我有一个位于此处的表格,http://brandybrowauto.com/npo3.html,代码如下。第一部分是 html 表单本身,它只是收集一些信息,然后调用 npo3.php 来收集数据并上传图像并将一些 json 添加到文件中。虽然它仍然很混乱并且需要大量清理,但我只想让功能本身正常工作。我有一些小的验证,但在我的测试过程中,进入一个具有完整 777 权限的文件夹,我继续收到“不允许此扩展程序,请仅上传图像”的错误。这是我在 php 页面中的扩展检查器。当文件绝对是我在批准的数组中的类型之一时,我不知道为什么我一直收到这个。我在表单上有正确的 enctype 并将文件名存储在我在脚本中使用的变量中。每次我尝试上传时,有什么想法会导致这种情况发生吗?
<form action="npo3.php" method="post" enctype="multipart/form-data" name="add_car" onsubmit="checkForm();">
<table cellspacing="8" cellpadding="8" style="margin:0 auto;">
<tr>
<td>
<table cellspacing="8" cellpadding="8">
<tr>
<td>
<select name="make" id="make">
<option value="">- Select Make -</option>
<option value="Acura">Acura</option>
<option value="Audi">Audi</option>
<option value="BMW">BMW</option>
<option value="Buick">Buick</option>
<option value="Cadillac">Cadillac</option>
<option value="Chevrolet">Chevrolet</option>
<option value="Chrysler">Chrysler</option>
<option value="Daewoo">Daewoo</option>
<option value="Dodge">Dodge</option>
<option value="Eagle">Eagle</option>
<option value="Fiat">Fiat</option>
<option value="Ford">Ford</option>
<option value="Geo">Geo</option>
<option value="GMC">GMC</option>
<option value="Honda">Honda</option>
<option value="Hyundai">Hyundai</option>
<option value="Infiniti">Infiniti</option>
<option value="Isuzu">Isuzu</option>
<option value="Jaguar">Jaguar</option>
<option value="Jeep">Jeep</option>
<option value="Kia">Kia</option>
<option value="Land_Rover">Land Rover</option>
<option value="Lexus">Lexus</option>
<option value="Lincoln">Lincoln</option>
<option value="Mazda">Mazda</option>
<option value="Mercedes">Mercedes</option>
<option value="Mercury">Mercury</option>
<option value="Mitsubishi">Mitsubishi</option>
<option value="Nissan">Nissan</option>
<option value="Oldsmobile">Oldsmobile</option>
<option value="Plymouth">Plymouth</option>
<option value="Pontiac">Pontiac</option>
<option value="Porsche">Porsche</option>
<option value="Saab">Saab</option>
<option value="Saturn">Saturn</option>
<option value="Scion">Scion</option>
<option value="Subaru">Subaru</option>
<option value="Suzuki">Suzuki</option>
<option value="Toyota">Toyota</option>
<option value="Volkswagen">Volkswagen</option>
<option value="Volvo">Volvo</option>
</select>
</td>
</tr>
<tr>
<td>
<input class="gray" type="text" name="stock" id="stock" value="Stock#" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
</td>
</tr>
<tr>
<td>
<input class="gray" type="text" name="name" id="name" value="Name" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
</td>
</tr>
<tr>
<td>
<input class="gray" type="text" name="year" id="year" value="Year" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
</td>
</tr>
<tr>
<td>
<input class="gray" type="text" name="mileage" id="mileage" value="Mileage" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
</td>
</tr>
<tr>
<td>
<input class="gray" type="text" name="price" id="price" value="Price" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
</td>
</tr>
<tr>
<td>
<input class="gray" type="text" name="desc" id="desc" value="Description" onfocus="inputFocus(this);" onblur="inputBlur(this);"/>
</td>
</tr>
</table>
</td>
<td>
<table cellspacing="8" cellpadding="8">
<tr>
<td>
</td>
</tr>
<tr>
<td>
Image 1: <input type="file" name="image1" id="image1" value="Image1"/>
</td>
</tr>
<tr>
<td>
Image 2: <input type="file" name="image2" id="image2" value="Image2"/>
</td>
</tr>
<tr>
<td>
Image 3: <input type="file" name="image3" id="image3" value="Image3"/>
</td>
</tr>
<tr>
<td>
Image 4: <input type="file" name="image4" id="image4" value="Image4"/>
</td>
</tr>
<tr>
<td>
Image 5: <input type="file" name="image5" id="image5" value="Image5"/>
</td>
</tr>
<tr>
<td>
<input type="submit" name="submit" id="submit" value="Submit"/>
</td>
</tr>
</table>
</td>
</tr>
</table>
</form>
这是下面的 npo3.php 页面。它也做了很多其他的事情,但是在扩展检查期间的 for 循环期间,我一直在点击该死消息。
<?php
$stock = $_POST["stock"];
$name = $_POST["name"];
$year = $_POST["year"];
$mileage = $_POST["mileage"];
$price = $_POST["price"];
$desc = $_POST["desc"];
$make2 = $_POST["make"];
$path2 = "images/PartsCars/".$make2."/info.json";
$string2 = file_get_contents($path2);
$data2 = json_decode($string2, true);
if($stock == ""){
die('You need to enter a Stock # to match the image name. Please go back and fill in the Stock#.');
}
else {
$data2[$stock] = array("name" => $name, "year" => $year, "mileage" => $mileage, "price" => $price, "description" => $desc);
}
for($i = 1; $i <= 5; $i++) {
if($_FILES['image1']['name'] != "") {
$filename = $_FILES['image'.$i]['name'];
$filetmpname = $_FILES['image'.$i]['tmp_name'];
$filetype = $_FILES['image'.$i]['type'];
$filetype = strtolower($filetype);
//check if files contain php or asp and kill it
$pos1 = strpos($filename,'php');
$pos2 = strpos($filename,'asp');
if(!($pos1 === false) && !($pos2 === false)) {
die('You cannot upload that type of file to our system. Images only.');
}
//get the file ext
$file_ext = strrchr($filename, '.');
//check if extension is allowed or not
$allowedExt = array(".jpg",".jpeg",".gif",".png",".JPG",".PNG");
if (!(in_array($file_ext, $allowedExt))){
die('This extension is not allowed, please upload images only.');
}
//check upload type
$pos = strpos($filetype,'image');
if($pos === false) {
die('Only images types are allowed to be uploaded.');
}
$imageinfo = getimagesize($_FILES['image'.$i]['tmp_name']);
if($imageinfo['mime'] != 'image/gif' && $imageinfo['mime'] != 'image/jpeg' && $imageinfo['mime'] != 'image/jpg' && $imageinfo['mime'] != 'image/png') {
die('Only images types are allowed to be uploaded.');
}
//check double file type (image with comment)
if(substr_count($filetype, '/')>1){
die('Only images types are allowed to be uploaded.');
}
// upload to upload direcory
$uploaddir = 'images/PartsCars/'.$make2.'/' ;
move_uploaded_file($filetmpname, $uploaddir.$filename);
}
else {
die('Image 1 did not have any file selected. Please go back and select an image.');
}
}
file_put_contents($path2, json_encode($data2));
$path = "images/PartsCars/".$make2."/";
$temp_files = scandir($path);
$string = file_get_contents("images/PartsCars/".$make2."/info.json");
$data = json_decode($string);
natsort($temp_files);
//$temp_files = array_reverse($temp_files);
echo '<a href="npo3.html"><button>+Add Car</button></a>';
echo '<table style="padding-left:20px;width:930px;">';
foreach($temp_files as $file)
{
if($file != "." && $file != ".." && $file != "Thumbs.db" && $file != basename(__FILE__) && $file != "info.json")
{
echo '<tr>';
$info = pathinfo($file);
$file_name = basename($file,'.'.$info['extension']);
$findme = array(" (2)"," (3)"," (4)"," (5)");
$findme2 = array(" (1)");
$pos1 = strpos($file_name, $findme[0]);
$pos2 = strpos($file_name, $findme[1]);
$pos3 = strpos($file_name, $findme[2]);
$pos4 = strpos($file_name, $findme[3]);
$subpictures = str_replace($findme, "", $file_name);
$subpictures2 = str_replace($findme2, "", $file_name);
if ($pos1 !== false || $pos2 !== false || $pos3 !== false || $pos4 !== false) {
echo '<script type="text/javascript">document.getElementById("'.$subpictures.'").innerHTML += "<a href=\"'.$path.$file.'\"><img src=\"'.$path.$file.'\" style=\"width:100px;height:80px;padding:10px;\"/></a>";</script>';
}
else {
echo '<td style="border-bottom:1px #fff solid;width:240px;"><a href="'.$path.$file.'"><img src="'.$path.$file.'" alt="'.$file.'" style="width:200px;height:150px;padding:20px;"/></a></td>';
echo '<td style="border-bottom:1px #fff solid;width:440px;">';
echo '<span style="font-size:2em;padding:10px;color:#fff;font-weight:bold;">'.$data->{$file_name}->{'name'}.'</span><br/>';
echo '<br/><span style="padding-left:10px;">Year: '.$data->{$file_name}->{'year'}.'</span>';
echo '<br/><span style="padding-left:10px;">Mileage: '.$data->{$file_name}->{'mileage'}.'</span>';
echo '<br/><span style="padding-left:10px;">Price: '.$data->{$file_name}->{'price'}.'</span>';
echo '<br/><span style="padding-left:10px;">Description: '.$data->{$file_name}->{'description'}.'</span>';
echo '<br/><br/><span style="padding-left:10px;">Please <a href="contact.php">contact us</a> for more details.</span></td>';
echo '<td style="border-bottom:1px #fff solid;width:250px;" id="'.$subpictures2.'"></td></tr>';
}
}
}
echo '</table>';
?>