如何显示上传带有不需要的扩展名的文件的错误?

时间:2014-12-30 13:25:25

标签: javascript php mysql database file-upload

我正在编写一个脚本,将文件上传到特定文件夹,如果所有条件都为真且一切正常,则将数据提交到数据库。该脚本检查文件大小,如果文件大小超过要求,则显示错误(正常工作)。

该脚本还检查上传的文件是否具有所需的扩展名,如果正常则文件上传,如果是不需要的扩展名,则不会上传(工作正常),但如果文件不在预期的扩展名中,则它也应该显示错误。

例如,如果有人上传.exe或zip或mp3或任何文件,则应显示“文件类型无效。仅允许JPG,PNG,GIF,JPEG,PDF和DOC文件。这是我面临错误的地方如何显示此消息?我应该放置什么代码以及在哪里?

这是我的剧本。

<?php error_reporting(0);

include'db.php';
if(isset($_POST['submit'])!=""){

$extension = substr($_FILES['photo']['name'], strrpos($_FILES['photo']['name'], '.'));

 $extension = strtolower($extension);


if( $extension == ".jpg" || $extension == ".jpeg" || $extension == ".gif" ||$extension == ".png" ||$extension == ".pdf" ||$extension == ".doc" ||$extension == ".docx" )
{

$name=$_FILES['photo']['name'];
$size=$_FILES['photo']['size'];
$type=$_FILES['photo']['type'];
$temp=$_FILES['photo']['tmp_name'];
$caption1=$_POST['caption'];
$link=$_POST['link'];

$limit_size=512000; // Define file size limit in Bytes.
$size_in_kb=1024; // File size in KB
$divide=$limit_size/$size_in_kb; // Dividing both the variables to get the size in KB.


if($size > $limit_size){
echo "<center>Your file size is over limit. Max upload size $divide KB.</center><BR>";
echo "<center><a href='form.php'>Try Again</a></center>";

}

else {
move_uploaded_file($temp,"admin/files/".$name);

$insert=mysql_query("insert into upload(name, fname, phone, email, message)values('$name','$_POST[fname]','$_POST[phone]','$_POST[email]','$_POST[message]')");
}

if($insert){
echo "<center><BR>Data submitted successfully.</center>";
}
else{ 
die(mysql_error());
}
}
}
?>
<html>
<head>
<title>Upload and Download</title>
</head>

<body>
<style>
h1 {font-family:Georgia, "Times New Roman", Times, serif; font-size:36px; color:#000000}
.formdesign {width: 350px; height: 300px; border:1px solid black; border-radius: 5px; margin-top: 75px; box-shadow: 10px 10px 5px #888888;}
.testbox {width:300px; height: 50px; border: 1px solid grey}
</style>
<center>
<div class="formdesign">

<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" enctype="multipart/form-data" name="form">
<table style="padding:7px; line-height:1;">
<tr>
<th><label for="fname">Name</label></th>
<td><input type="text" name="fname" id="fname" required maxlength="30"  style="width: 220px; height:30px;  font-size: 14px; font-family: georgia; text-indent: 15px;" placeholder="Your First Name"/></td>
</tr>

<tr>
<th><label for="phone">Phone</label></th>
<td><input type="text" name="phone" id="phone" required maxlength="15" style="width: 220px; height:30px;  font-size: 14px; font-family: georgia; text-indent: 15px;" placeholder="Your Phone Number"/></td>
</tr>

<tr>
<th>  <label for="email">Email</label></th>
<td>  <input type="text" name="email" style="width: 220px; height:30px;  font-size: 14px; font-family: georgia; text-indent: 15px;" placeholder="Your Email ID">
   </td>
</tr>

<tr>
<th><label for="message">Message</label></th>
<td> <textarea name="message" rows="4" cols="25" placeholder="Your message here!" maxlength="200">
</textarea> </td>
</tr>
</table><table border="0" cellspacing="0" cellpadding="5" id="table">
<tr>
<th >Chosse Files (Max 500KB)</th>
<td ><label for="photo"></label><input type="file" name="photo" id="photo" /></td>
</tr>
<tr>
<th colspan="2" scope="row"><input type="submit" name="submit" id="submit" value="Submit" /></th>
</tr>
</table>
</form>
</div></center>
<br />
<br />




</body>
</html> 

4 个答案:

答案 0 :(得分:0)

您省略了扩展名不正确的else {}部分

    <?php error_reporting(0);

        include'db.php';
        if(isset($_POST['submit'])!="")
        {

        $extension = substr($_FILES['photo']['name'], strrpos($_FILES['photo']['name'], '.'));

         $extension = strtolower($extension);


            if( $extension == ".jpg" || $extension == ".jpeg" || $extension == ".gif" ||$extension == ".png" ||$extension == ".pdf" ||$extension == ".doc" ||$extension == ".docx" )
            {

            $name=$_FILES['photo']['name'];
            $size=$_FILES['photo']['size'];
            $type=$_FILES['photo']['type'];
            $temp=$_FILES['photo']['tmp_name'];
            $caption1=$_POST['caption'];
            $link=$_POST['link'];

            $limit_size=512000; // Define file size limit in Bytes.
            $size_in_kb=1024; // File size in KB
            $divide=$limit_size/$size_in_kb; // Dividing both the variables to get the size in KB.


                if($size > $limit_size)
                {
                echo "<center>Your file size is over limit. Max upload size $divide KB.</center><BR>";
                echo "<center><a href='form.php'>Try Again</a></center>";

                }

                else 
                {
                move_uploaded_file($temp,"admin/files/".$name);

                $insert=mysql_query("insert into upload(name, fname, phone, email, message)values('$name','$_POST[fname]','$_POST[phone]','$_POST[email]','$_POST[message]')");
                }

                if($insert)
                {
                echo "<center><BR>Data submitted successfully.</center>";
                }
                else
                { 
                die(mysql_error());
                }
            }
            else
            {
                echo " wrong file type";
            }
        }
        ?>

答案 1 :(得分:0)

做同样的事情,而不是当你抓住太大的时候。 在你的其他地方,获取相同的代码与另一个错误消息,如错误的文件上传,只有这些格式......

答案 2 :(得分:0)

编辑“文件大小”条件,并替换:

$allowed_ext = explode(",", 'jpg,jpeg,gif'); //Extensions separated by coma

if($size > $limit_size){
echo "<center>Your file size is over limit. Max upload size $divide KB.</center><BR>";
echo "<center><a href='form.php'>Try Again</a></center>";

} else if(!in_array(pathinfo($name, PATHINFO_EXTENSION), $allowed_ext)) {
echo "<center>Your file is not allowed.</center><BR>";
echo "<center><a href='form.php'>Try Again</a></center>";
}

您只需替换此代码:

if($size > $limit_size){
echo "<center>Your file size is over limit. Max upload size $divide KB.</center><BR>";
echo "<center><a href='form.php'>Try Again</a></center>";

}

抱歉我的英语不好。

再见

答案 3 :(得分:0)

您只需要填充包含错误的数组并将其显示在表单的顶部。没有经过测试,但您的代码应该或多或少像这样的样本。

<?php
$allowedExt = array("jpg", "pdf"); // Add others allowed extenstions here
$errors = array();
if( !in_array($extension, $allowedExt)
{
    $errors[] = "Invalid file ext";
}
else {
    // Normal process
}
?>

<!--Inside the "View" at the top of form show errors-->    
<div class="formdesign">
    <?php
    if( !empty($errors)) :
        foreach($errors as $error) :
            echo "<p>{$error}</p>";
        endforeach;        
    endif;
    ?>
</div>