我试过addslashes
& str_replace(" ' ", " ", $_FILES['file']['name'])
要逃避撇号或删除它但是没有任何区别,因为我仍然得到500内部服务器错误?这是我的代码
<?php
$whitelist = array('application/pdf',
'application/vnd.ms-excel',
'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
'application/msword',
'application/vnd.openxmlformats-officedocument.wordprocessingml.document');
if (isset($_POST['submit'])) {
$uploadname = str_replace("'", "", $_FILES['file']['name']);
$uploadsize = str_replace("'", "", $_FILES['file']['size']);
$uploadtype = str_replace("'", "", $_FILES['file']['type']);
$uploadtemp = str_replace("'", "", $_FILES['file']['tmp_name']);
/*
$uploadname = addslashes($_FILES['file']['name']);
$uploadsize = addslashes($_FILES['file']['size']);
$uploadtype = addslashes($_FILES['file']['type']);
$uploadtemp = addslashes($_FILES['file']['tmp_name']);
*/
if (empty($uploadname)) {
$message = "<b> * No File Selected</b>"; }
else if ($uploadsize > 5000000) {
$message = "<b> * 5MB Max Upload</b>"; }
else if (!in_array($uploadtype, $whitelist) && !empty($uploadname)) {
$message = "<b> * PDF, Excel orWord Format Only</b>"; }
else {
define('UPLOAD_DIR', '/home/moo/suppliers/');
$ext = pathinfo($uploadname, PATHINFO_EXTENSION);
$file = ''.rand(1,99999).'.'.$ext.'';
move_uploaded_file($uploadtemp, UPLOAD_DIR.$code.'/pricelists/'.$file);
$message = "<b> * File Uploaded</b>"; } }
?>
我使用的是str_replace
&amp; addslashes
函数在这种情况下是否正确?由于我的服务器错误日志为空,这个错误可能是由其他原因造成的吗?
答案 0 :(得分:1)
$ext = pathinfo($upload, PATHINFO_EXTENSION);
$ upload未定义。也可以使用elseif
代替else if