upload.html 与upload.php代码。
upload.html
----------------------------------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>Upload new files</title>
</head><body>
Upload new news files
<form action="upload.php" method="post" enctype="multipart/form-data" name="uploadfile" id="uploadfile">
<input name="MAX_FILE_SIZE" type="hidden" id="MAX_FILE_SIZE" value="1000000" />
Upload this file:
<input name="userfile" type="file" id="userfile" />
<input type="submit" name="Submit" value="Send File" />
</form>
</body>
</html>
------------------------------------------------------upload.php
----------------------------------------------------------------
<html>
<head>
<title>
Uploading...
</title>
</head>
<body>
<h1>Uploading file...</h1>
<?php
if ($_FILES['userfile']['error'] > 0) {
echo 'Prolem:';
switch ($_FILES['userfile']['error'])
{
case 1: echo 'File exceeded upload_max_filesize';break;
case 2: echo 'File exceeded upload_max_file';break;
case 3: echo 'Fiel only partially upload';break;
case 4: echo 'No file upload';break;
}
exit;
}
//put the file where we'd like it .
$upfile='/upload/'.$_FILES['userfile']['name'];if (is_uploaded_file($_FILES['userfile']['tmp_name']))
{
if (!move_uploaded_file($_FILES['userfile']['tmp_name'],$upfile))
{
echo 'Problem:Could not move file to destination directory.';
exit;
}
}
else
{
echo 'Problem:Possible file upload attack.Filename:';
echo $_FILES['userfile']['name'];
exit;
}
echo 'File uploaded successfully. <br><br>';//reformat the file contents
$fp=fopen($upfile,'r');
$contents=fread($fp,filesize($upfile));
fclose($fp);$contents=strip_tags($contents);
$fp=fopen($upfile,'w');
fwrite($fp,$contents);
fclose($fp);//show what was uploaded
echo 'Preview of uploaded file contents:<br><hr>';
echo $contents;
echo '<br><hr>';?>
</body>
</html>
upload.html
----------------------------------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>Upload new files</title>
</head><body>
Upload new news files
<form action="upload.php" method="post" enctype="multipart/form-data" name="uploadfile" id="uploadfile">
<input name="MAX_FILE_SIZE" type="hidden" id="MAX_FILE_SIZE" value="1000000" />
Upload this file:
<input name="userfile" type="file" id="userfile" />
<input type="submit" name="Submit" value="Send File" />
</form>
</body>
</html>
------------------------------------------------------upload.php
----------------------------------------------------------------
<html>
<head>
<title>
Uploading...
</title>
</head>
<body>
<h1>Uploading file...</h1>
<?php
if ($_FILES['userfile']['error'] > 0) {
echo 'Prolem:';
switch ($_FILES['userfile']['error'])
{
case 1: echo 'File exceeded upload_max_filesize';break;
case 2: echo 'File exceeded upload_max_file';break;
case 3: echo 'Fiel only partially upload';break;
case 4: echo 'No file upload';break;
}
exit;
}
//put the file where we'd like it .
$upfile='/upload/'.$_FILES['userfile']['name'];if (is_uploaded_file($_FILES['userfile']['tmp_name']))
{
if (!move_uploaded_file($_FILES['userfile']['tmp_name'],$upfile))
{
echo 'Problem:Could not move file to destination directory.';
exit;
}
}
else
{
echo 'Problem:Possible file upload attack.Filename:';
echo $_FILES['userfile']['name'];
exit;
}
echo 'File uploaded successfully. <br><br>';//reformat the file contents
$fp=fopen($upfile,'r');
$contents=fread($fp,filesize($upfile));
fclose($fp);$contents=strip_tags($contents);
$fp=fopen($upfile,'w');
fwrite($fp,$contents);
fclose($fp);//show what was uploaded
echo 'Preview of uploaded file contents:<br><hr>';
echo $contents;
echo '<br><hr>';?>
</body>
</html>
那怎么改???
我在
if (!move_uploaded_file($_FILES['userfile']['tmp_name'],$upfile))
{
echo 'Problem:Could not move file to destination directory.';
exit;
}
加入echo $_FILES['userfile']['tmp_name'];语句。
在IE上调试的结果为:
C:\WINDOWS\TEMP\php29.tmp
Warning: move_uploaded_file(/upload/SN for visio.txt) [function.move-uploaded-file]: failed to open stream: No such file or directory in C:\AppServ\www\upload\upload.php on line 31Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move 'C:\WINDOWS\TEMP\php29.tmp' to '/upload/SN for visio.txt' in C:\AppServ\www\upload\upload.php on line 31
Problem:Could not move file to destination directory.
说明if (is_uploaded_file($_FILES['userfile']['tmp_name'])) 可以通过可是我在Zend调试时,结果却为:
Problem:Possible file upload attack.Filename:那到底if (is_uploaded_file($_FILES['userfile']['tmp_name'])) 没有顺利通过呢??
运行后在你upload.php文件的目录下找找看