[英]Validation upload image file PHP
我要上传文件时遇到问题,脚本对类型为jpg,png的图像文件进行了验证,当我成功上传图像文件时,但是当我尝试上传不同的文件类型(如doc,pdf等)时,出现通知/ alert如果文件类型错误,但是数据文件仍设法进入数据库和文件夹,则仅用于宣告类型文件的脚本是错误的,但仍保存数据...
这是我的剧本
$image=$_FILES['upload']['name'];
$typeGambar = array('image/bmp', 'image/gif', 'image/jpg', 'image/jpeg', 'image/png');
if(!in_array($_FILES['upload']['type'][$i],$typeGambar)){
echo"<meta http-equiv='refresh' content='0; url=home.php?p=product'>";
}
$sql = mysql_query("INSERT INTO `t_product` (`id_product`,`product`,`category`,`material`,`ink`,`price`,`status`,`date`) VALUES ('$idproduct','$product','$category','$material','$ink','$price','$status',NOW());");
if ($sql) {
$last_id = mysql_insert_id();
foreach ($_POST['size'] as $select){
$sql2 = mysql_query("INSERT INTO `t_productsize` (`id_product`,`id_size`) VALUES ('$last_id','$select');");
}
$total = count($_FILES['upload']['name']);
// Loop through each file
for($i=0; $i<$total; $i++) {
//Get the temp file path
$tmpFilePath = $_FILES['upload']['tmp_name'][$i];
$fileError = $_FILES['upload']['error'][$i];
$typeGambar = array('image/bmp', 'image/gif', 'image/jpg', 'image/jpeg', 'image/png');
if(!in_array($_FILES['upload']['type'][$i],$typeGambar)){
echo'<script>
alert("Failed insert data!!");
</script>';
}
elseif($fileSize=$_FILES['gambar']['size']< 20000 || $fileError < 20000){
//Make sure we have a filepath
if ($tmpFilePath != ""){
$newfilename= date('dmYHis').str_replace(" ", "", basename($_FILES["upload"]["name"]));
//Setup our new file path
$newFilePath = "images_product/".$newfilename . $_FILES['upload']['name'][$i];
$nameImage = $newfilename . $_FILES['upload']['name'][$i];
//Upload the file into the temp dir
if(move_uploaded_file($tmpFilePath, $newFilePath)) {
//Handle other code here
$sql3 = mysql_query("INSERT INTO `t_productimage` (`id_product`,`image`) VALUES ('$last_id','$nameImage');");
}
}
}
}
echo '<script>
window.location="home.php?p=product";
</script>';}
else {
echo'<script>
alert("Failed insert data!!");
</script>';
}
非常感谢您的回复
尝试这个
$image=$_FILES['upload']['name'];
$typeGambar = array('image/bmp', 'image/gif', 'image/jpg', 'image/jpeg', 'image/png');
if(!in_array($_FILES['upload']['type'][$i],$typeGambar)){
echo"<meta http-equiv='refresh' content='0; url=home.php?p=product'>"; }
else {
$sql = mysql_query("INSERT INTO `t_product` (`id_product`,`product`,`category`,`material`,`ink`,`price`,`status`,`date`) VALUES ('$idproduct','$product','$category','$material','$ink','$price','$status',NOW());");
if ($sql) {
$last_id = mysql_insert_id();
foreach ($_POST['size'] as $select){
$sql2 = mysql_query("INSERT INTO `t_productsize` (`id_product`,`id_size`) VALUES ('$last_id','$select');");
}
$total = count($_FILES['upload']['name']);
// Loop through each file
for($i=0; $i<$total; $i++) {
//Get the temp file path
$tmpFilePath = $_FILES['upload']['tmp_name'][$i];
$fileError = $_FILES['upload']['error'][$i];
$typeGambar = array('image/bmp', 'image/gif', 'image/jpg', 'image/jpeg', 'image/png');
if(!in_array($_FILES['upload']['type'][$i],$typeGambar)){
echo'<script>
alert("Failed insert data!!");
</script>';
}
elseif($fileSize=$_FILES['gambar']['size']< 20000 || $fileError < 20000){
//Make sure we have a filepath
}
else {
if ($tmpFilePath != ""){
$newfilename= date('dmYHis').str_replace(" ", "", basename($_FILES["upload"]["name"]));
//Setup our new file path
$newFilePath = "images_product/".$newfilename . $_FILES['upload']['name'][$i];
$nameImage = $newfilename . $_FILES['upload']['name'][$i];
//Upload the file into the temp dir
if(move_uploaded_file($tmpFilePath, $newFilePath)) {
//Handle other code here
$sql3 = mysql_query("INSERT INTO `t_productimage` (`id_product`,`image`) VALUES ('$last_id','$nameImage');");
}}
}
}
}
echo '<script>
window.location="home.php?p=product";
</script>';}
else {
echo'<script>
alert("Failed insert data!!");
</script>';
}}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.