Question

我正在处理多个图片上传我遇到了第一张图片正确上传的问题，第二张图片显示了文件上传错误攻击你能帮我找出问题吗

控制器

public function mimageAction()
    {
         $form = new MultipleImageForm();
         $form->get('submit')->setValue('Submit');
         $request = $this->getRequest();
         if($request->isPost())
         {
            $nonFile = $request->getPost()->toArray();
            $File    = $this->params()->fromFiles('file');
            $data = array_merge_recursive($request->getPost()->toArray(), $request->getFiles()->toArray());
            //print_r($data); die;
            $form->setData($data);
            if ($form->isValid()) 
            {
                $count = count($data['varad']);
//                $dataNew=array(               
//                                'test'=>trim($data['test']),
//                                'file'=>trim($data['file']['name']),
//                                'image'=>trim($data['image']['name'])
//                            );
                $request = new Request();
                $files   = $request->getFiles();        
                for($i=0;$i<$count;$i++)
                {
                    $adapter = new \Zend\File\Transfer\Adapter\Http();
                    $adapter->setDestination('public/img/upload/'); // Returns all known internal file information
                    //$adapter->addFilter('File\Rename', array('target' =>"public/img/upload" . DIRECTORY_SEPARATOR .$data['varad'][$i]['name'] , 'overwrite' => true));
                    $filter = new \Zend\Filter\File\RenameUpload("public/img/upload/");
                    $filter->filter($files['varad'][$i]['name']);  
                    $filter->setUseUploadName(true);
                    $filter->filter($files['varad'][$i]['name']);
                    if(!$adapter->receive()) 
                    { 
                        $messages = $adapter->getMessages(); 
                        print_r($messages);
                    } 
                    else             
                    {
                        echo "Image Uploaded";
                    }
                }
//                $adapter = new \Zend\File\Transfer\Adapter\Http();
//                $adapter->setDestination('public/img/upload/'); // Returns all known internal file information
//                $adapter->addFilter('File\Rename', array('target' =>"public/img/upload" . DIRECTORY_SEPARATOR .$image2, 'overwrite' => true));
//                
//                if(!$adapter->receive()) 
//                { 
//                    $messages = $adapter->getMessages(); 
//                    print_r($messages);
//                } 
//                else             
//                {
//                    echo "Image Uploaded";
//                }
            }
         }
         return array('form' => $form);
    }

表格

public function __construct($name = null)
{
    parent::__construct('stall');
    $this->setAttribute("method","post");
    $this->setAttribute("enctype","multipart/form-data");

    $this->add(array(
        'name' => 'varad',
        'attributes' => array(
            'type'  => 'file',
            'multiple'=>'multiple',
        ),
        'options' => array(
            'label' => 'First Image',
        ),
         'validators' => array(
        'Size'  => array('max' => 10*1024*1024),

        )
    )); 

    $this->add(array(
        'name' => 'test',
        'attributes' => array(
            'type'  => 'text',
        ),
        'options' => array(
            'label' => 'Text Box',
        ),
    )); 

    $this->add(array(
        'name' => 'varad',
        'attributes' => array(
            'type'  => 'file',
            'multiple'=>'multiple',
        ),
        'options' => array(
            'label' => 'Second Image',
        ),
    )); 
      $this->add(array(
       'name' => 'submit',
        'type' => 'submit',
    )); 
}

在这里，我也尝试了为图像获取不同的名称以及图像的不同程序

fileUploadErrorAttack文件被非法上传。这可能是一种可能的攻击

0 个答案: