识别pdf文件并将其上传到文件夹

时间:2015-06-13 13:00:57

标签: php pdf mime identify

我使用这个PHP代码将图像上传到文件夹,但我也想允许上传pdf文件,所以我修改了一些代码:

<?php

    $target_dir = "extra_images/";
    $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
    $uploadOk = 1;
    $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
    $textFileType = pathinfo($target_file,PATHINFO_EXTENSION);

    // Check if image file is a actual image or fake image
    if(isset($_POST["submit"])) {
        $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
            if($check !== false) {
             //echo "<div class=\"alert alert-success\" role=\"alert\"><strong><span class=\"glyphicon glyphicon-ok\" aria-hidden=\"true\"></span> Correct image type.</strong></div>";
                    $uploadOk = 1;
                } else {
                    echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>File is not an image.</strong></div>";
                    $uploadOk = 0;
                }
            }
            // Check if file already exists
            if (file_exists($target_file)) {
                echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>File already exists.</strong></div>";
                $uploadOk = 0;
            }
            // Check file size
            if ($_FILES["fileToUpload"]["size"] > 3750000) {
                echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>Your file is too large.</strong></div>";
                $uploadOk = 0;
            }
            // Allow certain file formats
            if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" && $textFileType != "pdf" ) {
                echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>Only jpg, jpeg, png, gif and pdf (for the Plan Article) files are allowed.</strong></div>";
                $uploadOk = 0;
            }
            // Check if $uploadOk is set to 0 by an error
            if ($uploadOk == 0) {
                echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>The file was not uploaded.</strong></div>";
            // if everything is ok, try to upload file
            } else {
                if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {

                    echo "<div class=\"alert alert-success\" role=\"alert\">The file <strong>". basename( $_FILES["fileToUpload"]["name"]). "</strong> has been uploaded.</div><br>Please copy this filename: <span class=\"form-inline\"><input type=\"text\" value=\"". basename( $_FILES["fileToUpload"]["name"]). "\" class=\"form-control input-sm\" style=\"width:220px;\" /></span> And paste it in an empty Extra image field above and save the form.";
                } else {
                    echo "<div class=\"alert alert-danger\" role=\"alert\">There was an error uploading your file.</div>";
                }
    }
    echo "</br></br><p><button class=\"btn btn-default pull-right\" style=\"margin-right:5px;\" type=\"submit\" onclick=\"javascript:history.go(-1)\"><span class=\"glyphicon glyphicon-step-backward\" aria-hidden=\"true\"></span> Back</button></p>";
 ?>

我添加了这一点:

&& $textFileType != "pdf" and this: $textFileType = pathinfo($target_file,PATHINFO_EXTENSION);

但是我所做的这些更改无效,它仍会返回"this is not an image"消息。

代码的哪一部分标识文件类型? $ imageFileType是php用来识别文件类型的特殊变量吗?

我真的对此感到困惑。有人可以帮忙吗?

2 个答案:

答案 0 :(得分:0)

如果要检查扩展名,pdf的文件类型为application/pdf

但是,虽然您可以检查文件扩展名,但这不是识别文件是否为pdf的非常可靠的方法(它几乎可以为任何文件更改文件扩展名,创造了一个巨大的安全漏洞)。

虽然像getimagesize()这样的pdf中没有任何内容,但你仍然可以检查mime类型,这是一个相当好的步骤,如下所示:

    if (!empty($_FILES['fileToUpload']['tmp_name'])) {
            $finfo = finfo_open(FILEINFO_MIME_TYPE);
            $mime = finfo_file($finfo, $_FILES['fileToUpload']['tmp_name']);
            if ($mime != 'application/pdf') {

                echo 'this is not a PDF file!';
                exit();
            }

答案 1 :(得分:0)

感谢所有的帮助,经过一些代码摔跤,这是最终的功能版本:

<?php

            $target_dir = "extra_images/";
            $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
            $uploadOk = 1;
            $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);

            // Check if image file is a actual image or fake image
            /*if(isset($_POST["submit"])) {
                $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
                if($check !== false) {
                    //echo "<div class=\"alert alert-success\" role=\"alert\"><strong><span class=\"glyphicon glyphicon-ok\" aria-hidden=\"true\"></span> Correct image type.</strong></div>";
                    $uploadOk = 1;
                } else {
                    echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>File is not an image.</strong></div>";
                    $uploadOk = 0;
                }
            }*/
            // Check if file already exists
            if (file_exists($target_file)) {
                echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>File already exists.</strong></div>";
                $uploadOk = 0;
            }
            // Check file size
            if ($_FILES["fileToUpload"]["size"] > 3750000) {
                echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>Your file is too large.</strong></div>";
                $uploadOk = 0;
            }

            // Allow certain file formats
            /*if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) {
                echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>Only jpg, jpeg, png, gif and pdf (for the Plan Article) files are allowed.</strong></div>";
                $uploadOk = 0;
            }*/

            //Check for pdf format
            if (!empty($_FILES['fileToUpload']['tmp_name'])) {
                $finfo = finfo_open(FILEINFO_MIME_TYPE);
                $mime = finfo_file($finfo, $_FILES['fileToUpload']['tmp_name']);
                if (($mime != 'application/pdf') && ($mime != 'image/jpg') && ($mime != 'image/jpeg') && ($mime != 'image/gif') && ($mime != 'image/png')) {

                    $uploadOk = 0;
                    echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>This file is not a valid file.</strong></div>";

                    //exit();

                }} //this bracket was missing I think



            // Check if $uploadOk is set to 0 by an error
            if ($uploadOk == 0) {
                echo "<div class=\"alert alert-danger\" role=\"alert\"><strong>The file was not uploaded.</strong></div>";
            // if everything is ok, try to upload file
            } else {
                if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {

                    echo "<div class=\"alert alert-success\" role=\"alert\">The file <strong>". basename( $_FILES["fileToUpload"]["name"]). "</strong> has been uploaded.</div><br>Please copy this filename: <span class=\"form-inline\"><input type=\"text\" value=\"". basename( $_FILES["fileToUpload"]["name"]). "\" class=\"form-control input-sm\" style=\"width:220px;\" /></span> And paste it in an empty Extra image field above and save the form.";
                } else {
                    echo "<div class=\"alert alert-danger\" role=\"alert\">There was an error uploading your file.</div>";
                }
            }
            echo "</br></br><p><button class=\"btn btn-default pull-right\" style=\"margin-right:5px;\" type=\"submit\" onclick=\"javascript:history.go(-1)\"><span class=\"glyphicon glyphicon-step-backward\" aria-hidden=\"true\"></span> Back</button></p>";

?>

关于&amp;&amp; / ||问题,起初我也有使用||的想法运算符,我尝试了它并没有用,可能是因为我们使用!=进行比较所以如果某些文件不是jpg,而不是pdf ......等等它是不允许的并且得到错误信息和&amp; ; uploadOK = 0所以不会上传。

查看代码,这是写的,但仍违背我的逻辑:)

非常感谢您的帮助;)