0

我有一个位于此处的表格,http://brandybrowauto.com/npo3.html,代码如下。第一部分是 html 表单本身,它只是收集一些信息,然后调用 npo3.php 来收集数据并上传图像并将一些 json 添加到文件中。虽然它仍然很混乱并且需要大量清理,但我只想让功能本身正常工作。我有一些小的验证,但在我的测试过程中,进入一个具有完整 777 权限的文件夹,我继续收到“不允许此扩展程序,请仅上传图像”的错误。这是我在 php 页面中的扩展检查器。当文件绝对是我在批准的数组中的类型之一时,我不知道为什么我一直收到这个。我在表单上有正确的 enctype 并将文件名存储在我在脚本中使用的变量中。每次我尝试上传时,有什么想法会导致这种情况发生吗?

<form action="npo3.php" method="post" enctype="multipart/form-data" name="add_car" onsubmit="checkForm();">
                                <table cellspacing="8" cellpadding="8" style="margin:0 auto;">
                                    <tr>
                                        <td>
                                            <table cellspacing="8" cellpadding="8">
                                                <tr>
                                                    <td>
                                                        <select name="make" id="make">
                                                            <option value="">- Select Make -</option>
                                                            <option value="Acura">Acura</option>
                                                            <option value="Audi">Audi</option>
                                                            <option value="BMW">BMW</option>
                                                            <option value="Buick">Buick</option>
                                                            <option value="Cadillac">Cadillac</option>
                                                            <option value="Chevrolet">Chevrolet</option>
                                                            <option value="Chrysler">Chrysler</option>
                                                            <option value="Daewoo">Daewoo</option>
                                                            <option value="Dodge">Dodge</option>
                                                            <option value="Eagle">Eagle</option>
                                                            <option value="Fiat">Fiat</option>
                                                            <option value="Ford">Ford</option>
                                                            <option value="Geo">Geo</option>
                                                            <option value="GMC">GMC</option>
                                                            <option value="Honda">Honda</option>
                                                            <option value="Hyundai">Hyundai</option>
                                                            <option value="Infiniti">Infiniti</option>
                                                            <option value="Isuzu">Isuzu</option>
                                                            <option value="Jaguar">Jaguar</option>
                                                            <option value="Jeep">Jeep</option>
                                                            <option value="Kia">Kia</option>
                                                            <option value="Land_Rover">Land Rover</option>
                                                            <option value="Lexus">Lexus</option>
                                                            <option value="Lincoln">Lincoln</option>
                                                            <option value="Mazda">Mazda</option>
                                                            <option value="Mercedes">Mercedes</option>
                                                            <option value="Mercury">Mercury</option>
                                                            <option value="Mitsubishi">Mitsubishi</option>
                                                            <option value="Nissan">Nissan</option>
                                                            <option value="Oldsmobile">Oldsmobile</option>
                                                            <option value="Plymouth">Plymouth</option>
                                                            <option value="Pontiac">Pontiac</option>
                                                            <option value="Porsche">Porsche</option>
                                                            <option value="Saab">Saab</option>
                                                            <option value="Saturn">Saturn</option>
                                                            <option value="Scion">Scion</option>
                                                            <option value="Subaru">Subaru</option>
                                                            <option value="Suzuki">Suzuki</option>
                                                            <option value="Toyota">Toyota</option>
                                                            <option value="Volkswagen">Volkswagen</option>
                                                            <option value="Volvo">Volvo</option>
                                                        </select>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="stock" id="stock" value="Stock#" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="name" id="name" value="Name" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="year" id="year" value="Year" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="mileage" id="mileage" value="Mileage" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="price" id="price" value="Price" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input class="gray" type="text" name="desc" id="desc" value="Description" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
                                                    </td>
                                                </tr>
                                            </table>
                                        </td>
                                        <td>
                                            <table cellspacing="8" cellpadding="8">
                                                <tr>
                                                    <td>
                                                        &nbsp;
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 1:&nbsp;<input type="file" name="image1" id="image1" value="Image1"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 2:&nbsp;<input type="file" name="image2" id="image2" value="Image2"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 3:&nbsp;<input type="file" name="image3" id="image3" value="Image3"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 4:&nbsp;<input type="file" name="image4" id="image4" value="Image4"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        Image 5:&nbsp;<input type="file" name="image5" id="image5" value="Image5"/>
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td>
                                                        <input type="submit" name="submit" id="submit" value="Submit"/>
                                                    </td>
                                                </tr>
                                            </table>
                                        </td>
                                    </tr>
                                </table>
                            </form>

这是下面的 npo3.php 页面。它也做了很多其他的事情,但是在扩展检查期间的 for 循环期间,我一直在点击该死消息。

<?php
$stock = $_POST["stock"];
$name = $_POST["name"];
$year = $_POST["year"];
$mileage = $_POST["mileage"];
$price = $_POST["price"];
$desc = $_POST["desc"];
$make2 = $_POST["make"];

$path2 = "images/PartsCars/".$make2."/info.json";
$string2 = file_get_contents($path2);
$data2 = json_decode($string2, true);

if($stock == ""){
    die('You need to enter a Stock # to match the image name. Please go back and fill in the Stock#.');
}
else {
    $data2[$stock] = array("name" => $name, "year" => $year, "mileage" => $mileage, "price" => $price, "description" => $desc);
}

for($i = 1; $i <= 5; $i++) {

    if($_FILES['image1']['name'] != "") {
        $filename = $_FILES['image'.$i]['name'];
        $filetmpname = $_FILES['image'.$i]['tmp_name'];
        $filetype = $_FILES['image'.$i]['type'];
        $filetype = strtolower($filetype);

        //check if files contain php or asp and kill it 
        $pos1 = strpos($filename,'php');
        $pos2 = strpos($filename,'asp');
        if(!($pos1 === false) && !($pos2 === false)) {
            die('You cannot upload that type of file to our system. Images only.');
        }

        //get the file ext
        $file_ext = strrchr($filename, '.');

        //check if extension is allowed or not
        $allowedExt = array(".jpg",".jpeg",".gif",".png",".JPG",".PNG"); 
        if (!(in_array($file_ext, $allowedExt))){
            die('This extension is not allowed, please upload images only.');
        }

        //check upload type
        $pos = strpos($filetype,'image');
        if($pos === false) {
            die('Only images types are allowed to be uploaded.');
        }
        $imageinfo = getimagesize($_FILES['image'.$i]['tmp_name']);
        if($imageinfo['mime'] != 'image/gif' && $imageinfo['mime'] != 'image/jpeg' && $imageinfo['mime'] != 'image/jpg' && $imageinfo['mime'] != 'image/png') {
            die('Only images types are allowed to be uploaded.');
        }

        //check double file type (image with comment)
        if(substr_count($filetype, '/')>1){
            die('Only images types are allowed to be uploaded.');
        }

        // upload to upload direcory 
        $uploaddir = 'images/PartsCars/'.$make2.'/' ;
        move_uploaded_file($filetmpname, $uploaddir.$filename);
    }
    else {
        die('Image 1 did not have any file selected. Please go back and select an image.');
    }
}

file_put_contents($path2, json_encode($data2));

$path = "images/PartsCars/".$make2."/";
$temp_files = scandir($path);
$string = file_get_contents("images/PartsCars/".$make2."/info.json");

$data = json_decode($string);
natsort($temp_files);
//$temp_files = array_reverse($temp_files);

echo '<a href="npo3.html"><button>+Add Car</button></a>';
echo '<table style="padding-left:20px;width:930px;">';

foreach($temp_files as $file) 
{
    if($file != "." && $file != ".." && $file != "Thumbs.db" && $file != basename(__FILE__) && $file != "info.json") 
    {
        echo '<tr>';        
        $info = pathinfo($file);
        $file_name =  basename($file,'.'.$info['extension']);
        $findme  = array(" (2)"," (3)"," (4)"," (5)");
        $findme2  = array(" (1)");
        $pos1 = strpos($file_name, $findme[0]);
        $pos2 = strpos($file_name, $findme[1]);
        $pos3 = strpos($file_name, $findme[2]);
        $pos4 = strpos($file_name, $findme[3]);
        $subpictures = str_replace($findme, "", $file_name);
        $subpictures2 = str_replace($findme2, "", $file_name);

        if ($pos1 !== false || $pos2 !== false || $pos3 !== false || $pos4 !== false) {
            echo '<script type="text/javascript">document.getElementById("'.$subpictures.'").innerHTML += "<a href=\"'.$path.$file.'\"><img src=\"'.$path.$file.'\" style=\"width:100px;height:80px;padding:10px;\"/></a>";</script>';
        }
        else {
            echo '<td style="border-bottom:1px #fff solid;width:240px;"><a href="'.$path.$file.'"><img src="'.$path.$file.'" alt="'.$file.'" style="width:200px;height:150px;padding:20px;"/></a></td>';
            echo '<td style="border-bottom:1px #fff solid;width:440px;">';
            echo '<span style="font-size:2em;padding:10px;color:#fff;font-weight:bold;">'.$data->{$file_name}->{'name'}.'</span><br/>';
            echo '<br/><span style="padding-left:10px;">Year: '.$data->{$file_name}->{'year'}.'</span>';
            echo '<br/><span style="padding-left:10px;">Mileage: '.$data->{$file_name}->{'mileage'}.'</span>';
            echo '<br/><span style="padding-left:10px;">Price: '.$data->{$file_name}->{'price'}.'</span>';
            echo '<br/><span style="padding-left:10px;">Description: '.$data->{$file_name}->{'description'}.'</span>';
            echo '<br/><br/><span style="padding-left:10px;">Please <a href="contact.php">contact us</a> for more details.</span></td>';
            echo '<td style="border-bottom:1px #fff solid;width:250px;" id="'.$subpictures2.'"></td></tr>';
        }
    }
}
echo '</table>'; 

?>
4

2 回答 2

2

我认为这

for($i = 1; $i <= 5; $i++) {
    if($_FILES['image1']['name'] != "") {

应该

for($i = 1; $i <= 5; $i++) {
    if($_FILES['image'.$i]['name'] != "") {

还调试你得到的扩展:

echo "Image $i:". $file_ext = strrchr($filename, '.');

如果您希望至少上传一个文件,您可以添加一个标志,如下所示。

$fileUpload = false;
for($i = 1; $i <= 5; $i++) 
{
    if($_FILES['image'.$i]['name'] != "") 
    {
        .....
        .....
        move_uploaded_file($filetmpname, $uploaddir.$filename);
        $fileUpload = true;
    }    
}
if(!$fileUpload) 
{
    die('Please go back and select atleast one image.');
}
于 2012-06-26T04:56:17.453 回答
1

如果您收到扩展名检查错误,那么您没有正确检查扩展名,因为我们不确定扩展名是小写字母还是大写字母,然后将文件名设置为一种格式以使用strtolower()功能,请参阅图片上传和调整大小的帖子:

        $filename = strtolower($filename); // Name of the file uploaded by you
        $extension = strrchr( $filename, '.' );
        $auth_exten = array('.jpg', '.jpeg', '.png', '.gif');

        if( in_array( $extension, $auth_exten ) ){
            return true;
        }
        else{
            return false;
        }
于 2012-06-26T04:50:52.060 回答