PHP FTP_PUT上传到目录

时间:2015-06-25 08:38:31

标签: php ajax file-upload

我自己从一本名为“PHP the Complete Reference - PHP5.2”的书中学习PHP 我目前在第11章FTP,上传,删除,makedir等,但遇到了本书未涉及的一些问题:

根据我的教科书,这是一个上传到服务器的简单代码:

$connect=ftp_connect("johnsite.com");
$result=ftp_login($connect,"john@johnsite","johnnyWalker");
if(!$result){
echo'Could not connect to Server';  
}
$result=ftp_put($connect,'myFile.php',FTP_ASCII);
echo'UPLOADING FILE......';
if($result){
    echo'File Uploaded!';
}

我的问题:

  1. 上传到哪个目录,如果我想上传到目录,我将如何修改代码public_html/images/myFile.jpg

  2. 在示例中myFile.php是硬编码的,如果我希望用户选择要上传的文件怎么办?假设你可以这样做,我是否正确:

    <input type="file" name="myFile" value="upload a file" />
<input type="submit" name="upload" />

if(isset($_POST['upload'])){
    $fileName=$_POST['myFile']; //file is now assigned to var name
    $result=ftp_put($connect,$fileName,FTP_ASCII); //file linked to var name being uploaded
}

  3. 这是最有效的安全方式吗?

    4. 感谢您阅读

2 个答案:

答案 0 :(得分:3)

1。 如果要上传到目录public_html / images / 

$destination_path = "public_html/images/"; 
$result=ftp_put($connect, $destination_path . 'myFile.php', FTP_ASCII);

2 

<form method="POST" action="" enctype="multipart/form-data">
    <input type="file" name="myFile">
    <input type="submit" name="submit" value="Submit">
</form>
<?php
if ($_POST['submit']) {
    $result=ftp_put($connect, $_FILES['myFile']['name'], FTP_ASCII);
}
?>
  1. 这不安全且非常危险。您必须检查上传文件的扩展名。

答案 1 :(得分:3)

正如@Bonner所说,Fabien的回答是不正确的,因为您正在寻找一个脚本来将文件从您网站上的页面上传到服务器。

首先要记住的是ftp_put()函数将始终覆盖现有文件。相反,我建议你看一下PHP move_uploaded_file

<强>代码

这是表格。在action属性中,我们指定了一个文件,它将处理和处理所有文件。您需要将multipart / form-data值用于表单的enctype属性。

为了更好地理解,我几乎在所有地方都添加了评论。

<form action="upload.php" method="post" enctype="multipart/form-data">
    File: <input type="file" name="upload-file" size="30" />
    <input type="submit" name="submit" value="Upload file" />
</form>

<强> upload.php的 

<?php
    // Used to determinated if the upload file is really a valid file
    $isValid = true;
    // The maximum allowed file upload size
    $maxFileSize = 1024000;
    //Allowed file extensions
    $extensions = array('gif', 'jpg', 'jpeg', 'png');

    // See if the Upload file button was pressed.
    if(isset($_POST['submit'])) {
        // See if there is a file waiting to be uploaded
        if(!empty($_FILES['upload-file']['name'])) {

            // Check for errors
            if(!$_FILES['upload-file']['error']) {
                // Renamed the file
                $renamedFile = strtolower($_FILES['upload-file']['tmp_name']);

                // Get the file extension
                $fileInfo = pathinfo($_FILES['upload-file']['name']);

                // Now vaidate it
                if (!in_array($fileInfo['extension'], $extensions)) {
                    $isValid = false;
                    echo "This file extension is not allowed";
                }

                // Validate that the file is not bigger than 1MB
                if($_FILES['upload-file']['size'] > $maxFileSize) {
                    $isValid = false;
                    echo "Your file's size is to large. The file should not be bigger than 1MB";
                }

                // If the file has passed all tests
                if($isValid)
                {
                    // Move it to where we want it to be
                    move_uploaded_file($_FILES['upload-file']['tmp_name'], 'uploads/'.$renamedFile);
                    echo 'File was successfully uploaded!';
                }
            }
            // If there is an error show it
            else {
                echo 'There was an error file trying to upload the file:  '.$_FILES['upload-file']['error'];
            }
        }
    }
相关问题
最新问题