我使用PHP将文件上传到我的网站,然后将它们发送到我的邮箱地址。一切正常,但当有人试图上传包含.js文件(或.bat,.cmd等)的zip档案时,谷歌会阻止它们,因为它认为它们具有潜在的危险性。
我想显示一条错误消息,告诉用户他的zip包含无法上传的文件(不允许使用扩展名)。这是我的问题。如何浏览上传的文件(甚至在子文件夹中!)以发现被禁止的扩展名?
这是我的PHP代码(仅仅是开头):
if($_POST && isset($_FILES['my_file']))
{
if ($_REQUEST['pippo'] != "abracadabra")
die("Errore: password non corretta!");
$sender = preg_replace('/\s+/', '.', $_REQUEST['name']);
$from_email = $sender.'@example.com'; //sender email
$recipient_email = 'giancarloperlo@gmail.com'; //recipient email
$subject = $_FILES['my_file']['name']; //subject of email
$message = 'Caricamento file da '.$_REQUEST['name']; //message body
//get file details we need
$file_tmp_name = $_FILES['my_file']['tmp_name'];
$file_name = $_FILES['my_file']['name'];
$file_size = $_FILES['my_file']['size'];
$file_type = $_FILES['my_file']['type'];
$file_error = $_FILES['my_file']['error'];
//$user_email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);
if($file_error>0)
{
die('upload error');
}
//read from the uploaded file & base64_encode content for the mail
$handle = fopen($file_tmp_name, "r");
$content = fread($handle, $file_size);
fclose($handle);
....
感谢大家的关心和帮助!