文件上传不检查现有图像

时间:2013-02-10 02:03:57

标签: php file-upload file-exists

我从tidy-designs获得了以下代码,它工作正常,但不检查现有图像。当我再次上传相同的图像时,它会接受任何错误。我发现脚本在上传到新的随机名称后重命名文件,并且还试图查看新名称是否存在于保存图像的文件夹中。这意味着它为每个上传的图像提供了新的随机名称,并尝试检查新名称是否存在。如何检查现有图像?我是否需要删除重命名上传图像的功能?

     <?php

function uploadFile ($file_field = null, $check_image = false, $random_name = false) {

//Config Section    
//Set file upload path
$path = 'productpic/'; //with trailing slash
//Set max file size in bytes
$max_size = 2097152;
//Set default file extension whitelist
$whitelist_ext = array('jpg','png','gif');
//Set default file type whitelist
$whitelist_type = array('image/jpeg', 'image/png','image/gif');

//The Validation
// Create an array to hold any output
$out = array('error'=>null);

if (!$file_field) {
$out['error'][] = "Please specify a valid form field name";           
}

if (!$path) {
$out['error'][] = "Please specify a valid upload path";               
}

if (count($out['error'])>0) {
return $out;
}

//Make sure that there is a file
if((!empty($_FILES[$file_field])) && ($_FILES[$file_field]['error'] == 0)) {

// Get filename
$file_info = pathinfo($_FILES[$file_field]['name']);
$name = $file_info['filename'];
$ext = $file_info['extension'];

//Check file has the right extension           
if (!in_array($ext, $whitelist_ext)) {
  $out['error'][] = "Invalid file Extension";
}

//Check that the file is of the right type
if (!in_array($_FILES[$file_field]["type"], $whitelist_type)) {
  $out['error'][] = "Invalid file Type";
}

//Check that the file is not too big
if ($_FILES[$file_field]["size"] > $max_size) {
  $out['error'][] = "We are sorry, the image must be less than 2MB";
}

//If $check image is set as true
if ($check_image) {
  if (!getimagesize($_FILES[$file_field]['tmp_name'])) {
    $out['error'][] = "The file you trying to upload is not an Image, we only accept images";
  }
}

//Create full filename including path
if ($random_name) {
  // Generate random filename
  $tmp = str_replace(array('.',' '), array('',''), microtime());

  if (!$tmp || $tmp == '') {
    $out['error'][] = "File must have a name";
  }     
  $newname = $tmp.'.'.$ext;                                
} else {
    $newname = $name.'.'.$ext;
}

//Check if file already exists on server
if (file_exists($path.$newname)) {
  $out['error'][] = "the image you trying to upload already exists, please upload only once";
}

if (count($out['error'])>0) {
  //The file has not correctly validated
  return $out;
} 

if (move_uploaded_file($_FILES[$file_field]['tmp_name'], $path.$newname)) {
  //Success
  $out['filepath'] = $path;
  $out['filename'] = $newname;
  return $out;
} else {
  $out['error'][] = "Server Error!";
}

} else {
$out['error'][] = "No image uploaded";
return $out;
}      
}
?>

<?php
if (isset($_POST['submit'])) {
$file = uploadFile('file', true, true);
if (is_array($file['error'])) {
$message = '';
foreach ($file['error'] as $msg) {
  $message .= '<p>'.$msg.'</p>';    
}
} else {
$message = "File uploaded successfully";
}
echo $message;
}
?>
<form action="" method="post" enctype="multipart/form-data" name="form1" id="form1">
<input name="file" type="file" size="20" />
<input name="submit" type="submit" value="Upload" />
</form>

1 个答案:

答案 0 :(得分:0)

您无需删除任何代码 - 只需更改您调用该函数的方式。

该功能定义为:

function uploadFile ($file_field = null, $check_image = false, $random_name = false)

您可以看到$random_name变量作为参数传递给函数。如果设置为true,则会为上传的图像设置随机文件名。

你正在调用这个函数:

$file = uploadFile('file', true, true);

因此,您可以看到您传递的第三个参数(即与$random_name参数对应的是true

尝试将其更改为

$file = uploadFile('file', true, false);

停止该函数强制文件具有随机文件名。