Yog hais tias ($ _ ntaub ntawv [ 'file_upload'] [ 'hom']! = "duab / gif") {
ECHO "Thov txim, peb pab txhawb xwb daus Gif-ntaub ntawv";
tawm;
}

Yog hais tias koj xav mus nkoj tag nrho cov 3 hom, tsuas ntxiv ib qho ntxiv mob mus rau lwm yam hom duab.

Luam yuav ua li cas zoo li no: daim ntawv (duab 1, duab 2).

Nyob rau hauv peb cov ntaub ntawv, thaum ua hauj lwm yog daus los ntawm lub PC rau cov neeg rau zaub mov, koj yuav tau ua li ntawd

daim ntawv ($ _ ntaub ntawv [ 'file_upload'] [ "tmp_name"], "1.jpg")

Uas yog, cov ntaub ntawv yuav tsum tau theej uas muaj lub npe 1.jpg. Qhov no yog tsis nkaus muaj tseeb. Nyob rau hauv cov ntaub ntawv no, nws tsuas yog ib qho piv txwv. Cov ntaub ntawv npe yog yeej ib txwm tsim nyog los qhia kom meej sib txawv, thiab qhia kom meej qhov yuav ncua ntxiv, nyob ntawm seb cov ntaub ntawv.

Txiav txim seb tus extension yuav ua tau ntau txoj kev. Nws tag nrho cov nyob rau hauv lub tsim ntawm erudition. Ib tug ntawm cov ceev tshaj plaws txoj kev mus rau (ib tug sib txawv ntawm lub kaum ntawm vib nas this) txiav txim seb tus extension - qhov no yog qhov tom ntej no code.

$ Path_info = pathinfo ($ _ ntaub ntawv [ 'photo1'] [ "lub npe"]);

$ Ext = $ path_info [ 'extension'];

Cov nce mus nce los $ lub ext peb yuav cia cov kev kawm extension. Ib tug cov ntaub ntawv npe yuav teem rau ntawm random siv md5. Yog hais tias koj npaj mus download tau ib tug ntau ntawm cov ntaub ntawv, nws yog zoo dua rau nkoj lawv mus txawv folders. Yog li ntawd nws yuav ua tau ntau yooj yim. Nyob rau hauv kev, yog tias koj xav mus ntxuav tawm.

mus download tau lub code yuav ua tau li nram qab no.

/// Nrog yees duab

Yog hais tias ($ _FILES [ 'photo1'] [ 'tmp_name'] == thov)

{

echo ( "

Unknown cov ntaub ntawv.

Back ... ");

tawm;

}

///. Hais rau koj tej project rau cov neeg rau zaub mov yog tso cai rau thauj loj cov ntaub ntawv (video), tab sis muaj tsuas yog cov duab, thiab cov neeg siv yuav tsum tsis txhob

yog hais tias (($ _FILES [ "photo1"] [ "loj"]> 1024 * 1024 * 2)

{

?>

lub siab tshaj plaws pub luaj li cas ntawm 2 MB

Back ...

tawm;

}

// tsim folders

// tsim ib tug ntawv tais ceev tseg ntawm cov tam sim no lub hli

Yog hais tias (! file_exists ( "IMG /". hnub ( "M")))

{

mkdir ( "IMG /" hnub ( "M").);

}

// tsim ib tug ntawv tais ceev tseg ntawm cov tam sim no hnub

Yog hais tias (! file_exists ( "IMG /". hnub ( "M"). "/". hnub ( "d")))

{

mkdir ( "IMG /" hnub ( "M") "/" hnub ( "d") ...);

}

/// ntaub ntawv extension

$ Path_info = pathinfo ($ _ ntaub ntawv [ 'photo1'] [ "lub npe"]);

$ Ext = $ path_info [ 'extension'];

/// tsim filename

$ Id = md5 (hnub tim ( "YMd"));

yog hais tias (daim ntawv ($ _ ntaub ntawv [ 'photo1'] [ "tmp_name"], "IMG /". hnub ( "M"). "/". hnub ( "d"). "/". $ id. $ ext) )

{

echo ( "cov ntaub ntawv ntse uploaded");

}

/// tej yam ntxiv kev txiav txim (nkag rau hauv lub database, thiab hais txog. N.)

}

ntau yam ntaub ntawv

Uploading ntau yam ntaub ntawv (PHP) tshwm sim los ntawm txoj kev ntxiv teb rau hauv daim ntawv.

Qhov no txoj kev yog tsis zoo heev, raws li nws txwv tus naj npawb ntawm cov ntaub ntawv mus download tau. Ntxiv mus, nws yog suav tias yog phem daim ntawv nyob rau hauv lub cajmeem. Sim ua txhua yam li dynamic.

Qhov zoo tshaj plaws kev xaiv - nws yog ib tug xaiv ntawm ib tug loj tus naj npawb ntawm cov ntaub ntawv ib zaug los ntawm nias ib zaug xwb pob.

Ua li no, ua ib tug zoo zoo li no code.

Nco ntsoov tias lub ntau yam ntxiv ntawm cov lo lus, thiab lub npe yog muab raws li ib tug array []. Nyob rau hauv cov ntaub ntawv no, $ _FILES array yuav txawv me ntsis. Koj yuav tau txais ib tug array ntawm lub array.

Sim yuav dua siv lub var_dump ($ _ ntaub ntawv);

Tag nrho koj cov ntaub ntawv yuav tsum muab tso rau hauv lub array zoo li no:

1. $ _FILES [ "file1"] [ "lub npe"] [0]
2. $ _FILES [ "file1"] [ "lub npe"] [1]
3. Thiab yog li ntawd nyob rau hauv.

Nyob rau hauv koov yog sau cov ntaub ntawv tus xov tooj nyob rau hauv lub array. Suav ntawm xoom. Peb kho lawv nyob rau hauv tib txoj kev, cia li hais kom lub voj voog thiab hu rau saum toj no-piav code rau ntawm lub kawg ntawm lub Performance index ntxiv [$ i].

$ I = 0;

thaum ($ _FILES [ "file1"] [ "lub npe"] [$ i] <> '')

{

/// paste rau saum toj no code

}

Yog li, koj yuav muaj tshwm sim los ntawm ib tug PHP ntaub ntawv upload mus rau lub neeg rau zaub mov nyob rau hauv ib phaum tsis pub repetition ntawm cov code, raws li yog feem ntau rooj plaub yog tias koj siv lub version nrog ib tug zoo li qub naj npawb ntawm cov ntaub ntawv (yees duab kawg).