1. 首頁
  2. 問答
  3. 無法上傳文件中的CakePHP 2

無法上傳文件中的CakePHP 2

2012-05-12 43 views
1

我想在我的CakePHP程序納入上傳功能。我之前爲一個原始的PHP項目創建了一個,並決定重用該代碼,因爲我知道它的工作原理。代碼如下:無法上傳文件中的CakePHP 2

$allowed_filetypes = array('.jpg','.gif','.bmp','.png'); 
    $max_filesize = 1000000; // Maximum filesize in BYTES 
    $upload_path = './files/'; 

    $filename = $_FILES['userfile']['name']; 
    $desiredname = $_POST['desiredname']; 
    $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); 

    $savedfile = $desiredname.$ext; 

    // Check if the filetype is allowed, if not DIE and inform the user. 
    if(!in_array($ext,$allowed_filetypes)) 
     die('The file you attempted to upload is not allowed.'); 

    // Now check the filesize, if it is too large then DIE and inform the user. 
    if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize) 
     die('The file you attempted to upload is too large.'); 

    // Check if we can upload to the specified path, if not DIE and inform the user. 
    if(!is_writable($upload_path)) 
     die('You cannot upload to the specified directory, please CHMOD it to 777.'); 

    // Upload the file to your specified path. 
    if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $savedfile)) 
     echo 'Your file upload was successful, view the file <a href="' . $upload_path . $savedfile . '" title="Your File">here</a>'; // It worked. 
    else 
     echo 'There was an error during the file upload. Please try again.'; // It failed :(.

我把這段代碼放到我想上傳的頁面的控制器中。我已經使用了表單助手在CakePHP中產生的形式,主要內容如下:

<?php 
     echo $this->Form->create('Customer', array(
      'class' => 'form-horizontal', 
      'action' => 'add', 
      'enctype' => 'multipart/form-data' 
     )); 

     echo $this->Form->input('filename', array(
      'type' => 'text', 
      'label' => 'Filename', 
      'class' => 'span5' 
     )); 
     echo $this->Form->input('file', array(
      'between' => '<br />', 
      'type' => 'file' 
     )); 
     echo $this->Form->end('Save Changes', array(
      'label' => false, 
      'type' => 'submit', 
      'class' => 'btn btn-primary' 
     )); 

     echo $this->Form->end(); 
    ?>

我已經改變到田間地頭的任何引用在我的舊代碼,以反映該項目中使用形式的變化。然而,我得到以下錯誤,當我提交表單:

通知(8):未定義指數:CustomerFile [APP \控制器\ CustomersController.php,線148]

通知(8):未定義的索引:CustomerFilename [APP \控制器\ CustomersController.php,線149]

在控制器中的代碼,我已(再次)改變表單字段使用以下:

$filename = $this->request->data['CustomerFile']['name']; 
$desiredname = $this->request->data['CustomerFilename'];

但仍然出現了錯誤。我猜測,表單字段沒有被引用正確的,但我想我已經正確引用他們使用$this->request代碼,但顯然沒有奏效。有沒有人有任何想法?

來源

2012-05-12 mickburkejnr

回答

3

主要非蛋糕的問題:

  1. 滾動自己的文件名操縱操作,而不是使用pathinfo()
  2. 過濾由用戶提供的文件名來確定上傳的資格。永遠不要相信用戶發送的任何內容。使用服務器端MIME鍵入操作,例如fileinfo
  3. 假設上傳成功並檢查成功/失敗之前對文件做服務器端操作。請務必首先檢查['error']代碼。碼記錄在這裏:http://php.net/manual/en/features.file-upload.errors.php
  4. 使用上傳後的文件大小的限制 - 這是更好地設置php.ini中的極限,那麼這將允許前佔用了你的帶寬與只是要個字節的服務器中止上傳稍後會被忽略。您可以使用['error']代碼來確定上傳是否因文件大小限制違規而中止。
  5. 允許用戶指定目標文件名,完全沒有安全檢查,允許惡意用戶可以在該文件名指定的路徑,並允許他們在自己的服務器上的任何文件可能潦草。

來源

2012-05-12 23:01:58

0

頁型號:

public function beforeSave() { 
    if (!empty($this->data['Page']['image']['name'])) { 

     $this->data['Page']['image'] = time() . '-Featured-' . $this->data['Page']['image']['name']; 
     $this->data['Page']['alias'] = $this->data['Page']['title']; 
     $this->data['Page']['publish'] = date("y.m.d, h:i:s"); 
     $this->data['Page']['update'] = date("y.m.d, h:i:s"); 
     $this->data['Page']['posttype'] = 'page'; 

     return true; 
    } else { 
     if($this->action == 'edit'){ 
      $this->data['Page']['image'] = $this->data['Page']['img']; 
      $this->data['Page']['alias'] = $this->data['Page']['title']; 
      $this->data['Page']['publish'] = date("y.m.d, h:i:s"); 
      $this->data['Page']['update'] = date("y.m.d, h:i:s"); 
      $this->data['Page']['posttype'] = 'page'; 
      return true; 
     } 
    } 

    return true; 
} 

public function fileExtension ($data) { 
    if($this->data['Page']['image']['type'] != 'image/jpeg'){ 
     $this->invalidate('image',''); 
     return false; 
    } 
    return true; 
}

頁控制器:

public function add() { 

    if (!empty($this->request->data)) { 
     $menus = $this->Page->save($this->request->data); 
     if (!empty($menus)) { 
      move_uploaded_file($this->data['Page']['image']['tmp_name'], $_SERVER['DOCUMENT_ROOT'] . '/app/webroot/img/test/' . $this->data['Page']['image']['name']); 
      $filename = $_SERVER['DOCUMENT_ROOT'] . '/app/webroot/img/test/' . $this->data['Page']['image']['name']; 
      list($width,$height) = getimagesize($filename); 
      $percent = 20000/$width; 
      $newwidth = $width/100*$percent; 
      $newheight = $height/100*$percent; 
      $thumb = imagecreatetruecolor($newwidth, $newheight); 
      $source = imagecreatefromjpeg($filename); 
      imagecopyresampled($thumb, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height); 
      imagejpeg($thumb, $_SERVER['DOCUMENT_ROOT'] . '/app/webroot/img/test/' . time() . '-Featured-' . $this->data['Page']['image']['name'],100); 
      $this->Session->setFlash('Səhifə əlavə olundu', 'default', array('class' => 'alert alert-success')); 
     } 
     $this->redirect(array('action'=>'add')); 
    } 
}

來源

2012-05-13 09:25:23

相關問題

 相關問題