如何使用php上传zip文件?
[英]How can I upload a zip file using php?
问题描述
I want people to be able to upload zip files to my server. 
我希望人们能够将zip文件上传到我的服务器。 I have a form for them to upload to and it redirects to an upload page. 我有一个表单供他们上传,然后重定向到上传页面。 I can successfully upload pictures (png and jpg) but whenever I try a zip I get several "undefined index errors on lines 4-8." 我可以成功上传图片(png和jpg),但每当我尝试拉链时,我会在第4-8行得到几个“未定义的索引错误”。 Here is my code. 这是我的代码。 If you want to check out the website, it should be available at gregsminecraft.dyndns.org:25566/file.php EDIT: I believe that it doesn't accept the large zip file, because I tried it with a smaller one and it worked. 如果您想查看该网站,请访问gregsminecraft.dyndns.org:25566/file.php编辑:我认为它不接受大型zip文件,因为我尝试使用较小的zip文件工作。 Is there a way to accept the larger zip files? 有没有办法接受更大的zip文件?
if ((($_FILES["file"]["type"] == "application/zip")
|| ($_FILES["file"]["type"] == "application/x-zip-compressed")
|| ($_FILES["file"]["type"] == "multipart/x-zip")
|| ($_FILES["file"]["type"] == "application/x-compressed")
|| ($_FILES["file"]["type"] == "application/octet-stream"))
&& ($_FILES["file"]["size"] < 20971520))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
1 个解决方案
解决方案1
3 2011-04-22 18:36:30
You say your upload form redirects after upload? 您说上传后的上传表单会重定向吗? Remember that PHP deletes any uploaded files when the script exits, unless you've taken steps to preserve the file. 请记住,除非您已采取措施保留文件,否则PHP会在脚本退出时删除所有上载的文件。 If your form POSTs to (say) "upload.php" which then redirects to "handle_upload.php", you have to actually handle the upload in the "upload.php" script, otherwise the file's gone. 如果您的表单POST(比如)“upload.php”然后重定向到“handle_upload.php”,则必须在“upload.php”脚本中实际处理上传,否则文件就会消失。
As well, don't trust the ['type'] and ['name'] parameters in the $_FILES array. 同样,不要相信$ _FILES数组中的['type']和['name']参数。 That's user-provided data and can be easily subverted. 这是用户提供的数据,很容易被破坏。 You're also using the user-supplied filename to store the file on your server. 您还使用用户提供的文件名将文件存储在服务器上。 Nothing says the user can't hack the upload form and call their file "../../../../etc/passwd" with a mime-type of "application.zip". 没有任何说明用户无法破解上传表格,并使用mime类型的“application.zip”调用他们的文件“../../../../etc/passwd”。 Your script would happily accept that and overwrite your server's password file. 您的脚本很乐意接受并覆盖服务器的密码文件。
The proper way to handle uploads, with error checking, is: 通过错误检查处理上传的正确方法是:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_FILES['file'])) {
if ($_FILES['file']['error'] === UPLOAD_ERR_OK) {
... file was succesfully uploaded, process it
} else {
... file upload failed, output error message, etc...
} else {
... no upload at all, not even an attempt
}
} else {
.... not in a POSt environment, so can't possibly have a file upload ...
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.