堆栈内存溢出
  简体   繁体   English

使用 php 清理上传的多张图片

[英]Sanitizing uploaded multiple images using php

 原文  2014-04-01 13:33:02       php

问题描述

I'm using this code for uploading multiple images.I want to add image sanitizing codes for preventing any attack.I also want to rename uploaded files to unique name using md5 hash algorithm..How can i do these things..Please help me..我正在使用此代码上传多个图像。我想添加图像清理代码以防止任何攻击。我还想使用 md5 哈希算法将上传的文件重命名为唯一名称..我该怎么做这些事情..请帮助我..

<?php

if($_SERVER['REQUEST_METHOD'] == "POST")
if(isset($_FILES['file']))
{
$count = 0;
$errors= array();
foreach($_FILES['file']['tmp_name'] as $key => $tmp_name )
{
$file_name = $key.$_FILES['file']['name'][$key];
$file_size =$_FILES['file']['size'][$key];
$file_tmp =$_FILES['file']['tmp_name'][$key];
$file_type=$_FILES['file']['type'][$key];  

$size = getimagesize($_FILES['file']['tmp_name'][$key]);
if ($size === FALSE) {
die("Oopz,This is not an image");
}


$enc_id= $_POST['form_id'].$_POST['name3'];
$md5folder = md5($enc_id); 
$upload_path ="uploads/".$md5folder;

if(!is_dir($upload_path))
{
mkdir($upload_path, 0777, true);
}

if(empty($errors)==true)
   {
move_uploaded_file($file_tmp,$upload_path.'/'.$file_name);
   }

}
?>

Also I want know does this part of code makes any sense?我也想知道这部分代码有意义吗?

$size = getimagesize($_FILES['file']['tmp_name'][$key]);
if ($size === FALSE) {
die("Oopz,This is not an image");
}

1 个解决方案

解决方案1
 0  2014-04-01 13:57:19

Use this to sanitize database inputs:使用它来清理数据库输入:

function cleanInput($input) {

$search = array(
'@<script[^>]*?>.*?</script>@si',   // Strip out javascript
'@<[\/\!]*?[^<>]*?>@si',            // Strip out HTML tags
'@<style[^>]*?>.*?</style>@siU',    // Strip style tags properly
'@<![\s\S]*?--[ \t\n\r]*>@'         // Strip multi-line comments
);

$output = preg_replace($search, '', $input);
return $output;
}
?>
<?php
function sanitize($input) {
if (is_array($input)) {
    foreach($input as $var=>$val) {
        $output[$var] = sanitize($val);
    }
}
else {
    if (get_magic_quotes_gpc()) {
        $input = stripslashes($input);
    }
    $input  = cleanInput($input);
    $output = mysql_real_escape_string($input);
}
return $output;
}

Use this to calculate md5 hash for the file name only:使用它来计算文件名的 md5 哈希值:

$image = "image1.jpg"; 
$filehash = md5($image );

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用PHP清理SVG - Sanitizing SVG using PHP 如何使用 PHP 删除文件夹中的多个上传图像 - How to delete multiple uploaded images in folder using PHP 如何在php中一次移动上传的多个图像 - how to move uploaded multiple images at once in php 上传的多个图像在 PHP MySqli 中删除多个图像上的选定图像 - Multiple Images Uploaded Remove Selected Image on Multiple Images in PHP MySqli 如何使用php比较两个上传的图片 - How to compare two uploaded images using php 如何使用php按类别订购上传的图像? - How to order uploaded images by category using php? 移动多个上传的图像 - Moving multiple uploaded images 使用PHP对URL进行消毒以实现SEO友好 - Sanitizing urls using php for seo friendly 使用Laravel上传多张图片 - Multiple images uploaded with Laravel 如何使用php验证多个上传文件? - How to validate multiple uploaded file using php?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM