ExtJS4 - 上传后上传图像的多文件上传和获取文件路径

时间:2015-01-19 03:42:17

标签: php json extjs file-upload

美好的一天。我正在构建一个ExtJS4 Web应用程序,我有一个部分,我可以成功上传文件导向器中的文件夹中的多个文件。我使用Ivan Novakov's library来实现这一目标。

我创建了一个按钮,在那个按钮的处理程序中,我有了这个代码:

var uploadPanel = Ext.create('Ext.ux.upload.Panel', {
    uploader : 'Ext.ux.upload.uploader.FormDataUploader',
    uploaderOptions : {
        url : 'uploadGallery.php'
    },
    synchronous : true
});

var uploadDialog = Ext.create('Ext.ux.upload.Dialog', {
    dialogTitle : 'My Upload Dialog',
    panel : uploadPanel
});



this.mon(uploadDialog, 'uploadcomplete', function(uploadPanel, manager, items, errorCount) {

    console.log('manager = ' + manager);
    console.log('items = ' + items);

    console.log('manager result = ' + manager.result);
    console.log('manager result message = ' + manager.message);
    console.log('manager status = ' + manager.status);
    console.log('manager filePath = ' + manager.filePath);

}, this);

uploadDialog.show();

我有自己的PHP文件上传处理程序:

<?php

require_once '_common.php';
$config = require_once '_config.php'; //require __DIR__ . '/_config.php';
$fileName = '';
$mimeType = '';
$fileSize = 0;

if (empty($_FILES)) {
    _error('No file received');
}

$pathArray = array();

foreach ($_FILES as $fileName => $fileData) {

        if (
            !isset($fileData['error']) ||
            is_array($fileData['error'])
        ) {
            die(json_encode(array(
                'success' => false,
                'status' => "Invalid Parameters.",
                'files' => $_FILES 
            )));
        }

        // Check $_FILES['fileToUpload']['error'] value.
        switch ($fileData['error']) {
            case UPLOAD_ERR_OK:
                break;
            case UPLOAD_ERR_NO_FILE:

                die(json_encode(array(
                    'success' => false,
                    'status' => "No file sent.",
                    'files' => $_FILES
                )));

            case UPLOAD_ERR_INI_SIZE:
            case UPLOAD_ERR_FORM_SIZE:
                die(json_encode(array(
                    'success' => false,
                    'status' => "Exceeded filesize limit.",
                    'files' => $_FILES
                )));

            default:
                die(json_encode(array(
                    'success' => false,
                    'status' => "Unknown errors.",
                    'files' => $_FILES
                )));
        }

        // You should also check filesize here. 
        if ($fileData['size'] > 1000000) {
                die(json_encode(array(
                    'success' => false,
                    'status' => "Exceeded File Size Limit.",
                    'files' => $_FILES
                )));
        }

        // DO NOT TRUST $_FILES['fileToUpload']['mime'] VALUE !!
        // Check MIME Type by yourself.
        $finfo = new finfo(FILEINFO_MIME_TYPE); 
        if (false === $ext = array_search(
            $finfo->file($fileData['tmp_name']),
            array(
                'jpg' => 'image/jpeg',
                'png' => 'image/png',
                'gif' => 'image/gif',
            ),
            true
        )) {
            die(json_encode(array(
                'success' => false,
                'status' => "Invalid file format.",
                'files' => $_FILES
            )));

        }

        // You should name it uniquely.
        // DO NOT USE $_FILES['fileToUpload']['name'] WITHOUT ANY VALIDATION !!
        // On this example, obtain safe unique name from its binary data.
        if (!move_uploaded_file(
            $fileData['tmp_name'],
            sprintf('./gallery/%s.%s',
                basename($fileData['tmp_name']),
                $ext
            )
        )) {
            die(json_encode(array(
                'success' => false,
                'status' => "Failed to move uploaded file.",
                'files' => $_FILES
            )));

        }
//          $uploadFile = sprintf('./gallery/%s.%s',
//              sha1_file($_FILES['fileToUpload']['tmp_name']);

            $uploaddir = '/gallery/';
            $name = $fileData["tmp_name"];

            $fullPath = sprintf('gallery/%s.%s',
                basename($fileData['tmp_name']),
                $ext
            );

            array_push($pathArray, $fullPath);

//          echo '{"success": true, "status": "file Uploaded successfully", "filePath" : "$filePath"}';
//          _response(true, sprintf("%s", $fullPath));
//          echo(json_encode(array(
//              'success' => true,
//              'status' => "File is uploaded successfully.",
//              'filePath' => "$fullPath"
//          )));
}
//_log(sprintf("[multipart] Uploaded %s, %s, %d byte(s)", $fileName, $mimeType, $fileSize));
// _response(true, $pathArray);

            print_r(json_encode(array(
                'success' => true,
                'status' => "File is uploaded successfully.",
                'filePath' => "$fullPath"
            )));


?>

我没有改变_common.php_config.php can be found here的大部分内容。

正如您所看到的,在我的PHP部分,我正在尝试将上传文件的filePath发送回ExtJS部分,我需要这个用于数据库输入过程。但是,我不知道如何在我的ExtJS代码中获取这个JSON对象,因为该函数只有4个参数(uploadPanel,manager,items,errorCount),到目前为止我还没有运气猜测哪一个将包含JSON响应。

任何人都可以帮我吗?很感谢任何形式的帮助。感谢。

1 个答案:

答案 0 :(得分:0)

我找到了一个相当粗略的解决方法来解决这个问题。我所做的是我使用上传的文件的原始文件名作为服务器文件系统中的文件名。这是 NOT 一个很好的解决方案。如果您需要将文件名保存到数据库并且文件名是SQL注入,那么您将遇到问题。 

// You should name it uniquely.
// DO NOT USE $_FILES['fileToUpload']['name'] WITHOUT ANY VALIDATION !!
// On this example, obtain safe unique name from its binary data.
move_uploaded_file(
    $fileData['tmp_name'],
    sprintf('./gallery/%s',
    basename($fileData['name'])

在这种情况下,$_FILES['fileToUpload']['name']$fileData['name'],请检查foreach循环的开头。

如上所述,如果不先检查并验证它,就不应该使用$_FILES['fileToUpload']['name']

这个问题仍然可以回答。

相关问题
最新问题