帮我重新格式化我的PHP验证码

时间:2010-08-23 17:07:55

标签: php

我在PHP中设计了一个文件上传表单,它需要3张图片并将其作为varchar数据类型存储在数据库中并将其移动到目标目录。

在上传或将值插入数据库之前我想确保

a)文件类型为image / jpeg

b)三个图像应该有不同的固定尺寸值(我从getimagesize()获取尺寸值;并验证它)

c)并检查目录中是否存在文件名的副本(我通过file_exists()检查)

如果任何一个条件返回false,则脚本应该死()

我为它定义了代码,但我的代码的问题是,如果最后一个条件返回false,那么上面的条件将执行代码并执行一些操作,如move_uploaded_file,我不想发生,请看看代码

请检查最后4个条件,如果我想重新格式化。

$w_title = 685;
    $h_title = 50;
    $w_brief = 685;
    $h_brief = 177;
    $w_detail = 685;

        if(empty($_POST['ns_title']) || empty($_FILES["ns_pic_title"]["name"]) || empty($_FILES["ns_pic_brief"]["name"]) || empty($_FILES["ns_pic_detail"]["name"])) {
           echo "<script type=\"text/javascript\">" . "alert(\"Please Fill All the Required Fields\");" . "</script>"; 
           echo "<meta http-equiv=\"refresh\" content=\"0;post-news.php\"/>";
           die();
        }
        else {
            $ns_title = htmlspecialchars(strip_tags(mysql_real_escape_string($_POST['ns_title'])));
            if($_FILES["ns_pic_title"]["type"] == "image/jpeg" && $_FILES["ns_pic_brief"]["type"] == "image/jpeg" && $_FILES["ns_pic_detail"]["type"] == "image/jpeg") {

                $ns_pic_title_loc= $_FILES["ns_pic_title"]["tmp_name"];
                $ns_pic_title_name = $_FILES["ns_pic_title"]["name"];
                list($width_title, $height_title) = getimagesize($ns_pic_title_loc);

                $ns_pic_brief_loc = $_FILES["ns_pic_brief"]["tmp_name"];
                $ns_pic_brief_name = $_FILES["ns_pic_brief"]["name"];
                list($width_brief, $height_brief) = getimagesize($ns_pic_brief_loc);

                $ns_pic_detail_loc = $_FILES["ns_pic_detail"]["tmp_name"];
                $ns_pic_detail_name = $_FILES["ns_pic_detail"]["name"];
                list($width_detail, $height_detail) = getimagesize($ns_pic_detail_loc);

                if(file_exists($ns_target.$ns_pic_title_name)) {
                    echo "<script type=\"text/javascript\">" . "alert(\"File Already Exists, Please Choose a Different Name for the File\");" . "</script>";
                    echo "<meta http-equiv=\"refresh\" content=\"0;post-news.php\"/>";
                    die();
                }

                if(!$width_title == $w_title && !$height_title == $h_title) {
                    echo "<script type=\"text/javascript\">" . "alert(\"Incorrect File Dimension for Title News, please make sure it is (685 X 50)\");" . "</script>";
                    echo "<meta http-equiv=\"refresh\" content=\"0;post-news.php\"/>";
                    die();
                }
                else {
                    move_uploaded_file($ns_pic_title_loc, $ns_target.$ns_pic_title_name);
                }

                if(!$width_brief == $w_brief && !$height_brief == $h_brief) {
                    echo "<script type=\"text/javascript\">" . "alert(\"Incorrect File Dimension for Brief News, please make sure it is (685 X 177)\");" . "</script>";
                    echo "<meta http-equiv=\"refresh\" content=\"0;post-news.php\"/>";
                    die();
                }
                else {
                    move_uploaded_file($ns_pic_brief_loc, $ns_target.$ns_pic_brief_name);
                }
                if(!$width_detail == $w_detail) {
                    echo "<script type=\"text/javascript\">" . "alert(\"Incorrect File Dimension for Detail News, please make sure it is (685 in width)\");" . "</script>";
                    echo "<meta http-equiv=\"refresh\" content=\"0;post-news.php\"/>";
                    die();
                }
                else {
                    move_uploaded_file($ns_pic_brief_loc, $ns_target.$ns_pic_brief_name);
                }

如何重新格式化代码以便

a)应检查所有三个条件

b)如果其中任何一个返回false,那么它应该立即停止执行

谢谢

2 个答案:

答案 0 :(得分:2)

我建议将逻辑移到函数中以减少重复。

注意:我无法测试任何此类内容,因此不会尝试,但它应该让您开始。

function fail($error)
{
  echo '<script type="text/javascript">alert("' . $error . '");</script>';
  echo '<meta http-equiv="refresh" content="0;post-news.php"/>';
}

function valid_image($image, $width, $height = 0)
{
  if ($image['type'] != 'image/jpeg')
  {
    fail('File must be of type image/jpeg');
    return false;
  }

  if(file_exists($ns_target . $image['name']))
  {
    fail('File Already Exists, Please Choose a Different Name for the File');
    return false;
  }

  list($image_width, $image_height) = getimagesize($image['tmp_name']);
  if ($image_width != $width || ($image_height && $image_height != $height))
  {
    fail('Incorrect File Dimension for ' . $image['name'] .
      ', please make sure it is (' . $width .
      ($height ? ' X ' . $height  : ' in width'). ')');
    return false;
  }
  return true;
}

if(empty($_POST['ns_title']) ||
  empty($_FILES["ns_pic_title"]["name"]) ||
  empty($_FILES["ns_pic_brief"]["name"]) ||
  empty($_FILES["ns_pic_detail"]["name"]))
{
  fail('Please Fill All the Required Fields');
  die();
}

if (valid_image($_FILES['ns_pic_title'], 685, 50) &&
  valid_image($_FILES['ns_pic_brief'], 685, 177) &&
  valid_image($_FILES['ns_pic_detail'], 685))
{
  move_uploaded_file($_FILES['ns_pic_title']['tmp_name'],
    $ns_target . $_FILES['ns_pic_title']['name']);

  move_uploaded_file($_FILES['ns_pic_brief']['tmp_name'],
    $ns_target . $_FILES['ns_pic_brief']['name']);

  move_uploaded_file($_FILES['ns_pic_detail']['tmp_name'],
    $ns_target . $_FILES['ns_pic_detail']['name']);
}

答案 1 :(得分:1)

我可以提供一些提示:

无需if ... else
您可以通过减少嵌套来简化代码。

错误 

if(cond) {
  do this;
  die();
} else {
  do other things
}

将上述内容更改为:

if(cond) {
  do this;
  die();
}
do other things

如果在上面的代码中,您要做的只是输出一些文本,您可以进一步简化它

if(cond) die('text to output');
do other things

检查异常,而不是一致性
而不是

if($_FILES["ns_pic_title"]["type"] == "image/jpeg" && ...) {
  do stuff
  ...

使用

if($_FILES["ns_pic_title"]["type"] !== "image/jpeg" || ...) exit;
do stuff
...

使用评论
即使代码是供个人消费,也尽可能多地使用评论,实际上没有多少评论太多。

相关问题
最新问题