2

您好,我有一个用于允许文件上传的 php 脚本。该脚本有一个包含允许文件类型的数组。

      $fileTypes = array('jpg', 'jpeg', 'gif', 'png', 'zip', 'xlsx')

因为该表单位于我的客户的登录区域后面,所以他请求允许所有文件类型,而不是仅限于阵列中的文件。尽管我已经向客户解释过最好限制文件,但他坚持要打开它。

有没有办法允许数组中的任何文件类型?

完整脚本

      $uploadDir = '/uploads/';

      // Set the allowed file extensions
      $fileTypes = array('jpg', 'jpeg', 'gif', 'png', 'zip', 'xlsx', 'cad', 'pdf', 'doc', 'docx', 'ppt', 'pptx', 'pps', 'ppsx', 'odt', 'xls', 'xlsx', '.mp3', 'm4a', 'ogg', 'wav', 'mp4', 'm4v', 'mov', 'wmv' ); // Allowed file extensions

     $verifyToken = md5('unique_salt' . $_POST['timestamp']);

    if (!empty($_FILES) && $_POST['token'] == $verifyToken) {
$tempFile   = $_FILES['Filedata']['tmp_name'];
$uploadDir  = $_SERVER['DOCUMENT_ROOT'] . $uploadDir;
$targetFile = $uploadDir . $_FILES['Filedata']['name'];

// Validate the filetype
$fileParts = pathinfo($_FILES['Filedata']['name']);
if (in_array(strtolower($fileParts['extension']), $fileTypes)) {

    // Save the file
    move_uploaded_file($tempFile, $targetFile);
    echo 1;

  } else {

    // The file type wasn't allowed
    echo 'Invalid file type.';

  }
    }
4

3 回答 3

5

只是不要进行过滤。

<?php
$uploadDir = '/uploads/';

$verifyToken = md5('unique_salt' . $_POST['timestamp']);

if (!empty($_FILES) && $_POST['token'] == $verifyToken) {
    $tempFile   = $_FILES['Filedata']['tmp_name'];
    $uploadDir  = $_SERVER['DOCUMENT_ROOT'] . $uploadDir;
    $targetFile = $uploadDir . $_FILES['Filedata']['name'];

    // Save the file
    move_uploaded_file($tempFile, $targetFile);
    echo 1;
}
于 2013-07-10T17:53:09.947 回答
1

只需删除文件类型验证并上传所有

//if (in_array(strtolower($fileParts['extension']), $fileTypes)) {

    // Save the file
   if( move_uploaded_file($tempFile, $targetFile)){
    echo 1;
    else{
    echo 'An error occurred ';
    }

//  } else {

    // The file type wasn't allowed
   // echo 'Invalid file type.';

  //}
于 2013-07-10T17:54:04.490 回答
1

使用以下代码

<?php
$uploadDir = '/uploads/';

$verifyToken = md5('unique_salt' . $_POST['timestamp']);

if (!empty($_FILES) && $_POST['token'] == $verifyToken) {
    $tempFile   = $_FILES['Filedata']['tmp_name'];
    $uploadDir  = $_SERVER['DOCUMENT_ROOT'] . $uploadDir;
    $targetFile = $uploadDir . $_FILES['Filedata']['name'];

    // Save the file
    move_uploaded_file($tempFile, $targetFile);
    echo 1;

}

?>
于 2013-07-10T18:00:09.667 回答