PHP FTP_PUT 正在上传到目录
PHP FTP_PUT uploading to directory
我正在从一本名为 "PHP the Complete Reference - PHP5.2" 的书中自学 PHP
我目前在第 11 章 FTP、上传、删除、makedir 等,但有 运行 本书未涵盖的几个问题:
根据我的教科书,这是一个上传到服务器的简单代码:
$connect=ftp_connect("johnsite.com");
$result=ftp_login($connect,"john@johnsite","johnnyWalker");
if(!$result){
echo'Could not connect to Server';
}
$result=ftp_put($connect,'myFile.php',FTP_ASCII);
echo'UPLOADING FILE......';
if($result){
echo'File Uploaded!';
}
我的问题:
- 这个上传到哪个目录,如果我要上传到目录怎么修改代码说
public_html/images/myFile.jpg
在示例中 myFile.php 是硬编码的,如果我希望用户 select 上传文件怎么办?我假设你可以做这样的事情是否正确:
<input type="file" name="myFile" value="upload a file" />
<input type="submit" name="upload" />
if(isset($_POST['upload'])){
$fileName=$_POST['myFile']; //file is now assigned to var name
$result=ftp_put($connect,$fileName,FTP_ASCII); //file linked to var name being uploaded
}
这是最有效的安全方式吗?
感谢阅读
1。
如果你想上传到目录 public_html/images/
$destination_path = "public_html/images/";
$result=ftp_put($connect, $destination_path . 'myFile.php', FTP_ASCII);
2.
<form method="POST" action="" enctype="multipart/form-data">
<input type="file" name="myFile">
<input type="submit" name="submit" value="Submit">
</form>
<?php
if ($_POST['submit']) {
$result=ftp_put($connect, $_FILES['myFile']['name'], FTP_ASCII);
}
?>
- 这不安全而且非常危险。您必须检查上传文件的扩展名。
正如@Bonner 所说,Fabien 的回答不正确,因为您正在寻找一个脚本来将文件从您网站上的页面上传到服务器。
首先要记住的是 ftp_put() function will always overwrite the existing files. Instead I suggest you to have a look at the PHP move_uploaded_file
代码
这是表格。在 action 属性中我们指定了一个文件,它将处理和处理所有文件。您需要为表单的加密类型 属性.
使用 multipart/form-data 值
为了更好地理解,我几乎在所有地方都添加了注释。
<form action="upload.php" method="post" enctype="multipart/form-data">
File: <input type="file" name="upload-file" size="30" />
<input type="submit" name="submit" value="Upload file" />
</form>
upload.php
<?php
// Used to determinated if the upload file is really a valid file
$isValid = true;
// The maximum allowed file upload size
$maxFileSize = 1024000;
//Allowed file extensions
$extensions = array('gif', 'jpg', 'jpeg', 'png');
// See if the Upload file button was pressed.
if(isset($_POST['submit'])) {
// See if there is a file waiting to be uploaded
if(!empty($_FILES['upload-file']['name'])) {
// Check for errors
if(!$_FILES['upload-file']['error']) {
// Renamed the file
$renamedFile = strtolower($_FILES['upload-file']['tmp_name']);
// Get the file extension
$fileInfo = pathinfo($_FILES['upload-file']['name']);
// Now vaidate it
if (!in_array($fileInfo['extension'], $extensions)) {
$isValid = false;
echo "This file extension is not allowed";
}
// Validate that the file is not bigger than 1MB
if($_FILES['upload-file']['size'] > $maxFileSize) {
$isValid = false;
echo "Your file's size is to large. The file should not be bigger than 1MB";
}
// If the file has passed all tests
if($isValid)
{
// Move it to where we want it to be
move_uploaded_file($_FILES['upload-file']['tmp_name'], 'uploads/'.$renamedFile);
echo 'File was successfully uploaded!';
}
}
// If there is an error show it
else {
echo 'There was an error file trying to upload the file: '.$_FILES['upload-file']['error'];
}
}
}
我正在从一本名为 "PHP the Complete Reference - PHP5.2" 的书中自学 PHP 我目前在第 11 章 FTP、上传、删除、makedir 等,但有 运行 本书未涵盖的几个问题:
根据我的教科书,这是一个上传到服务器的简单代码:
$connect=ftp_connect("johnsite.com");
$result=ftp_login($connect,"john@johnsite","johnnyWalker");
if(!$result){
echo'Could not connect to Server';
}
$result=ftp_put($connect,'myFile.php',FTP_ASCII);
echo'UPLOADING FILE......';
if($result){
echo'File Uploaded!';
}
我的问题:
- 这个上传到哪个目录,如果我要上传到目录怎么修改代码说
public_html/images/myFile.jpg 在示例中 myFile.php 是硬编码的,如果我希望用户 select 上传文件怎么办?我假设你可以做这样的事情是否正确:
<input type="file" name="myFile" value="upload a file" /> <input type="submit" name="upload" /> if(isset($_POST['upload'])){ $fileName=$_POST['myFile']; //file is now assigned to var name $result=ftp_put($connect,$fileName,FTP_ASCII); //file linked to var name being uploaded }这是最有效的安全方式吗?
感谢阅读
1。 如果你想上传到目录 public_html/images/
$destination_path = "public_html/images/";
$result=ftp_put($connect, $destination_path . 'myFile.php', FTP_ASCII);
2.
<form method="POST" action="" enctype="multipart/form-data">
<input type="file" name="myFile">
<input type="submit" name="submit" value="Submit">
</form>
<?php
if ($_POST['submit']) {
$result=ftp_put($connect, $_FILES['myFile']['name'], FTP_ASCII);
}
?>
- 这不安全而且非常危险。您必须检查上传文件的扩展名。
正如@Bonner 所说,Fabien 的回答不正确,因为您正在寻找一个脚本来将文件从您网站上的页面上传到服务器。
首先要记住的是 ftp_put() function will always overwrite the existing files. Instead I suggest you to have a look at the PHP move_uploaded_file
代码
这是表格。在 action 属性中我们指定了一个文件,它将处理和处理所有文件。您需要为表单的加密类型 属性.
使用 multipart/form-data 值为了更好地理解,我几乎在所有地方都添加了注释。
<form action="upload.php" method="post" enctype="multipart/form-data">
File: <input type="file" name="upload-file" size="30" />
<input type="submit" name="submit" value="Upload file" />
</form>
upload.php
<?php
// Used to determinated if the upload file is really a valid file
$isValid = true;
// The maximum allowed file upload size
$maxFileSize = 1024000;
//Allowed file extensions
$extensions = array('gif', 'jpg', 'jpeg', 'png');
// See if the Upload file button was pressed.
if(isset($_POST['submit'])) {
// See if there is a file waiting to be uploaded
if(!empty($_FILES['upload-file']['name'])) {
// Check for errors
if(!$_FILES['upload-file']['error']) {
// Renamed the file
$renamedFile = strtolower($_FILES['upload-file']['tmp_name']);
// Get the file extension
$fileInfo = pathinfo($_FILES['upload-file']['name']);
// Now vaidate it
if (!in_array($fileInfo['extension'], $extensions)) {
$isValid = false;
echo "This file extension is not allowed";
}
// Validate that the file is not bigger than 1MB
if($_FILES['upload-file']['size'] > $maxFileSize) {
$isValid = false;
echo "Your file's size is to large. The file should not be bigger than 1MB";
}
// If the file has passed all tests
if($isValid)
{
// Move it to where we want it to be
move_uploaded_file($_FILES['upload-file']['tmp_name'], 'uploads/'.$renamedFile);
echo 'File was successfully uploaded!';
}
}
// If there is an error show it
else {
echo 'There was an error file trying to upload the file: '.$_FILES['upload-file']['error'];
}
}
}