PHP高级编程
★上传文件
HTML的设计:
<form enctype="multipart/form-data" action="upload.php"
method=post>
<input type="hidden" name="MAX_FILE_SIZE" value="1000000">
上传文件名称:
<input name="userfile" type="file">
<input name="提交" type="submit" value=" 提交">
</form>
要使用 form 表单, enctype 必须为 "multipart/form-data" ,否则脚
本将不会工作;表单方法是 POST
需要一个隐藏的表单域,用来标记文件最大字节数
一个文件域,用来选择文件
在 PHP脚本中,需要处理的文件保存在 $_FILES全局数组中,其中:
$_FILES['userfile']['name'] - The original name of the file on the
client machine.
$_FILES['userfile']['type'] - The mime type of the file, if the browser
provided this information. An example would be "image/gif". This
mime type is however not checked on the PHP side and therefore
don't take its value for granted.
$_FILES['userfile']['size'] - The size, in bytes, of the uploaded file.
$_FILES['userfile']['tmp_name'] - The temporary filename of the file
in which the uploaded file was stored on the server.
$_FILES['userfile']['error'] - The error code associated with this file
upload. This element was added in PHP 4.2.0
上传文件的安全性
要保证用户上传的是本地文件,这样可以确保安全性(假如用户
修改脚本上传存储在服务器的密码文件也是可以的)
is_uploaded_file($_FILES['userfile']['tmp_name']) // 若 为 上 传