Ajutor PHP

GarryOne · May 25, 2011

upload_file.php

<?php

include('utilities.php');

$folder="data/images/";
$foto=$folder.'file.txt';
$tmp=$folder.'tmp.txt';


if ($_FILES['foto']['tmp_name'])
  {
   move_uploaded_file($_FILES['foto']['tmp_name'], $tmp);
   $ext=pathinfo($tmp, PATHINFO_EXTENSION);
   $need='txt';

   if ($ext == $need)
     {
      if (file_exists($foto))
      {
      unlink($foto);
      }
      copy($tmp,$foto);
      redir('page.php?rs=ok&pag=home');

      }
    else
     {
       $_SESSION['error']='<p>Eroare. Incercati din nou.</p>';
       unlink($foto);
       redir('page.php?pag=home');
     }
   }
else
{
$_SESSION['error']='<p>Uplodati fisierul</p>';
redir('page.php?pag=home');
}
?>

tin sa mentionez ca redirect e o functie creata de mine in fisieru utilities care e inclus la inceputul paginii, asa ca sa nu apara suspiciuni

si home.php

<table cellspacing="0" cellpadding="0" border="0"  width="940">
  <tr>
    <td align="center">
     <?php
     if(isset($_GET['rs']))
      {
       $result=$_GET['rs'];
     if($result=='ok')
      {
        $result=$_GET['rs'];
        INCLUDE('data/images/file.txt');
      }
       }
     else
       {
        if(!empty($_SESSION['error']))
         {
          echo $_SESSION['error'];
          $_SESSION['error']="";
         }
        echo '<form action="upload_file.php" method="post" enctype="multipart/form-data" name="upload" >
              <input type="file" name="foto" />
              <br />
              <input type="submit" value="Uploadeaza" />
              </form>';
      }

     ?>
    </td>
  </tr>
</table>

Cand uploadez un fisier cu extensia .txt imi incarca fisieru cu succes si mi-l vizualizeaza, bun, pana aici totul e bine, insa cand incerc sa uploadez un fisier de exemplu cu extensia .jpg , nu imi apare mesajul de eroare pe care l-am indicat la else, ci imi da un mesaj de eroare de la server, care o fi problema de nu-mi apare mesajul de eroare?

rattrap · May 26, 2011

Pentru ca in script-ul tau extensia e tot timpul txt

Ii dai move in data/images/tmp.txt

move_uploaded_file($_FILES['foto']['tmp_name'], $tmp);

E txt mereu

$ext=pathinfo('data/images/tmp.txt', PATHINFO_EXTENSION);

Robert1995 · May 26, 2011

Da rattrap are dreptate , dupa ce schimbi acolo porcaria care ai facut-o , fa si un checker sa nu bagi fisiere php , phtml , tot felu ,


<?php
$exceptions = array('php' , 'phtml');
$files_checker = $_POST['files'];
$ok = true;
foreach($files_cheker as $file){
           $tokens = explode(" " , $file['name']);
           $number  = count($tokens) - 1; // exista si positia 0;
           if(in_array($exceptions , $tokens[$number])){
                         $ok = false; 
                         } 
}
if($ok == false){
    // nu face upload
    $error = 'nu se accepta : '.implode(',' , $exceptions);
}else{
    // fa upload
}
?>

Cu placere

GarryOne · May 26, 2011

@robert1995, checkerul il am

@rattrap, am incercat ceva din imaginatie insa nu merge

asta:

$tmp=$folder.'tmp.txt';

am schimbat in asta

$uploaded=$_FILES['foto']['tmp_name'];
$tmp=$folder.'$uploaded';

Sign In

Ajutor PHP

Recommended Posts

GarryOne

rattrap

Robert1995

GarryOne

Join the conversation

Browse

Activity

Pages