Question

我有一个带有图片上传和一些个人数据的multipart / form-data，所以我想在表单验证中包含文件上传，我可以成功地做到这一点。

但是，我现在发现有一个问题，即使我的其他表单字段有错误并上传文件字段没有错误，然后图片上传到文件夹，如何防止这种情况，我的意思是，在我的情况下，如果名称，电子邮件，文件字段验证是正常的，那么只有文件应该上传，如果名称归档验证失败，文件字段验证确定，则文件不应上传

这是我使用的代码：

在控制器中：

 <?php
    public $_rules = array(
            'name'=>array('field'=>'name', 'label'=>'Name', 'rules'=>'trim|required'),
            'email'=>array('field'=>'email', 'label'=>'Email', 'rules'=>'trim|required|valid_email'),       
            'profile_img'=>array('field'=>'profile_img', 'label'=>'Design', 'rules'=>'callback__profile_upload')
            );

public function profile()
    {       
        $this->load->library('upload');
        $rules = $this->_rules; 
        $this->form_validation->set_rules($rules);

        if($this->form_validation->run()==TRUE){
            die('success');
        }else {         
            $this->data['content'] =  'frontend/pages/place_order';
            $this->load->view('frontend/_layout_main', $this->data);
        }

    }

function _profile_upload(){
  if($_FILES['profile_img']['size'] != 0 && !empty($_FILES['profile_img']) ){
    $upload_dir = './profile_pics/';
    if (!is_dir($upload_dir)) {
         mkdir($upload_dir);
    }   
    $config['upload_path']   = $upload_dir;
    $config['allowed_types'] = 'gif|jpg|png|jpeg';
    $config['file_name']     = 'profile_img_'.substr(md5(rand()),0,7);
    $config['overwrite']     = false;
    $config['max_size']  = '5120';

     $this->upload->initialize($config);
        if (!$this->upload->do_upload('profile_img')){
            $this->form_validation->set_message('_profile_upload', $this->upload->display_errors());
            return false;
        }   
        else{
            $this->upload_data['file'] =  $this->upload->data();
            return true;
        }   
    }   
    else{
        $this->form_validation->set_message('_profile_upload', "No file selected");
        return false;
    }
}

观看：

<?php echo form_open_multipart();?>
 <?php $name_err = (!empty(form_error('name'))) ? 'err' : ' ';  
     echo form_input('name',set_value('name'), array('placeholder'=>'Name','class'=>" {$name_err } "));
     ?>

 <?php $email_err = (!empty(form_error('email'))) ? 'err' : ' ';  
    echo form_input('email',set_value('email'), array('placeholder'=>'EMail','class'=>" {$email_err } "));
     ?> 
<?php    
echo form_error('profile_img');
echo form_upload(array('name' =>'profile_img', 'class' => 'inputfile inputfile-4', 'id' => 'profile_img'));
?>
     <li><input type="submit" class="special" value="Submit" /></li>

Answer 1

尝试这样的一次。我认为图像不需要像其他字段那样设置规则。

public $_rules = array(
        'name'=>array('field'=>'name', 'label'=>'Name', 'rules'=>'trim|required'),
        'email'=>array('field'=>'email', 'label'=>'Email', 'rules'=>'trim|required|valid_email'),       
        );

和

public function profile()
    {       
        $this->load->library('upload');
        $rules = $this->_rules; 
        $this->form_validation->set_rules($rules);

        if($this->form_validation->run()==TRUE){
            die('success');
        }else {    
            if ($this->_profile_upload()) {   //return true if file uploaded successfully otherwise error
                 $this->data['content'] =  'frontend/pages/place_order';
                 $this->load->view('frontend/_layout_main', $this->data);
                }     

        }

    }

Answer 2

是的，非常明显的是，您的文件甚至可以上传任何其他字段＆＃39;验证失败。您必须在表单验证成功后才启动图像上载。为此，只需验证该回调中的文件特定要求，并在成功验证表单后进行实际上传。

Answer 3

我有一个来自codexWorld的解决方案，我在那里问了同样的问题，他们回复了一个教程，如果还有人在这里寻找解决方案就是链接

http://www.codexworld.com/codeigniter-file-upload-validation/

在验证回调中，我们只想进行文件类型检查

public function _profile_upload($str){
        $allowed_mime_type_arr = array('image/jpeg','image/pjpeg','image/png','image/x-png');
        $mime = get_mime_by_extension($_FILES['file']['name']);
        if(isset($_FILES['file']['name']) && $_FILES['file']['name']!=""){
            if(in_array($mime, $allowed_mime_type_arr)){
                return true;
            }else{
                $this->form_validation->set_message('_profile_upload', 'Please select only pdf/gif/jpg/png file.');
                return false;
            }
        }else{
            $this->form_validation->set_message('_profile_upload', 'Please choose a file to upload.');
            return false;
        }
    }

并且在main函数中我们只想做正常的事情，使用do_upload并指定上传配置项，无论如何在函数执行时会有第二个文件类型检查，我认为没关系。代码看起来像这样::

public function profile()
    {       
        $rules = $this->_rules; 
        $this->form_validation->set_rules($rules);

        if($this->form_validation->run()==TRUE){
             $config['upload_path']   = 'uploads/files/';
            $config['allowed_types'] = 'gif|jpg|png';
            $config['max_size']      = 1024;
            $this->load->library('upload', $config);
            //upload file to directory
            if($this->upload->do_upload('file')){
                $uploadData = $this->upload->data();
                $uploadedFile = $uploadData['file_name'];

                /*
                 *insert file information into the database
                 *.......
                 */

             }else{
                $data['error_msg'] = $this->upload->display_errors();
            }
        }else {         
            $this->data['content'] =  'frontend/pages/place_order';
            $this->load->view('frontend/_layout_main', $this->data);
        }

    }

是否有更好的多部分/表单数据验证方法

3 个答案: