我有一个php页面来检索上传的(附加的)文件。该文件的输入是文件名及其扩展名(例如jpg)。然后,使用以下功能将扩展程序转换为内容类型:
function ConvertToMimeType($extension) {
$MimeTypes = array('audio/aac', 'application/x-abiword', 'application/octet-stream', 'video/x-msvideo', 'application/vnd.amazon.ebook', 'application/octet-stream', 'application/x-bzip', 'application/x-bzip2', 'application/x-csh', 'text/css', 'text/csv', 'application/msword', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'application/vnd.ms-fontobject', 'application/epub+zip', 'application/ecmascript', 'image/gif', 'text/html', 'image/x-icon', 'text/calendar', 'application/java-archive', 'image/jpeg', 'image/jpg', 'application/javascript', 'application/json', 'audio/midi', 'video/mpeg', 'application/vnd.apple.installer+xml', 'application/vnd.oasis.opendocument.presentation', 'application/vnd.oasis.opendocument.spreadsheet', 'application/vnd.oasis.opendocument.text', 'audio/ogg', 'video/ogg', 'application/ogg', 'font/otf', 'image/png', 'application/pdf', 'application/vnd.ms-powerpoint', 'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'application/x-rar-compressed', 'application/rtf', 'application/x-sh', 'image/svg+xml', 'application/x-shockwave-flash', 'application/x-tar', 'image/tiff', 'application/typescript', 'font/ttf', 'application/vnd.visio', 'audio/wav', 'audio/webm', 'video/webm', 'image/webp', 'font/woff', 'font/woff2', 'application/xhtml+xml', 'application/vnd.ms-excel', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'application/xml', 'application/vnd.mozilla.xul+xml', 'application/zip', 'video/3gpp', 'audio/3gpp', 'video/3gpp2', 'audio/3gpp2', 'application/x-7z-compressed');
$fmime = 'application/octet-stream';
foreach ($MimeTypes as $mime) {
if (substr($mime, strpos($mime, "/") + 1) == $extension) {
$fmime = $mime;
break;
}
}
return $fmime;
}
然后在下面的代码行中,将文件返回给客户端:
header('Content-disposition: filename="' . $fname . '"');
header('Pragma: no-cache');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header("Content-type: " . ConvertToMimeType($AttachFileType));
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($ffullname));
echo file_get_contents($ffullname);
,但是检索到的文件的内容类型为text / html,并且是纯文本而不是文件。响应头如下:
Status Code: 200 OK
Remote Address: 127.0.0.2:80
Referrer Policy: no-referrer-when-downgrade
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 19924
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Sep 2018 11:23:43 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
输出如下:
我已经测试过打印出$AttachFileType
和ConvertToMimeType($AttachFileType)
,并且输出为'jpg'和'image / jpg',所以问题不在于逻辑。
答案 0 :(得分:0)
通过在$ AttachFileType变量中未分配任何内容的方式,用$ AttachFileType变量填充的确切内容是什么?您是否仅将扩展传递给函数?如果是的话,你错了。如果您要传递文件mimetype,则将$ AttachFileType放出,然后检查您要传递的内容。
如果仅传递扩展名,则必须将扩展名的预定义数组设置为键,并将相关的mime类型作为值,并匹配必须返回的mime类型。但是您不能信任文件扩展名来找到确切的文件MIME类型,这会导致安全问题。
尽管我尚未根据您的要求进行测试,但是您可以尝试以下解决方案,但是我们在项目中使用了类似的解决方法。
function ConvertToMimeType($fileLocation) {
$MimeTypes = array('audio/aac', 'application/x-abiword', 'application/octet-stream', 'video/x-msvideo', 'application/vnd.amazon.ebook', 'application/octet-stream', 'application/x-bzip', 'application/x-bzip2', 'application/x-csh', 'text/css', 'text/csv', 'application/msword', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'application/vnd.ms-fontobject', 'application/epub+zip', 'application/ecmascript', 'image/gif', 'text/html', 'image/x-icon', 'text/calendar', 'application/java-archive', 'image/jpeg', 'image/jpg', 'application/javascript', 'application/json', 'audio/midi', 'video/mpeg', 'application/vnd.apple.installer+xml', 'application/vnd.oasis.opendocument.presentation', 'application/vnd.oasis.opendocument.spreadsheet', 'application/vnd.oasis.opendocument.text', 'audio/ogg', 'video/ogg', 'application/ogg', 'font/otf', 'image/png', 'application/pdf', 'application/vnd.ms-powerpoint', 'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'application/x-rar-compressed', 'application/rtf', 'application/x-sh', 'image/svg+xml', 'application/x-shockwave-flash', 'application/x-tar', 'image/tiff', 'application/typescript', 'font/ttf', 'application/vnd.visio', 'audio/wav', 'audio/webm', 'video/webm', 'image/webp', 'font/woff', 'font/woff2', 'application/xhtml+xml', 'application/vnd.ms-excel', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'application/xml', 'application/vnd.mozilla.xul+xml', 'application/zip', 'video/3gpp', 'audio/3gpp', 'video/3gpp2', 'audio/3gpp2', 'application/x-7z-compressed');
$fileInfo = new finfo(FILEINFO_MIME);
$fileMimeType = $fileInfo->file($fileLocation);
$fileMime = 'application/octet-stream';
if(in_array($fileMimeType, $MimeTypes))
{
$fileMime = $fileMimeType;
}
return $fileMime;
}
$fname = 'file.xxx';
$fileToDownload = 'path/to/'.$fname;
header('Content-disposition: filename="' . $fname . '"');
header('Pragma: no-cache');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header("Content-type: " . ConvertToMimeType($fileToDownload));
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($fileToDownload));
// if you want to download file use
$fp=fopen($fileToDownload,"r");
fpassthru($fp);
exit();
// or
echo file_get_contents($fileToDownload);