1. 首頁
  2. 問答
  3. PHP - 在同一個目錄,即使不同的文件名

PHP - 在同一個目錄,即使不同的文件名

2012-10-02 53 views
0

我上傳腳本說,當我嘗試上傳儘管不同的文件名PHP - 在同一個目錄,即使不同的文件名

<?php 
// Start a session for error reporting 
session_start(); 
?> 
<?php 
// Check, if username session is NOT set then this page will jump to login page 
if (!isset($_SESSION['username'])) { 
    header('Location: index.html'); 
} 

// Call our connection file 
include('config.php'); 

// Check to see if the type of file uploaded is a valid image type 
function is_valid_type($file) 
{ 
// This is an array that holds all the valid image MIME types 
$valid_types = array("image/jpg", "image/JPG", "image/jpeg", "image/bmp", "image/gif", "image/png"); 

if (in_array($file['type'], $valid_types)) 
    return 1; 
return 0; 
} 

// Just a short function that prints out the contents of an array in a manner that's easy to read 
// I used this function during debugging but it serves no purpose at run time for this example 
function showContents($array) 
{ 
echo "<pre>"; 
print_r($array); 
echo "</pre>"; 
} 

// Set some constants 
// Grab the User ID we sent from our form 
$user_id = $_SESSION['username']; 
$category = $_POST['category']; 

// This variable is the path to the image folder where all the images are going to be stored 
// Note that there is a trailing forward slash 
$TARGET_PATH = "img/users/$category/$user_id/"; 
mkdir($TARGET_PATH, 0755, true); 

// Get our POSTed variables 
$fname = $_POST['fname']; 
$lname = $_POST['lname']; 
$contact = $_POST['contact']; 
$price = $_POST['price']; 
$image = $_FILES['image']; 


// Build our target path full string. This is where the file will be moved do 
// i.e. images/picture.jpg 
$TARGET_PATH .= $image['name']; 

// Make sure all the fields from the form have inputs 
if ($fname == "" || $lname == "" || $image['name'] == "") 
{ 
$_SESSION['error'] = "All fields are required"; 
header("Location: error.php"); 
exit; 
} 

// Check to make sure that our file is actually an image 
// You check the file type instead of the extension because the extension can easily be faked 
if (!is_valid_type($image)) 
{ 
$_SESSION['error'] = "You must upload a jpeg, gif, or bmp"; 
header("Location: error.php"); 
exit; 
} 

// Here we check to see if a file with that name already exists 
// You could get past filename problems by appending a timestamp to the filename and then continuing 
if (file_exists($TARGET_PATH)) 
{ 
$_SESSION['error'] = "A file with that name already exists"; 
header("Location: error.php"); 
exit; 
} 


// Lets attempt to move the file from its temporary directory to its new home 
if (move_uploaded_file($image['tmp_name'], $TARGET_PATH)) 
{ 
// NOTE: This is where a lot of people make mistakes. 
// We are *not* putting the image into the database; we are putting a reference to the file's location on the server 

$imagename = $image['name']; 

$sql = "insert into people (price, contact, category, username, fname, lname, expire, filename) values (:price, :contact, :category, :user_id, :fname, :lname, now() + INTERVAL 1 MONTH, :imagename)"; 
          $q = $conn->prepare($sql) or die("failed!"); 
          $q->bindParam(':price', $price, PDO::PARAM_STR); 
          $q->bindParam(':contact', $contact, PDO::PARAM_STR); 
          $q->bindParam(':category', $category, PDO::PARAM_STR); 
          $q->bindParam(':user_id', $user_id, PDO::PARAM_STR); 
          $q->bindParam(':fname', $fname, PDO::PARAM_STR); 
          $q->bindParam(':lname', $lname, PDO::PARAM_STR); 
          $q->bindParam(':imagename', $imagename, PDO::PARAM_STR); 
          $q->execute(); 


$sql1 = "UPDATE people SET firstname = (SELECT firstname FROM user WHERE username=:user_id1) WHERE username=:user_id2"; 
          $q = $conn->prepare($sql1) or die("failed!"); 
          $q->bindParam(':user_id1', $user_id, PDO::PARAM_STR); 
          $q->bindParam(':user_id2', $user_id, PDO::PARAM_STR); 
          $q->execute(); 


$sql2 = "UPDATE people SET surname = (SELECT surname FROM user WHERE username=:user_id1) WHERE username=:user_id2"; 
          $q = $conn->prepare($sql2) or die("failed!"); 
          $q->bindParam(':user_id1', $user_id, PDO::PARAM_STR); 
          $q->bindParam(':user_id2', $user_id, PDO::PARAM_STR); 
          $q->execute(); 


header("Location: search.php"); 
exit; 
} 
else 
{ 
// A common cause of file moving failures is because of bad permissions on the directory attempting to be written to 
// Make sure you chmod the directory to be writeable 
$_SESSION['error'] = "Could not upload file. Check read/write persmissions on the directory"; 
header("Location: error.php"); 
exit; 
} 
?>

來源

2012-10-02 neeko

+1

你可能很容易受到目錄遍歷攻擊在這裏。 – hdgarrood

+0

謝謝你的回覆,請你能解釋一下我可以如何保護自己不受此影響 – neeko

+1

如果$ category或$ user包含'..',你可以拒絕繼續,我想......但是,可能有更多在互聯網上找到複雜的解決方案。此外,我不熟悉PHP,所以我不知道。 – hdgarrood

回答

1

你應該使用is_dir當你想我的文件已經存在上傳腳本的mkdir說文件已經存在驗證目錄

從PHP DOC上file_exists

返回true如果文件或目錄由filename指定存在;否則,返回FALSE。

從PHP DOC上is_dir如果文件存在並且是一個目錄

返回true,否則FALSE。

請運行下面的測試腳本

if (! is_dir($TARGET_PATH) && is_writable($TARGET_PATH)) { 
    #var_dump before 
    var_dump(is_dir($TARGET_PATH), is_writable($TARGET_PATH)); 
    mkdir($TARGET_PATH, 0755, true); 
} 

#var_dump after 
var_dump(is_dir($TARGET_PATH), is_writable($TARGET_PATH));

來源

2012-10-02 21:30:43 Baba

+0

感謝您的回覆,這個回報「布爾(真)布爾(真)」 – neeko

+0

請現在運行更新的代碼,並再次告訴我,輸出 – Baba

+0

布爾(真)布爾(真) – neeko

相關問題

 相關問題