仅允许图像上传器PHP脚本中的图像和PDF类型

I have a script that allows only 1 image to be uploaded which works fine.

But right now it allows any and all types to uploaded.

How do I only allow jpg, jpeg, gif, png & PDF files to be the only ones allowed to upload?

Here is part of my code.

<?php  

// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);

// make a note of the directory that will recieve the uploaded files
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';

// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'multiple.upload.form.php';

// make a note of the location of the success page
$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'multiple.upload.success.php';

// name of the fieldname used for the file in the HTML form
$fieldname = 'file';

//echo'<pre>';print_r($_FILES);exit;

// Now let's deal with the uploaded files

// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded', 
                2 => 'html form max file size exceeded', 
                3 => 'file upload was only partial', 
                4 => 'no file was attached');

// check the upload form was actually submitted else print form
isset($_POST['submit'])
or error('the upload form is needed', $uploadForm);

// check if any files were uploaded and if 
// so store the active $_FILES array keys
$active_keys = array();
foreach($_FILES[$fieldname]['name'] as $key => $filename)
{
if(!empty($filename))
{
$active_keys[] = $key;
}
}

// check at least one file was uploaded
if (count($active_keys) < 1)
{ echo "<table border=\"0\" cellspacing=\"4\" cellpadding=\"4\"  style=\"border: 1px solid black; text-align: center; font-family: arial; font-size: 14px;\" width=\"600px\" align=\"center\">
<tr>
<td>
<font size=\"3\" color=\"red\"><strong><u>Upload Error</u></strong></font>
<br>
<br>
<b>You must upload one file.</b>
<br><br>
<a href=\"javascript: history.go(-1)\">Back to upload form</a>
<br>
</td>
</tr>
</table> <div style=\"display: none;\"> ";  }
//count($active_keys)
//or error('No files were uploaded', $uploadForm);

// check for standard uploading errors
foreach($active_keys as $key)
{
($_FILES[$fieldname]['error'][$key] == 0)
or error($_FILES[$fieldname]['tmp_name'][$key].': '.$errors[$_FILES[$fieldname]['error'][$key]], $uploadForm);
}

// check that the file we are working on really was an HTTP upload
foreach($active_keys as $key)
{
@is_uploaded_file($_FILES[$fieldname]['tmp_name'][$key])
or error($_FILES[$fieldname]['tmp_name'][$key].' not an HTTP upload', $uploadForm);
}

// make a unique filename for the uploaded file and check it is 
// not taken... if it is keep trying until we find a vacant one
foreach($active_keys as $key)
{
$now = time();
while(file_exists($uploadFilename[$key] = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name'][$key]))
{
$now++;
}
}

// now let's move the file to its final and allocate it with the new filename
foreach($active_keys as $key)
{
@move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key], $uploadFilename[$key])
or error('receiving directory insuffiecient permission', $uploadForm);
}

// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to the success page.


if($_FILES['file']['error'] === UPLOAD_ERR_INI_SIZE) {
    // Handle the error
    echo 'Your file is too large.';
    die();
}
// make an error handler which will be used if the upload fails
function error($error, $location, $seconds = 5)
{
echo "<table border=\"0\" cellspacing=\"4\" cellpadding=\"4\"  style=\"border: 1px solid black; text-align: center; font-family: arial; font-size: 14px;\" width=\"600px\" align=\"center\">
<tr>
<td>
<font size=\"3\" color=\"red\"><strong><u>Upload Error</u></strong></font>
<br>
<br>
<!--<b>Your proof is not a supported filetype.<br>
Please upload an image (jpg, gif, png, bmp file) or PDF file.
<br>
<br>
or</b>
<br>
<br>-->
<b>Your File Size is bigger then the maximum allowed - 2 MB.<br>
Please upload a smaller file.</b>
<br><br>
<a href=\"javascript: history.go(-1)\">Back to upload form</a>
<br>
</td>
</tr>
</table> <div style=\"display: none;\">";
}
/*
{
header("Refresh: $seconds; URL=\"$location\"");
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."
".
'"http://www.w3.org/TR/html4/strict.dtd">'."

".
'<html lang="en">'."
".
'<head>'."
".
'<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."

".
'<link rel="stylesheet" type="text/css" href="stylesheet.css">'."

".
'<title>Upload error</title>'."

".
'</head>'."

".
'<body>'."

".
'<div id="Upload">'."

".
'<h1>Upload failure</h1>'."

".
'<p>An error has occured: '."

".
'<span class="red">' . $error . '...</span>'."

".
' The upload form is reloading</p>'."

".
' </div>'."

".
'</html>';
exit;
} // end error handler
*/

// < input id="file1" name="file[]" type="file" style="border: 1px solid white;">
//$fi= $_POST['file[]'];
//$fi = "(0)";

$fi = array($_FILES['file']['name']['0'],$_FILES['file']['name']['1'],$_FILES['file']['name']['2']);

====EDIT====

I was able to get it to ONLY allow images, but now how to I allow PDF's to be uploaded also?

I added this code to my script.

foreach($active_keys as $key)
{
@getimagesize($_FILES[$fieldname]['tmp_name'][$key])
or error($_FILES[$fieldname]['tmp_name'][$key].' not an image', $uploadForm);
}    
duanlachu7344
duanlachu7344 库是PHP脚本可用的一组函数,允许它执行某些任务。因此,使用图像编辑库在PHP中打开文件,检查它是否是有效图像,如果没有,切换到PDF库,用PHP打开文件,检查它是否有效,如果没有,则拒绝上传。
大约 5 年之前 回复
dsnnvpobaljihv3490
dsnnvpobaljihv3490 是的,这就是你使用库的原因,而不是你自己系统上的程序。
大约 5 年之前 回复
dongwei6700
dongwei6700 我需要脚本来判断它们是图像还是PDF,而不是我......
大约 5 年之前 回复
dongze8698
dongze8698 尝试使用图像编辑库或PDF库打开文件。如果这些库指示文件有效,则它们通过验证。
大约 5 年之前 回复

2个回答



我能够通过以下代码实现此目的。</ p>

  $ thefilename =  $ _FILES [“file”] [“name”] [0]; 
/ 首先,检查后缀
(jpg,gif,png,bmp文件)或PDF文件
/
$ thefilesuffix = substr($ thefilename,-3);
// echo“&lt; p&gt;”。$ thefilesuffix。“&lt; / p&gt;&lt; hr /&gt;”;

switch($ thefilesuffix)
{
case“pdf “:case”PDF“:
/ 不需要做任何特殊的事情,
但是请注意大写版本
/
break;

case”jpg“:case”gif“:case”png“:case “bmp”:
case“JPG”:case“GIF”:case“PNG”:case“BMP”:
//只允许上传图像
foreach($ active_keys as $ key)
{
@ getimagesize($ _ FILES [$ fieldname] ['tmp_name'] [$ key])\也没有错误($ _ FILES [$ fieldname] ['tmp_name'] [$ key]。'不是图片',$ uploadForm);
}
//只允许上传图像
break;

default:
echo“&lt; table border = \”0 \“cellspacing = \”4 \“cellpadding = \”4 \“style = \” 边框:1px纯黑色; text-align:center; font-family:arial; font-size:14px; \“width = \”600px \“align = \”center \“&gt;
&lt; tr&gt;
&lt; td&gt;
&lt; font size = \”3 \“color = \”red \“&gt;&lt; strong&gt;&lt; u&gt;上传错误&lt; / u&gt;&lt; / strong&gt;&lt; / font&gt;
&lt; br&gt;
&lt; br&gt;
&lt; b&gt;您的证明必须是图片 (jpg,gif,png,bmp文件)或PDF文件。&lt; br&gt;
请上传其他文件。&lt; / b&gt;
&lt; br&gt;
&lt; br&gt;
&lt; a href = \“javascript: history.go(-1)\“&gt;返回上传表格&lt; / a&gt;
&lt; br&gt;
&lt; / td&gt;
&lt; / tr&gt;
&lt; / table&gt;&lt; div style = \”显示 :none; \“&gt;”; 退出;
break;
}
</ code> </ pre>
</ div>

展开原文

原文

I was able to achieve this with the code below.

$thefilename = $_FILES["file"]["name"][0];
/* first, check for suffix
(jpg, gif, png, bmp file) or PDF file */
$thefilesuffix = substr($thefilename, -3);
// echo "<p>".$thefilesuffix."</p><hr />";

switch($thefilesuffix)
{
case "pdf": case "PDF":
/* don't need to do anything special, 
but notice the capitalized versions */
break;

case "jpg": case "gif": case "png": case "bmp": 
case "JPG": case "GIF": case "PNG": case "BMP":
//ALLOWS ONLY IMAGES TO BE UPLOADED
foreach($active_keys as $key)
{
@getimagesize($_FILES[$fieldname]['tmp_name'][$key])
or error($_FILES[$fieldname]['tmp_name'][$key].' not an image', $uploadForm);
}   
//ALLOWS ONLY IMAGES TO BE UPLOADED
break;

default:
echo "<table border=\"0\" cellspacing=\"4\" cellpadding=\"4\"  style=\"border: 1px solid black; text-align: center; font-family: arial; font-size: 14px;\" width=\"600px\" align=\"center\">
<tr>
<td>
<font size=\"3\" color=\"red\"><strong><u>Upload Error</u></strong></font>
<br>
<br>
<b>Your proof must be an an image (jpg, gif, png, bmp file) or PDF file.<br>
Please upload a different file.</b>
<br>
<br>
<a href=\"javascript: history.go(-1)\">Back to upload form</a>
<br>
</td>
</tr>
</table> <div style=\"display: none;\">"; exit;
break;
}



只需在代码中附加以下行。 它会在移动到目录之前检查上传文件是image还是pdf。</ p>

  $ allowedExts = array(“gif”,“jpeg”,“jpg”,“png”,  “pdf”); 

$ temp = explode(“。”,$ _FILES [“file”] [“name”]);

$ extension = end($ temp);

\ nif(($ _FILES [“file”] [“type”] ==“image / gif”)
||($ _FILES [“file”] [“type”] ==“image / jpeg”)\ n ||($ _FILES [“file”] [“type”] ==“image / jpg”)
||($ _FILES [“file”] [“type”] ==“image / pjpeg”)\ n ||($ _FILES [“file”] [“type”] ==“image / x-png”)
||($ _FILES [“file”] [“type”] ==“image / png” )
||($ _FILES [“file”] [“type”] ==“application / pdf”)
&amp;&amp; in_array($ extension,$ allowedExts)){
//将上传代码放在这里
}其他{
//在此处输入错误消息
}
</ code> </ pre>
</ div>

展开原文

原文

Just attached the following line in your code. its will checks upload file is image or pdf before it move to directory.

$allowedExts = array("gif", "jpeg", "jpg", "png", "pdf");

$temp = explode(".", $_FILES["file"]["name"]);

$extension = end($temp);


if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "application/pdf") 
&& in_array($extension, $allowedExts)) {
    // put the upload code here
} else {
      // put error message here
}

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问
相关内容推荐