我试图在两天内制作一个文件上传表格,但似乎无法让它发挥作用。我的代码是检查文件的扩展名,但没有检查文件大小。我用谷歌搜索,尝试了不同的方法,但无法让它工作。有人可以帮忙吗?
这是代码 -
<?php
if(isset($_POST['carsubmit']))
{
foreach($_POST as $key=>$val)
${$key}=addslashes($val);
$allowed_filetypes = array('.jpg','.gif','.bmp','.png');
$max_filesize = 2097152;
$upload_path = "resumes/";
$filename = $_FILES['attachresume']['name'];
$file_tmp =$_FILES['attachresume']['tmp_name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);
$cardupcheck = "select * from `careers` where `email` = '$email'";
$cardupresult = mysql_query($cardupcheck);
if(mysql_num_rows($cardupresult)==1)
{
?>
<script type="text/javascript">
notification('You have already sent us!','error');
</script>
<?php
}
else
{
if(!in_array($ext,$allowed_filetypes)){
?>
<script type="text/javascript">
notification('Please check the file extension. Only jpg, png and gif are allowed!','error');
</script>
<?php
}
else if($file_tmp > $max_filesize){
?>
<script type="text/javascript">
notification('too large!','error');
</script>
<?php
}
else
{
move_uploaded_file($file_tmp,"resumes/".$filename);
$carquery = "INSERT INTO `careers` (`name`, `email`, `phone`, `aoi`, `qual`, `resume`) VALUES ('$name', '$email', '$phone', '$aoi', '$qual', '$filename')";
$carresult = mysql_query($carquery);
if($carresult)
{
?>
<script type="text/javascript">
notification('Thank you! We will get back to you soon!','success');
</script>
<?php
}
else
{
?>
<script type="text/javascript">
notification('There was an error. Please try after some time!','error');
</script>
<?php
}
}
}
}
?>
答案 0 :(得分:1)
您正在将文件大小与文件名进行比较。按$_FILES["attachresume"]["size"]获取上传文件的大小。请改用此代码
<?php
if(isset($_POST['carsubmit']))
{
foreach($_POST as $key=>$val)
${$key}=addslashes($val);
$allowed_filetypes = array('.jpg','.gif','.bmp','.png');
$max_filesize = 2097152;
$upload_path = "resumes/";
$filename = $_FILES['attachresume']['name'];
$file_tmp =$_FILES['attachresume']['tmp_name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);
$file_size = $_FILES["attachresume"]["size"]; // Here is the size of the uploaded file
$cardupcheck = "select * from `careers` where `email` = '$email'";
$cardupresult = mysql_query($cardupcheck);
if(mysql_num_rows($cardupresult)==1)
{
?>
<script type="text/javascript">
notification('You have already sent us!','error');
</script>
<?php
}
else
{
if(!in_array($ext,$allowed_filetypes)){
?>
<script type="text/javascript">
notification('Please check the file extension. Only jpg, png and gif are allowed!','error');
</script>
<?php
}
else if($file_size > $max_filesize){
?>
<script type="text/javascript">
notification('too large!','error');
</script>
<?php
}
else
{
move_uploaded_file($file_tmp,"resumes/".$filename);
$carquery = "INSERT INTO `careers` (`name`, `email`, `phone`, `aoi`, `qual`, `resume`) VALUES ('$name', '$email', '$phone', '$aoi', '$qual', '$filename')";
$carresult = mysql_query($carquery);
if($carresult)
{
?>
<script type="text/javascript">
notification('Thank you! We will get back to you soon!','success');
</script>
<?php
}
else
{
?>
<script type="text/javascript">
notification('There was an error. Please try after some time!','error');
</script>
<?php
}
}
}
}
?>
希望这有助于你
答案 1 :(得分:0)
这个工作 -
else if(($_FILES['attachresume']['size'] >= $max_filesize) || ($_FILES["attachresume"]["size"] == 0))