实际上,我已经开发了一个CMS来通过...发布到我的网站。
对于后期图像,我想设置500KB的限制,只允许GIF,JPEG,JPG和PNG格式。此代码执行成功,也出现警报。但是当上传的图像包含允许的格式和大小时,它会再次显示警告消息..我使用exit();
功能是正确的吗?
HTML是:
<div class="form-container">
<form method="post" action="publish_post.php" enctype="multipart/form-data">
<input class="inputs" type="text" name="p_title" placeholder="What's the post title"/>
<input class="inputs" type="text" name="p_author" placeholder="Who's the post author"/>
<select class="input" name="p_category" size="1" />
<option value="null">Select post category</option>
<option value="softwares">Softwares</option>
<option value="tips & tricks">Tips & tricks</option>
<option value="wallpapers">Wallpapers</option>
<option value="walpapers_more">Walpapers_more</option>
</select>
<textarea name="p_content" placeholder="What's the post content"></textarea>
<textarea name="p_misc" placeholder="Enter an html code"></textarea>
<textarea name="p_video" placeholder="Enter an embed code"></textarea>
</br>
<div class="upload">
<input type="file" name="p_image" title="Pick an image for post"/>
</div></br>
<span style="margin-left: 5px; color: gray; font-family: sans-serif; font-size: .8em; ">max. size 5MB
</span></br></br>
<input type="submit" name="pub" value="Publish"/>
<input type="button" name="cancel" value="Cancel" onclick="window.open('dashboard','_self');"/>
</form>
</div>
PHP是:
<?php
if(isset($_POST['pub'])){
$category = mysqli_real_escape_string($con,$_POST['p_category']);
$author = mysqli_real_escape_string($con,$_POST['p_author']);
$title = mysqli_real_escape_string($con,$_POST['p_title']);
$content = mysqli_real_escape_string($con,$_POST['p_content']);
$image_name = $_FILES['p_image']['name'];
$image_type = $_FILES['p_image']['type'];
$image_size = $_FILES['p_image']['size'];
$image_tmp = $_FILES['p_image']['tmp_name'];
$date = date("M,d,Y");
$misc = $_POST['p_misc'];
$video = $_POST['p_video'];
if($image_type != "jpg" && $image_type != "png" && $image_type != "gif" && $image_type != "jpeg" && $image_size>500000)
{
echo "<script>alert('Image size is larger or invlaid format');</script>";
exit();
}
$query = "INSERT INTO `me`(`post_category`, `post_author`, `post_title`, `post_content`, `post_image`, `post_date`, `post_misc`, `post_video`) VALUES ('$category','$author','$title','$content','$image_name','$date','$misc','$video')";
if(mysqli_query($con,$query))
{
move_uploaded_file($image_tmp,"images/$image_name");
header("location:dashboard?done2=done2.png");
}
}
?>
答案 0 :(得分:0)
在if条件下尝试此操作:
unset($_POST);
exit("<script>alert('Image size is larger or invlaid format');</script>");
并确保您的插入查询看起来像这样
$query = "INSERT INTO `me`(`post_category`, `post_author`, `post_title`, `post_content`, `post_image`, `post_date`, `post_misc`, `post_video`) VALUES ('".$category."','".$author."','".$title."','".$content."','".$image_name."','".$date."','".$misc."','".$video."')";
答案 1 :(得分:0)
if(($image_type != "image/jpeg" && $image_type != "image/png" && $image_type != "image/gif") || $image_size > 500000)
{
echo "<script>alert('Image size is larger or invalid format');</script>";
}
else
{
echo "<script>alert('valid format');</script>";
}
答案 2 :(得分:0)
条件不起作用。尝试此代码。如果您有更多条件,请尝试这种方式。
if(($image_type != "jpg") && ($image_type != "png") && ($image_type != "gif") && ($image_type != "jpeg") && ($image_size>500000))
{
echo "<script>alert('Image size is larger or invlaid format');</script>";
exit();
}
答案 3 :(得分:0)
//用于图像类型
$expensions= array("jpeg","jpg","png","gif");
if(in_array($image_type,$expensions)=== false){
echo "<script>alert('Image size is larger or invlaid format');</script>";
exit();
}
//用于图像尺寸
if($image_size > 500000){
echo "<script>alert('Image size is larger or invlaid format');</script>";
exit();
}
我希望它会有所帮助