文件上傳驗證PHP的問題
[英]Issue with file uploads validation PHP
問題描述
我一直在與此有關的問題。 這非常不一致。 我有一個表格,其中有標題(輸入),簡短描述(輸入),完整描述(文本區域)和圖像上傳。 (以下所有相關代碼)。
在表單上按Submit之后,將運行PHP腳本來處理文件上傳。 在將每個文件從其臨時位置移動之前,它會經過一系列要驗證的if語句。 如果驗證階段失敗,則應用該條件的else語句,並根據問題將PHP會話“原因”設置為一個單詞。 (即$ _SESSION ['reason'] =“ invalidfile')。然后,將用戶重定向回表單頁面,在該頁面上,根據設置的“原因”,向用戶顯示特定錯誤。第一個驗證條件有效(檢查所有字段是否均已填寫。)但是,在那之后,它們都不起作用,除了有時它們確實起作用。
在這個問題上的任何幫助將不勝感激。 有時在Chrome中上傳圖片,但該頁面再也不會重定向到確認頁面,這也可能很有用。 這在Microsoft Edge中永遠不會發生。
HTML表單-標題,簡短描述,完整描述,圖像文件
// If there is a file uploaded when you redirect back from the confirm page and 'return' is set in the header.
if(isset($_SESSION['file'])){
// For every image uploaded:
for($i = 0; $i < count($_SESSION['file']['destination']); $i++){
// Delete the image because the user is forced to reupload them anyway.
unlink($_SESSION['file']['destination'][$i]);
}
// Unset the 'file' session now we don't need it anymore
unset($_SESSION['file']);
header("Location: index.php?page=createproject");
}
?>
<h1>Create Project</h1>
<p><a href="index.php?page=admin">Go back</a></p>
<form action="index.php?page=createprojectstorefiles" method="post" enctype="multipart/form-data">
<p>Project Title: <input type="text" name="title" maxlength="35" autocomplete="off"
<?php
if(isset($_SESSION['project_details'])){
echo "value='".$_SESSION['project_details']['title']."'";
}
?>
/></p>
<p>Project Images: <input type="file" name="file[]" accept=".png, .jpg, .jpeg" multiple/></p>
<p><label for="textarea" style="vertical-align: top; margin-right: 5px;">Short Descritption: </label><textarea name="short_description" rows="4" cols="60" maxlength="80" style="resize: none;"><?php
if(isset($_SESSION['project_details'])){
echo $_SESSION['project_details']['short_description'];
}
?></textarea></p>
<p><label for="textarea" style="vertical-align: top; margin-right: 5px;">Full Story: </label><textarea name="long_description" rows="15" cols="125" maxlength="5000" style="resize: none;"><?php
if(isset($_SESSION['project_details'])){
echo $_SESSION['project_details']['long_description'];
}
?></textarea></p>
<?php
// If a reason has been sent for the form not working and the user hasn't been logged out.
if(isset($_SESSION['reason'])){
// If a 'reason' has been sent for not logging in.
if(isset($_SESSION['reason'])){
// Tell the user the reason.
if($_SESSION['reason']=="noinput"){
echo "<p><font color='red'><span class='error'>You can't leave any boxes blank</span></font></p>";
} elseif($_SESSION['reason']=="invalidfile"){
echo "<p><font color='red'><span class='error'>The file must be a '.jpg', '.jpeg' or '.png'</span></font></p>";
} elseif($_SESSION['reason']=="uploaderror"){
echo "<p><font color='red'><span class='error'>There was an error uploading your image!</span></font></p>";
} elseif($_SESSION['reason']=="filetoolarge"){
echo "<p><font color='red'><span class='error'>Your file is too large. The max file size is 500MB</span></font></p>";
} elseif($_SESSION['reason']=="success"){
header("Location: index.php?page=createprojectconfirm");
} else{
echo "<p><font color='red'><span class='error'>Something went wrong in validation, contact a network administrator</span></font></p>";
}
// Once the user has been told, unset the session.
unset($_SESSION['reason']);
// Otherise, presume that it's due to an incorrect username or password.
} else{
echo "<p><font color='red'><span class='error'>Something went wrong in validation, contact a network administrator</span></font></p>";
}
}
?>
<p><button type="reset">Reset Form</button> <button type="submit" name="createproject">Preview Project</button></p>
</form>
PHP腳本-驗證並從temp文件夾移動上載的文件
// Make sure no reason is set.
if(isset($_SESSION['reason'])){
unset($_SESSION['reason']);
}
if(isset($_SESSION['file'])){
unset($_SESSION['file']);
}
// If the create project form has been submitted:
if(isset($_POST['createproject'])){
// Set all of the variables for the other text boxes in a session called 'project_details'.
$_SESSION['project_details']['title'] = $_POST['title'];
$_SESSION['project_details']['short_description'] = $_POST['short_description'];
$_SESSION['project_details']['long_description'] = $_POST['long_description'];
// If all of the fileds have been filled in:
if(!empty($_POST['title']) && $_FILES['file']['error'][0]=='UPLOAD_ERR_OK' && !empty($_POST['short_description']) && !empty($_POST['long_description'])){
// Count the number of files uploaded.
$fileCount = count($_FILES['file']['name']);
$_SESSION['file']['count'] = $fileCount;
// Do for every uploaded file.
for($i = 0; $i < $fileCount; $i++){
// Set all of the variables for the file upload (file $i).
$file = $_FILES['file'];
$_SESSION['file']['name'] = $_FILES['file']['name'][$i];
$_SESSION['file']['tmpName'] = $_FILES['file']['tmp_name'][$i];
$_SESSION['file']['size'] = $_FILES['file']['size'][$i];
$_SESSION['file']['error'] = $_FILES['file']['error'][$i];
$_SESSION['file']['type'] = $_FILES['file']['type'][$i];
$fileExt = explode(".", $_SESSION['file']['name']);
$_SESSION['file']['actualExt'] = strtolower(end($fileExt));
$allowed = array("jpg", "jpeg", "png");
// If the file type is allowed:
if(in_array($_SESSION['file']['actualExt'], $allowed)){
// If there was no error uploading the file:
if($_SESSION['file']['error'] == 0){
// If the file isn't too large:
if($_SESSION['file']['size'] < 500000){
// Move the file from the temporary location to the new destination and set $_SESSION['reason'] to success so the page redirects to the confirm page. This shouldn't have to be neccesary to make it work but it is. No body on earth knows why.
$fileNameNew = uniqid("", true).".".$_SESSION['file']['actualExt'];
$_SESSION['file']['destination'][$i] = "projects/uploads/".$fileNameNew;
move_uploaded_file($_SESSION['file']['tmpName'], $_SESSION['file']['destination'][$i]);
// Otherwise, inform the user.
} else{
for($i = 0; $i < count($_SESSION['file']['destination']); $i++){
// Delete the image because the user is forced to reupload them anyway.
unlink($_SESSION['file']['destination'][$i]);
}
$_SESSION['reason']="filetoolarge";
header("Location: index.php?page=createproject");
exit();
}
// Otherwise, inform the user.
} else{
for($i = 0; $i < count($_SESSION['file']['destination']); $i++){
// Delete the image because the user is forced to reupload them anyway.
unlink($_SESSION['file']['destination'][$i]);
}
$_SESSION['reason']="uploaderror";
header("Location: index.php?page=createproject");
exit();
}
// Otherwise, inform the user.
} else{
for($i = 0; $i < count($_SESSION['file']['destination']); $i++){
// Delete the image because the user is forced to reupload them anyway.
unlink($_SESSION['file']['destination'][$i]);
}
$_SESSION['reason']="invalidfile";
header("Location: index.php?page=createproject");
exit();
}
}
// After all the files have been uploaded, if the header function doesn't work, use the session method to redirect to the complete page.
if(!header("Location: index.php?page=createprojectconfirm")){
$_SESSION['reason']="success";
exit();
}
// Otherwise, inform the user.
} else{
$_SESSION['reason']="noinput";
header("Location: index.php?page=createproject");
exit();
}
} else{
header("Location: index.php?page=admin");
exit();
}
1 個解決方案
解決方案1
0 已采納 2019-02-22 12:48:30
問題在於第一段代碼。 如果用戶已從預覽頁面返回,則頂部的if語句將取消設置會話“文件”。 這包含在加載頁面時是否設置了“文件”的條件。 這種情況可能不僅存在於用戶因為選擇退出預覽頁面而導致的錯誤時,還可能存在。 然后,此if語句重新加載頁面,從而清除“原因”會話,並且不顯示錯誤。
我通過編輯if語句的條件來修復它。 通過添加檢查以確保未設置“原因”會話,即沒有錯誤,但用戶選擇返回:
if(isset($_SESSION['file']) && !isset($_SESSION['reason'])){
// For every image uploaded:
for($i = 0; $i < count($_SESSION['file']['destination']); $i++){
// Delete the image because the user is forced to reupload them anyway.
unlink($_SESSION['file']['destination'][$i]);
}
// Unset the 'file' session now we don't need it anymore
unset($_SESSION['file']);
header("Location: index.php?page=createproject");
}
PHP上傳文件-enctype =“ multipart / form-data”問題
[英]PHP uploads file - enctype=“multipart/form-data” issue
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.