doulan2827
doulan2827
2012-10-10 12:02
浏览 26
已采纳

正确的方法来开始文件上传的服务器端验证

What is the right way to begin validation for data sent by a multipart/form form. I'll be receiving a file and 1 text identifier from a hidden field.

I'm not asking how to check for file type and size and all else. I can do that. What I'm asking is: in a normal form I do this:

<?php

If ($_POST)
{

if (isset($_POST['myField]) && $_POST['myField'] == 1)
{
//Proceed
}else{
echo 'Error';
}
}
else
{
echo 'Some Error';
}

?>

What is the best way to do this when it comes to multipart/form data.

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • doulouxun6756
    doulouxun6756 2012-10-10 12:16
    已采纳

    You'd want to use filter_input in a vanilla PHP setup...

    Something like this if you want to check that your text field contains an integer...

    $textInput = filter_input(INPUT_POST, 'myField', FILTER_VALIDATE_INT)
    

    For your file upload, you'll want to take a look at is_uploaded_file

    点赞 评论
  • doumeng06063991
    doumeng06063991 2012-10-10 14:08

    I'm not very clear what you want exactly. If you are wanted to know what are the things you should keep in mind while validating the file upload then probably the answer goes.

    1) You should definitely the check the file type/ mime type of the uploaded file. 2) You should not double extension file like "image.php.jpg" 3) You should check the file size, if its excedding 2MB then you need to increase the MAXIMUM FILE UPLOAD Size in php.ini, default is 2MB.

    Thanks, Uttam

    点赞 评论

相关推荐