文件上传不检查现有图像
Posted
技术标签:
【中文标题】文件上传不检查现有图像【英文标题】:file upload doesn't check for existing image 【发布时间】:2013-01-25 11:29:34 【问题描述】:我从 tidy-designs 获得了以下代码,它工作正常,只是它不检查现有图像。当我再次上传相同的图像时,它会毫无错误地接受。我发现脚本在上传到新的随机名称后重命名文件,并且它还试图查看新名称是否存在于保存图像的文件夹中。这意味着它为每个上传的图像提供新的随机名称,并尝试检查新名称是否存在。如何检查现有图像?我需要删除重命名上传图片的功能吗?
<?php
function uploadFile ($file_field = null, $check_image = false, $random_name = false)
//Config Section
//Set file upload path
$path = 'productpic/'; //with trailing slash
//Set max file size in bytes
$max_size = 2097152;
//Set default file extension whitelist
$whitelist_ext = array('jpg','png','gif');
//Set default file type whitelist
$whitelist_type = array('image/jpeg', 'image/png','image/gif');
//The Validation
// Create an array to hold any output
$out = array('error'=>null);
if (!$file_field)
$out['error'][] = "Please specify a valid form field name";
if (!$path)
$out['error'][] = "Please specify a valid upload path";
if (count($out['error'])>0)
return $out;
//Make sure that there is a file
if((!empty($_FILES[$file_field])) && ($_FILES[$file_field]['error'] == 0))
// Get filename
$file_info = pathinfo($_FILES[$file_field]['name']);
$name = $file_info['filename'];
$ext = $file_info['extension'];
//Check file has the right extension
if (!in_array($ext, $whitelist_ext))
$out['error'][] = "Invalid file Extension";
//Check that the file is of the right type
if (!in_array($_FILES[$file_field]["type"], $whitelist_type))
$out['error'][] = "Invalid file Type";
//Check that the file is not too big
if ($_FILES[$file_field]["size"] > $max_size)
$out['error'][] = "We are sorry, the image must be less than 2MB";
//If $check image is set as true
if ($check_image)
if (!getimagesize($_FILES[$file_field]['tmp_name']))
$out['error'][] = "The file you trying to upload is not an Image, we only accept images";
//Create full filename including path
if ($random_name)
// Generate random filename
$tmp = str_replace(array('.',' '), array('',''), microtime());
if (!$tmp || $tmp == '')
$out['error'][] = "File must have a name";
$newname = $tmp.'.'.$ext;
else
$newname = $name.'.'.$ext;
//Check if file already exists on server
if (file_exists($path.$newname))
$out['error'][] = "the image you trying to upload already exists, please upload only once";
if (count($out['error'])>0)
//The file has not correctly validated
return $out;
if (move_uploaded_file($_FILES[$file_field]['tmp_name'], $path.$newname))
//Success
$out['filepath'] = $path;
$out['filename'] = $newname;
return $out;
else
$out['error'][] = "Server Error!";
else
$out['error'][] = "No image uploaded";
return $out;
?>
<?php
if (isset($_POST['submit']))
$file = uploadFile('file', true, true);
if (is_array($file['error']))
$message = '';
foreach ($file['error'] as $msg)
$message .= '<p>'.$msg.'</p>';
else
$message = "File uploaded successfully";
echo $message;
?>
<form action="" method="post" enctype="multipart/form-data" name="form1" id="form1">
<input name="file" type="file" size="20" />
<input name="submit" type="submit" value="Upload" />
</form>
【问题讨论】:
【参考方案1】:您无需删除任何代码 - 只需更改调用函数的方式即可。
函数定义为:
function uploadFile ($file_field = null, $check_image = false, $random_name = false)
您可以看到$random_name 变量作为参数传递给函数。如果设置为true,它将为上传的图像设置一个随机文件名。
你是这样调用函数的:
$file = uploadFile('file', true, true);
所以你可以看到你传递的第三个参数(即对应$random_name参数是true。
尝试将其更改为
$file = uploadFile('file', true, false);
阻止函数强制文件具有随机文件名。
【讨论】:
我应该在哪里改变它?我所做的是将 null 和 false 更改为 file 和 true。你是这个意思吗?我有点困惑。即使这样做也不会检查。谢谢 不要更改函数定义,更改调用函数的位置 - 进行我在回答中建议的更改 具体在哪里?我仍然很困惑。 //创建完整的文件名,包括路径 if ($random_name) ... 那就是函数被调用的地方.. 那我应该改变什么? 不,这不是函数被调用的地方。将此行$file = uploadFile('file', true, true); 更改为 $file = uploadFile('file', true, false);。它位于代码的底部。
为你澄清一下,“函数”是uploadFile以上是关于文件上传不检查现有图像的主要内容,如果未能解决你的问题,请参考以下文章