我的PHP图像验证有什么问题？

I'm having trouble figuring out why it is that when an image size is too big, I get the error 'Invalid File Type' 'Uploaded file is not an image' instead of getting 'File is too big' (The image validation/upload script I didn't completely write myself- I found the code and made it work with for my needs). Everything else seems to work fine except for this. Also I get the following warning

Warning: getimagesize(): Filename cannot be empty in C:\xampp\htdocs\minnow\includes\create-post.php on line 75

Here is my code

<?php
require_once('../dbconnect.php');
include_once( INCLUDES_PATH .'functions.php');

$body = $_POST["body"];
$image = 'image';
$user_id = $_SESSION['user_id'];

if( empty($_FILES[$image]['name']) ){
$has_image = 0;
}else{
$has_image = 1;
}

$postEmpty = 0;
$imageError = 0;

if( empty($_FILES[$image]['name']) && empty($body) ){
$postEmpty = 1;
die();
}

// validate post

if( $postEmpty == 0 && !empty($body) ){

    $cleanBody = clean_input($body);

}

// validate image (if any)

if( $has_image == 1 ){

    //check if directory exist if not create it
    if (!file_exists(HOME_PATH ."users/user_".$user_id)) {
        mkdir(HOME_PATH ."users/user_".$user_id, 0777, true);
    }
    if (!file_exists(HOME_PATH ."users/user_".$user_id."/posts")) {
        mkdir(HOME_PATH ."users/user_".$user_id."/posts", 0777, true);
    }
    //Set file upload path
    $path = "../users/user_".$user_id."/posts/"; //with trailing slash
    //Set max file size in bytes
    $max_size = 2000000;
    //Set default file extension whitelist
    $whitelist_ext = array('jpeg','jpg','png','gif');
    //Set default file type whitelist
    $whitelist_type = array('image/jpeg', 'image/jpg', 'image/png','image/gif');

    // Create an array to hold any output
    $errors = array();

    // Get filename
    $file_info = pathinfo($_FILES[$image]['name']);
    $name = $file_info['filename'];
    $ext = $file_info['extension'];

    //Check file has the right extension           
    if (!in_array($ext, $whitelist_ext)) {
        $errors[] = "Invalid file Extension";
    }

    //Check that the file is of the right type
    if (!in_array($_FILES[$image]["type"], $whitelist_type)) {
        $errors[] = "Invalid file Type";
    }

    //Check that the file is not too big
    if ($_FILES[$image]["size"] > $max_size) {
        $errors[] = "File is too big";
    }

    //If $check image is set as true
    if ( !getimagesize($_FILES[$image]['tmp_name']) ) {
        $errors[] = "Uploaded file is not a valid image";
    }

    //Create full filename including path
    if ($random_name) {
    // Generate random filename
        $tmp = str_replace(array('.',' '), array('',''), microtime());

    if (!$tmp || $tmp == '') {
        $errors[] = "File must have a name";
    }     
        $newname = $tmp.'.'.$ext;                                
    } else {
        $newname = $name.'.'.$ext;
    }

    //Check if file already exists on server
    if (file_exists($path.$newname)) {
        $errors[] = "A file with this name already exists";
    }

    if (count($errors)>0) {
    //The file has not correctly validated
        $imageError = 1;
    }

 // if no errors:

    // upload image (if any) and retrieve filename
    if( $imageError == 1 ){

        $ret_data = ['items' => $errors, 'responseCode' => 0];
        //content in $items must be in UTF-8
        echo json_encode($ret_data);
        die();

    }else{

        //Create full filename including path
        // Generate random filename
        $tmp = str_replace(array('.',' '), array('',''), microtime());

        if (!$tmp || $tmp == '') {
            $errors[] = "File must have a name";
        }     

        $newname = $tmp.'.'.$ext;                                

        //Check if file already exists on server
        if (file_exists($path.$newname)) {
            $errors[] = "A file with this name already exists";
        }

        if (count($errors)>0) {
        //The file has not correctly validated
            $imageError = 1;
            $ret_data = ['items' => $errors, 'responseCode' => 0];
            //content in $items must be in UTF-8
            echo json_encode($ret_data);
            die();

        } 
        if (move_uploaded_file($_FILES[$image]['tmp_name'], $path.$newname)) {

            $uploadSuccesfull = 1;

        }else {

            $ret_data = ['items' => $errors, 'responseCode' => 0];
            //content in $items must be in UTF-8
            echo json_encode($ret_data);
            die();
        }

    }
}


// if no errors:

// save post (with filename if any); if it fails, delete image (if any)
if( $has_image == 1 ){

$query = "INSERT INTO posts
        (user_id, body, image, has_image, date)
        VALUES
        ('$user_id', '$body', '$newname', '$has_image', now())";

}else{

    $query = "INSERT INTO posts
        (user_id, body, has_image, date)
        VALUES
        ('$user_id', '$body', '$has_image', now())";

}

$result = $db->query($query);

// send response

//check to make sure the user was added
if( $db->affected_rows == 1 ){

    $user_id = $_SESSION['user_id'];

    $post_id = $db->insert_id;

    $query = "SELECT post_id, body, image, has_image
            FROM posts
            WHERE post_id = $post_id
            LIMIT 1";
    $result = $db->query($query);

    if($result->num_rows == 1){
        $row = $result->fetch_assoc();
    }

    $queryuser = "SELECT *
                FROM users
                WHERE user_id = $user_id
                LIMIT 1";
    $resultuser = $db->query($queryuser);
    if($resultuser->num_rows == 1){
        $rowuser = $resultuser->fetch_assoc();
    }


if(!empty($row['avatar'])){ $userpic = $row['avatar']; }else{ $userpic = HOME_URL . 'img/avatar.jpg'; }

    if($row['has_image'] == 1){

    $data = "<article class='post'><div class='post-head cf'><a class='userpic' href=''><img src='$userpic' alt='".$rowuser['username']."'></a><a href='' class='username'>".$rowuser['username']."</a></div><img src='users/user_".$rowuser['user_id']."/posts/".$row['image']."' alt=''><div class='post-body'><div class='post-options'><a class='likes' href=''>156 likes</a></div><p><a class='username' href=''>".$rowuser['username']."</a>".$row['body']."</p><hr /><div class='cf'><a class='like hide-text' href='javascript:;'>Like This Post</a><form action='' class='comment'><input type='text' placeholder='Add a comment'></form></div></div></article>";
    echo json_encode($data, JSON_UNESCAPED_SLASHES);

 }else{ 

$data = "<article class='post no-img'><div class='post-head cf'><a class='userpic' href=''><img src='$userpic' alt='".$rowuser['username']."'></a><a href='' class='username'>".$rowuser['username']."</a></div><div class='post-body'><p><a class='username' href=''>".$rowuser['username']."</a>".$row['body']."</p><div class='post-options'><a class='likes' href=''>1 like</a></div><hr /><div class='cf'><a class='like hide-text' href='javascript:;'>Like This Post</a><form action='' class='comment'><input type='text' placeholder='Add a comment'></form></div></div></article>";
    echo json_encode($data, JSON_UNESCAPED_SLASHES);

}
    }else{

        $errors[] = "Server Error!";

        $ret_data = ['items' => $errors, 'responseCode' => 0];
        //content in $items must be in UTF-8
        echo json_encode($ret_data);

    }

die();

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
drydaenth257216154 2016-12-28 01:08
关注
It could be that the file was just not uploaded to the server.

Check $_FILES[$image]['error'] to see what may have gone wrong.

Refer to the error messages here.

Edit: After these lines:

$body = $_POST["body"]; $image = 'image'; $user_id = $_SESSION['user_id'];

Do this:

// check for error greater than zero if($_FILES[$image]['error'] > 0) { // something went wrong with the upload, handle the error echo $_FILES[$image]['error']; exit; // as an example to find out what the error was }

Then refer to http://php.net/manual/en/features.file-upload.errors.php to find out the reason.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

我的PHP图像验证有什么问题？ php
2016-12-28 00:22

回答 1 已采纳 It could be that the file was just not uploaded to the server. Check $_FILES[$image]['error'] to
Php图像验证 php
2011-08-31 16:31

回答 3 已采纳 PHP's operator precedence makes && bind tighter than ||, so your test is coming out as: if($type1
如何通过图像发送身份验证标头？ php
2013-12-17 20:20

回答 1 已采纳 As said before in comments, it has nothing to do with PHP. The button in your example just set th
PHP图像识别技术原理与实现
2020-12-18 20:14

其实图像识别技术与我们平时做的密码验证之类的没有什么区别，都是事先把要校验的数据入库，然后使用时将录入（识别）的数据与库中的数据做对比，只不过图像识别技术有一部分的容错性，而我们平时的密码验证是要100%...
如何在CodeIgniter中使用带jquery验证的ajax上传图像？ ajax html5 jquery php
2018-12-10 10:58

回答 2 已采纳 For image uploading via ajax you have to manually append image to FormData so change your code lit
在PHP中验证图像 php
2013-05-14 15:20

回答 2 已采纳 You could use getimagesize. It will return FALSE if the image could not be loaded. It has support
在laravel部分工作中验证图像 laravel php
2018-10-08 16:47

回答 2 已采纳 My problem with this is the way I was returning the session flash response call. If I echo the res
php图像验证码生成代码
2020-10-19 17:54

主要为大家详细介绍了php图像验证码的生成代码，具有一定的参考价值，感兴趣的小伙伴们可以参考一下
如何在php中验证图像数组 php
2010-07-19 06:32

回答 2 已采纳 You can check the count of the array, and if it's equal to 0, then throw an error: <?php i
Laravel图像和图像大小验证 laravel php
2014-07-24 17:12

回答 1 已采纳 I found the error, so I'm posting it should there be someone that is in need of this. Apperantly,
上传图像，验证无效 php
2013-11-24 05:53

回答 1 已采纳 all the conditions with $_FILES["path1"]["size"] < 0 is wrong. because it can be 0 or null or f
PHP制作简单的验证码验证
2022-04-27 05:02

黛琳ghz的博客什么是验证码❓ 验证码（CAPTCHA）是“Completely Automated Public Turing test to tell Computers and Humans Apart”（全自动区分计算机和人类的图灵测试）的缩写，是一种区分用户是计算机还是人的公共全自动...
图像大小验证无效 php
2014-12-10 06:15

回答 1 已采纳 Updated Code Snippet. $maxsize = '500000'; //Bytes $errors = array(); if (empty($_FI
php 边缘检测从图像中裁剪子图像
2022-03-23 10:16

迟钝的焼年的博客第二步：调用测试，返回黑白图像即可： $img_path = './test.png'; $img = new \OneImg\Border(); $dd = $img->setImg($img_path) ->scale(300, 300) ->outline() ->save(); 第三步：创建数据表：...
php正则网址验证,php使用正则表达式验证网址链接
2021-03-25 09:26

章其琢的博客之前折腾了一个短网址程序，过程挺顺利的，唯一就是在验证网址这一步卡了壳，...提到验证网址，我相信大多数人第一时间反应出来的都是正则表达式，的确，这很科学，但何奈自己正则太渣，平时想要匹配一段复杂的 H...
没有解决我的问题, 去提问

悬赏问题

¥15 Vue3 大型图片数据拖动排序
¥15 划分vlan后不通了
¥15 GDI处理通道视频时总是带有白色锯齿
¥20 用雷电模拟器安装百达屋apk一直闪退
¥15 算能科技20240506咨询（拒绝大模型回答）
¥15 自适应 AR 模型参数估计Matlab程序
¥100 角动量包络面如何用MATLAB绘制
¥15 merge函数占用内存过大
¥15 使用EMD去噪处理RML2016数据集时候的原理
¥15 神经网络预测均方误差很小但是图像上看着差别太大

我的PHP图像验证有什么问题？

1条回答 默认 最新

悬赏问题

1条回答默认最新