zf Zend_File_Transfer_Adapter_Http 上传文件 File was illegally uploaded. This could be a possi

zf 开发用 Zend_File_Transfer_Adapter_Http();上传一个文件，出现以下错误

file upload error: Array ( [fileUploadErrorAttack] => File 'avatar' was illegally uploaded. This could be a possible attack )

百思不得其解

 

留意到有人也遇到这个问题，说法如下：

I also had this problem (fileUploadErrorAttack) with multi file upload (without Zend_Form) and was able to solve it for my setup:

$upload = new Zend_File_Transfer_Adapter_Http();

If you call
$upload->receive();
in your code you have to know that receive() renames all TMP files, regardless if
$upload->addFilter('Rename', .....
is defined!
For files withour rename filter it renames the file within the /tmp folder to whatever
$upload->getFileName(...
delivers for that file, which is the name sent by the browser (file name on the user's disk).

So I think there are two ways to get it right:
1) with $upload->receive(); handle all files at once (e.g. with a rename filter set for all files)
2) $upload->receive($fieldName); call seperately for each file (== name field in the form) in a loop

I think receive() without parameter "removes" everything from $_FILES[] (so to say); that's why the error appears as it does.

 

第二种说法：

  called $form->getValue('uploadfile') first.
after run upper code uploaded file(not tmp file) has been created in tmp directory.

我的问题为第二种说法，在windows/temp文件夹下看到过文件，但一直无法上传，于是修改代码

//$blogData = $formPhotoBlog->getValues();
       
       //上传和获取图片信息
       $adapter = new Zend_File_Transfer_Adapter_Http();
       $path = PUBLIC_PATH.'\photos';//date("Y-m").'/avatar/';
       $fileInfo = $adapter->getFileInfo();//获取基本文件信息

注释了一句，问题解决了。