php允许最大上传文件_允许使用PHP上传文件

最新推荐文章于 2023-09-20 00:11:23 发布

cumao2792

最新推荐文章于 2023-09-20 00:11:23 发布

阅读量300

点赞数

文章标签： php mysql linux java html

原文链接：https://www.thoughtco.com/uploading-files-with-php-2693794

版权

php允许最大上传文件

HTML表格 ( The HTML Form )

If you want to allow visitors to your website to upload files to your web server, you need to first use PHP to create an HTML form that allows people to specify the file they want to upload. Although the code is all assembled later in this article (along with some warnings about security), this portion of the code should look like this:

如果要允许网站的访问者将文件上传到Web服务器，则需要首先使用PHP创建HTML表单，该表单允许人们指定他们要上传的文件。尽管代码将在本文的后面进行汇编(以及有关安全性的一些警告)，但是代码的这一部分应如下所示：

Please choose a file:

请选择一个文件：

This form sends data to your web server to the file named "upload.php," which is created in the next step.

该表单将数据发送到您的Web服务器，并发送到名为“ upload.php”的文件，该文件将在下一步中创建。

上载档案 ( Uploading the File )

The actual file upload is simple. This small piece of code uploads files sent to it by your HTML form.

实际的文件上传很简单。这小段代码上传了HTML表单发送给它的文件。

$target = "upload/";$target = $target . basename( $_FILES['uploaded']['name']) ;$ok=1; if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)){echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";}else {echo "Sorry, there was a problem uploading your file.";}?>

$ target =“ upload /”; $ target = $ target。 basename($ _FILES ['uploaded'] ['name']); $ ok = 1; if(move_uploaded_file($ _ FILES ['uploaded'] ['tmp_name']，$ target)){回显“文件”。 basename($ _FILES ['uploadedfile'] ['name'])。 “已上传”；}其他{echo“对不起，上传文件时出现问题。”;}？>

The first line $target = "upload/"; is where you assign the folder where files are uploaded. As you can see in the second line, this folder is relative to the upload.php file. If your file is at www.yours.com/files/upload.php, then it would upload files to www.yours.com/files/upload/yourfile.gif. Be sure you remember to create this folder.

第一行$ target =“ upload /”; 是您在其中分配文件上传文件夹的位置。如第二行所示，该文件夹是相对于upload.php文件的。如果您的文件位于www.yours.com/files/upload.php，则它将文件上传到www.yours.com/files/upload/yourfile.gif。确保记得创建该文件夹。

Then, you move the uploaded file to where it belongs using move_uploaded_file (). This places it in the directory specified at the beginning of the script. If this fails, the user is given an error message; otherwise, the user is told that the file has been uploaded.

然后，使用move_uploaded_file()将上载的文件移动到其所属的位置。这会将其放置在脚本开头指定的目录中。如果失败，则向用户显示错误消息。否则，将告知用户文件已上传。

限制文件大小 ( Limit the File Size )

You may want to limit the size of files being uploaded to your website. Assuming that you didn't change the form field in the HTML form—so it is still named "uploaded"—this code checks to see the size of the file. If the file is larger than 350k, the visitor is given a "file too large" error, and the code sets $ok to equal 0.

您可能希望限制上传到您的网站的文件的大小。假设您没有更改HTML表单中的form字段，因此它仍被命名为“ uploaded”，此代码将检查文件的大小。如果文件大于350k，则会向访问者显示“文件太大”错误，并且代码将$ ok设置为等于0。

if ($uploaded_size > 350000){echo "Your file is too large.";$ok=0;}

if($ uploaded_size> 350000){echo“您的文件太大。”; $ ok = 0;}

You can change the size limitation to be larger or smaller by changing 350000 to a different number. If you don't care about file size, leave these lines out.

您可以通过将350000更改为其他数字来将大小限制更改为更大或更小。如果您不关心文件大小，请忽略这些行。

按类型限制文件 ( Limit Files by Type )

Setting restrictions on the types of files that can be uploaded to your site and blocking certain file types from being uploaded are both wise.

明智的做法是对可以上传到您的网站的文件类型设置限制，并阻止某些文件类型被上传。

For example, this code checks to be sure the visitor is not uploading a PHP file to your site. If it is a PHP file, the visitor is given an error message, and $ok is set to 0.

例如，此代码检查以确保访客没有将PHP文件上传到您的网站。如果它是一个PHP文件，则会为访问者提供一条错误消息，并将$ ok设置为0。

if ($uploaded_type =="text/php"){echo "No PHP files";$ok=0;}

if($ uploaded_type ==“ text / php”){echo“没有PHP文件”; $ ok = 0;}

In this second example, only GIF files are allowed to be uploaded to the site, and all other types are given an error before setting $ok to 0.

在第二个示例中，仅允许将GIF文件上传到站点，并且在将$ ok设置为0之前，所有其他类型都将出现错误。

if (!($uploaded_type=="image/gif")) {echo "You may only upload GIF files.";$ok=0;}

if(！($ uploaded_type ==“ image / gif”)){回显“您只能上传GIF文件。”; $ ok = 0;}

You can use these two examples to allow or deny any specific file types.

您可以使用这两个示例来允许或拒绝任何特定的文件类型。

放在一起 ( Putting It All Together )

Putting it all together, you get this:

放在一起，您会得到：

$target = "upload/";$target = $target . basename( $_FILES['uploaded']['name']) ;$ok=1;//This is our size conditionif ($uploaded_size > 350000){echo "Your file is too large.";$ok=0;}//This is our limit file type conditionif ($uploaded_type =="text/php"){echo "No PHP files";$ok=0;}//Here we check that $ok was not set to 0 by an errorif ($ok==0){Echo "Sorry, your file was not uploaded";}//If everything is ok we try to upload itelse{if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)){echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";}else{echo "Sorry, there was a problem uploading your file.";}}?>

$ target =“ upload /”; $ target = $ target。 basename($ _FILES ['uploaded'] ['name']); $ ok = 1; //这是我们的大小条件，如果($ uploaded_size> 350000){echo“您的文件太大。”; $ ok = 0; } //这是我们的限制文件类型条件if($ uploaded_type ==“ text / php”){echo“ No PHP files”; $ ok = 0;} //在这里，我们检查了$ ok是否被设置为0 errorif($ ok == 0){Echo“对不起，您的文件尚未上传”;} //如果一切正常，我们尝试上传itelse {if(move_uploaded_file($ _ FILES ['uploaded'] ['tmp_name']， $ target)){回显“文件”。 basename($ _FILES ['uploadedfile'] ['name'])。 “已上传”；}其他{echo“很抱歉，上传文件时出现问题。“;}}？>

Before you add this code to your website, you need to understand the security implications outlined on the next screen.

在将此代码添加到网站之前，您需要了解下一屏概述的安全隐患。

关于安全性的最终想法 ( Final Thoughts About Security )

If you allow file uploads, you leave yourself open to people willing to unload undesirable things. One wise precaution is not to allow the upload of any PHP, HTML or CGI files, which could contain malicious code. This provides some safety, but it is not sure-fire protection.

如果您允许文件上传，那么您将对愿意卸载不需要的东西的人开放。一种明智的预防措施是不允许任何可能包含恶意代码PHP，HTML或CGI文件上传。这提供了一定的安全性，但不是肯定的防火保护。

Another precaution is to make the upload folder private so that only you can see it. Then when you see the upload, you can approve—and move it—or remove it. Depending on how many files you expect to receive, this could be time-consuming and impractical.

另一个预防措施是将上载文件夹设为私有，以便只有您可以看到它。然后，当您看到上载时，可以批准并移动它或将其删除。根据您希望接收多少文件，这可能很耗时且不切实际。

This script is probably best kept in a private folder. Don't put it somewhere where the public can use it, or you may end up with a server full of useless or potentially dangerous files. If you really want the general public to be able to upload to your server space, write in as much security as possible.

该脚本最好保存在一个专用文件夹中。不要将其放在公众可以使用的地方，否则最终可能会导致服务器上充满了无用或潜在危险的文件。如果您确实希望普通大众能够上载到您的服务器空间，请编写尽可能多的安全性。

翻译自: https://www.thoughtco.com/uploading-files-with-php-2693794

php允许最大上传文件

cumao2792

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
php允许最大上传文件_允许使用PHP上传文件

php允许最大上传文件 HTML表格 ( The HTML Form )If you want to allow visitors to your website to upload files to your web server, you need to first use PHP to create an HTML form that allows people to specif...
复制链接

扫一扫