2014-11-27 23:30
浏览 150

使用php readfile读取多个图像文件

I am trying to read multiple image files from a folder (.htaccess protected) and display in a HTML page using php readfile().

The problem is I can see only the first image is read and the next is not shown in the browser. The code is as below

$image1 = 'files/com_download\256\50\wwwes\icon\android\icon-36-ldpi.png';
$image2 = 'files/com_download\256\50\wwwes\icon\android\icon-48-mdpi.png';

$imginfo = getimagesize($image1);
header("Content-type: ".$imginfo['mime']);

$imginfo = getimagesize($image2);
header("Content-type: ".$imginfo['mime']);

I could see the first image 'icon-36-ldpi.png' successfully read and displayed in the browser and the second image is not read and not displayed in the browser.

Am I missing something? Any advice please.

Sorry if I am doing stupid but the requirement is to read multiple image files and render in the browser like a grid view. I cannot use img tag because of security reasons.

图片转代码服务由CSDN问答提供 功能建议

我正在尝试从文件夹中读取多个图像文件(.htaccess受保护)并使用php在HTML页面中显示 readfile()。

问题是我只能看到第一个图像被读取而下一个图像未显示在浏览器中。 代码如下

 $ image1 ='files / com_download \ 256 \ 50 \ www 
es \ icon \ android \ icon-36-ldpi  .png'; 
 $ image2 ='files / com_download \ 256 \ 50 \ www 
es \ icon \ android \ icon-48-mdpi.png'; 
 $ imginfo = getimagesize($ image1); 
header  (“Content-type:”。$ imginfo ['mime']); 
readfile($ image1); 
 $ imginfo = getimagesize($ image2); 
header(“Content-type:”。$ imginfo [  'mime']); 
readfile($ image2); 

我可以看到第一张图片'icon-36-ldpi.png' 在浏览器中成功阅读并显示,第二张图像未被阅读,也未在浏览器中显示。

我错过了什么吗? 请给我任何建议。

很抱歉,如果我做的很愚蠢,但要求是读取多个图像文件并在浏览器中像网格视图一样呈现。 出于安全原因,我不能使用img标签。

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • duanhe4267 2014-11-27 23:38

    You can't dump both images out at once. Why not make two images in your html so the browser makes two calls to your script. Then use a GET param to pass the filename you want to display.


    Important Security Note

    There is an attack vector which you open up when doing soething like this. Someone could easily view your source html and change the parameter to get your image script to output any file they want. They could even use "../../" to go up directories and search for well known files that exist. e.g. "../../../wp_config.php". Now the attacker has your wordpress database credentials. The correct way to prevent against this is to always validate the input parameter properly. For example, only output if the file name ends with ".jpg"

    点赞 打赏 评论

相关推荐 更多相似问题