来自getimagesize(宽度和高度)的结果在PHP中是不正确的

时间:2015-04-01 15:44:34

标签: php height width getimagesize

我遇到了getimagesize()的问题。它发生在我上传图片但有时只是..

脚本应该检查头像的图像大小(profile-pic)。如果低于或等于200px X 200px则可以。

我还没有完成脚本,但缺少一些安全措施。但我完全混淆了为什么会发生这种情况以及为什么这种情况有时会发生。

我的剧本:

//UpdateAvatar
if(isset($_FILES['uploadAvatar']) AND (isset($_SESSION['user']) OR isset($_SESSION['dev']))) {
    //Upload
    $uploadDir = "../img/avatar/";//relative path (we're in php folder [one step back then img])
    $avatarExtension = pathinfo($_FILES['uploadAvatar']['name'], PATHINFO_EXTENSION);//avatar extension (jpg,png,gif)
    if($avatarExtension == "gif" || $avatarExtension == "jpeg" || $avatarExtension == "jpg" || $avatarExtension == "png") {
        $_FILES['uploadAvatar']['name'] = $LoginName."_avatar".".".$avatarExtension;//build new name (max 4 different avas [png/gif/jpg/jpeg] for one user)
        $uploadFile = $uploadDir.basename($_FILES['uploadAvatar']['name']);//'name' is the key (index) of the array
        $uploadFileRes = getimagesize($uploadFile);//resolutionArray = 0 => width | 1 => height
        if(($uploadFileRes[0] <= 200) && ($uploadFile[1] <= 200)) {//250x250

            if(move_uploaded_file($_FILES['uploadAvatar']['tmp_name'], $uploadFile)) {
                //Uploaded
                $newAvatarSql = "UPDATE UserLogIn SET Avatar = '$uploadFile' WHERE ID = '$rcSID'";
                mysql_query($newAvatarSql);
                $Avatar = $uploadFile;
            } else {//UploadFailed
                $ucfg_error_msg = "<span title=\"ServerSide failure\" onClick=\"killErrMsg(this)\" class=\"ucfgErrMsg\">Upload failed!</span>";
            }

        }else {//FileResolution  >(200x200)
            $errImageSize =  $uploadFileRes[0]." x ".$uploadFileRes[1];
            $ucfg_error_msg = "<span title=\"Your Avatar had: $errImageSize\" onClick=\"killErrMsg(this)\" class=\"ucfgErrMsg\">Avatar resolution was<br />greater than 200x200!</span>";
        }
    }else {//NotSupported Extension
        $ucfg_error_msg = "<span title=\"Supported: *.png | *.jpg | *.gif\" onClick=\"killErrMsg(this)\" class=\"ucfgErrMsg\">File-Extension not supported!</span>";
    }
}else {//NotLoggedIn or no Avatar submitted or "fresh Script" => No real error // but blank for JS
    $ucfg_error_msg = "<span class=\"ucfgErrMsg\"></span>";
}

1 个答案:

答案 0 :(得分:0)

您没有检查上传中的错误,这是您在上传文件时应首先考虑的事项。

在对$_FILES['uploadAvatar']['error']数组执行任何操作之前检查/测试$_FILES

See documentation

相关问题
最新问题