使用php上传图像会产生错误

时间:2012-06-26 04:43:25

标签: php json forms xhtml

我有一个位于此处的表单http://brandybrowauto.com/npo3.html,代码如下。第一部分是html表单本身,它只收集一些信息,然后调用npo3.php来收集数据并上传图像并将一些json添加到文件中。虽然它仍然很混乱,需要大量的清理,我只想让功能本身工作。我有一些小的验证,但在我的测试期间,进入一个具有完整777权限的文件夹,我继续收到错误“此扩展程序不被允许,请仅上传图像。”这是我在php页面中的扩展检查程序。我不知道为什么我一直得到这个文件肯定是我在批准的数组中的类型之一。我在表单上有正确的enctype并将文件名存储在我在脚本中使用的变量中。每次尝试上传时都会发生什么想法?

<form action="npo3.php" method="post" enctype="multipart/form-data" name="add_car" onsubmit="checkForm();">
                                <table cellspacing="8" cellpadding="8" style="margin:0 auto;">
                                    <tr>
                                        <td>
                                            <table cellspacing="8" cellpadding="8">
                                                <tr>
                                                    <td>
                                                        <select name="make" id="make">
                                                            <option value="">- Select Make -</option>
                                                            <option value="Acura">Acura</option>
                                                            <option value="Audi">Audi</option>
                                                            <option value="BMW">BMW</option>
                                                            <option value="Buick">Buick</option>
                                                            <option value="Cadillac">Cadillac</option>
                                                            <option value="Chevrolet">Chevrolet</option>
                                                            <option value="Chrysler">Chrysler</option>
                                                            <option value="Daewoo">Daewoo</option>
                                                            <option value="Dodge">Dodge</option>
                                                            <option value="Eagle">Eagle</option>
                                                            <option value="Fiat">Fiat</option>
                                                            <option value="Ford">Ford</option>
                                                            <option value="Geo">Geo</option>
                                                            <option value="GMC">GMC</option>
                                                            <option value="Honda">Honda</option>
                                                            <option value="Hyundai">Hyundai</option>
                                                            <option value="Infiniti">Infiniti</option>
                                                            <option value="Isuzu">Isuzu</option>
                                                            <option value="Jaguar">Jaguar</option>
                                                            <option value="Jeep">Jeep</option>
                                                            <option value="Kia">Kia</option>
                                                            <option value="Land_Rover">Land Rover</option>
                                                            <option value="Lexus">Lexus</option>
                                                            <option value="Lincoln">Lincoln</option>
                                                            <option value="Mazda">Mazda</option>
                                                            <option value="Mercedes">Mercedes</option>
                                                            <option value="Mercury">Mercury</option>
                                                            <option value="Mitsubishi">Mitsubishi</option>
                                                            <option value="Nissan">Nissan</option>
                                                            <option value="Oldsmobile">Oldsmobile</option>
                                                            <option value="Plymouth">Plymouth</option>
                                                            <option value="Pontiac">Pontiac</option>
                                                            <option value="Porsche">Porsche</option>
                                                            <option value="Saab">Saab</option>
                                                            <option value="Saturn">Saturn</option>
                                                            <option value="Scion">Scion</option>
                                                            <option value="Subaru">Subaru</option>
                                                            <option value="Suzuki">Suzuki</option>
                                                            <option value="Toyota">Toyota</option>
                                                            <option value="Volkswagen">Volkswagen</option>
                                                            <option value="Volvo">Volvo</option>
                                                        </select>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="stock" id="stock" value="Stock#" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="name" id="name" value="Name" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="year" id="year" value="Year" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="mileage" id="mileage" value="Mileage" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="price" id="price" value="Price" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="desc" id="desc" value="Description" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                            </table>
                                        </td>
                                        <td>
                                            <table cellspacing="8" cellpadding="8">
                                                <tr>
                                                    <td>
                                                        &nbsp;
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 1:&nbsp;<input type="file" name="image1" id="image1" value="Image1"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 2:&nbsp;<input type="file" name="image2" id="image2" value="Image2"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 3:&nbsp;<input type="file" name="image3" id="image3" value="Image3"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 4:&nbsp;<input type="file" name="image4" id="image4" value="Image4"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 5:&nbsp;<input type="file" name="image5" id="image5" value="Image5"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input type="submit" name="submit" id="submit" value="Submit"/>
                                                    </td>
                                                </tr>
                                            </table>
                                        </td>
                                    </tr>
                                </table>
                            </form>

这是下面的npo3.php页面。它也做了很多其他的东西,但它在扩展检查期间的for循环期间我一直在点击消息。

<?php
$stock = $_POST["stock"];
$name = $_POST["name"];
$year = $_POST["year"];
$mileage = $_POST["mileage"];
$price = $_POST["price"];
$desc = $_POST["desc"];
$make2 = $_POST["make"];

$path2 = "images/PartsCars/".$make2."/info.json";
$string2 = file_get_contents($path2);
$data2 = json_decode($string2, true);

if($stock == ""){
    die('You need to enter a Stock # to match the image name. Please go back and fill in the Stock#.');
}
else {
    $data2[$stock] = array("name" => $name, "year" => $year, "mileage" => $mileage, "price" => $price, "description" => $desc);
}

for($i = 1; $i <= 5; $i++) {

    if($_FILES['image1']['name'] != "") {
        $filename = $_FILES['image'.$i]['name'];
        $filetmpname = $_FILES['image'.$i]['tmp_name'];
        $filetype = $_FILES['image'.$i]['type'];
        $filetype = strtolower($filetype);

        //check if files contain php or asp and kill it 
        $pos1 = strpos($filename,'php');
        $pos2 = strpos($filename,'asp');
        if(!($pos1 === false) && !($pos2 === false)) {
            die('You cannot upload that type of file to our system. Images only.');
        }

        //get the file ext
        $file_ext = strrchr($filename, '.');

        //check if extension is allowed or not
        $allowedExt = array(".jpg",".jpeg",".gif",".png",".JPG",".PNG"); 
        if (!(in_array($file_ext, $allowedExt))){
            die('This extension is not allowed, please upload images only.');
        }

        //check upload type
        $pos = strpos($filetype,'image');
        if($pos === false) {
            die('Only images types are allowed to be uploaded.');
        }
        $imageinfo = getimagesize($_FILES['image'.$i]['tmp_name']);
        if($imageinfo['mime'] != 'image/gif' && $imageinfo['mime'] != 'image/jpeg' && $imageinfo['mime'] != 'image/jpg' && $imageinfo['mime'] != 'image/png') {
            die('Only images types are allowed to be uploaded.');
        }

        //check double file type (image with comment)
        if(substr_count($filetype, '/')>1){
            die('Only images types are allowed to be uploaded.');
        }

        // upload to upload direcory 
        $uploaddir = 'images/PartsCars/'.$make2.'/' ;
        move_uploaded_file($filetmpname, $uploaddir.$filename);
    }
    else {
        die('Image 1 did not have any file selected. Please go back and select an image.');
    }
}

file_put_contents($path2, json_encode($data2));

$path = "images/PartsCars/".$make2."/";
$temp_files = scandir($path);
$string = file_get_contents("images/PartsCars/".$make2."/info.json");

$data = json_decode($string);
natsort($temp_files);
//$temp_files = array_reverse($temp_files);

echo '<a href="npo3.html"><button>+Add Car</button></a>';
echo '<table style="padding-left:20px;width:930px;">';

foreach($temp_files as $file) 
{
    if($file != "." && $file != ".." && $file != "Thumbs.db" && $file != basename(__FILE__) && $file != "info.json") 
    {
        echo '<tr>';        
        $info = pathinfo($file);
        $file_name =  basename($file,'.'.$info['extension']);
        $findme  = array(" (2)"," (3)"," (4)"," (5)");
        $findme2  = array(" (1)");
        $pos1 = strpos($file_name, $findme[0]);
        $pos2 = strpos($file_name, $findme[1]);
        $pos3 = strpos($file_name, $findme[2]);
        $pos4 = strpos($file_name, $findme[3]);
        $subpictures = str_replace($findme, "", $file_name);
        $subpictures2 = str_replace($findme2, "", $file_name);

        if ($pos1 !== false || $pos2 !== false || $pos3 !== false || $pos4 !== false) {
            echo '<script type="text/javascript">document.getElementById("'.$subpictures.'").innerHTML += "<a href=\"'.$path.$file.'\"><img src=\"'.$path.$file.'\" style=\"width:100px;height:80px;padding:10px;\"/></a>";</script>';
        }
        else {
            echo '<td style="border-bottom:1px #fff solid;width:240px;"><a href="'.$path.$file.'"><img src="'.$path.$file.'" alt="'.$file.'" style="width:200px;height:150px;padding:20px;"/></a></td>';
            echo '<td style="border-bottom:1px #fff solid;width:440px;">';
            echo '<span style="font-size:2em;padding:10px;color:#fff;font-weight:bold;">'.$data->{$file_name}->{'name'}.'</span><br/>';
            echo '<br/><span style="padding-left:10px;">Year: '.$data->{$file_name}->{'year'}.'</span>';
            echo '<br/><span style="padding-left:10px;">Mileage: '.$data->{$file_name}->{'mileage'}.'</span>';
            echo '<br/><span style="padding-left:10px;">Price: '.$data->{$file_name}->{'price'}.'</span>';
            echo '<br/><span style="padding-left:10px;">Description: '.$data->{$file_name}->{'description'}.'</span>';
            echo '<br/><br/><span style="padding-left:10px;">Please <a href="contact.php">contact us</a> for more details.</span></td>';
            echo '<td style="border-bottom:1px #fff solid;width:250px;" id="'.$subpictures2.'"></td></tr>';
        }
    }
}
echo '</table>'; 

?>

2 个答案:

答案 0 :(得分:2)

我想这个

for($i = 1; $i <= 5; $i++) {
    if($_FILES['image1']['name'] != "") {

应该是

for($i = 1; $i <= 5; $i++) {
    if($_FILES['image'.$i]['name'] != "") {

还要调试扩展程序:

echo "Image $i:". $file_ext = strrchr($filename, '.');

如果你想要上传一个文件,你可以添加一个标志,如下所示。

$fileUpload = false;
for($i = 1; $i <= 5; $i++) 
{
    if($_FILES['image'.$i]['name'] != "") 
    {
        .....
        .....
        move_uploaded_file($filetmpname, $uploaddir.$filename);
        $fileUpload = true;
    }    
}
if(!$fileUpload) 
{
    die('Please go back and select atleast one image.');
}

答案 1 :(得分:1)

如果您收到扩展程序检查错误,那么您没有正确检查扩展程序,因为我们不确定扩展名是小写字母还是大写字母,然后将文件名以一种格式使用strtolower()函数,请参阅image upload and resize的帖子:

        $filename = strtolower($filename); // Name of the file uploaded by you
        $extension = strrchr( $filename, '.' );
        $auth_exten = array('.jpg', '.jpeg', '.png', '.gif');

        if( in_array( $extension, $auth_exten ) ){
            return true;
        }
        else{
            return false;
        }