0

第一个问题很久了。本质上,我有一些代码(1)在实时环境中完美运行,(2)曾经在我的家庭 OSX 环境中工作,但(3)现在不起作用。

的HTML:

<form id="upload_form" action="php/upload_class_list.php" method="post" accept-charset="UTF-8" enctype="multipart/form-data" target="upload_target" >
    <label>File:</label>
    <input name="myfile" type="file" size="35" />
    <input id="upload_submit" type="submit" value="Upload" />
    <iframe id="upload_target" name="upload_target" style="width:0;height:0;border:0px solid #fff;"></iframe>
</form>

PHP 文件:

$destination_path = getcwd().DIRECTORY_SEPARATOR;

$result = 0;

$target_path = $destination_path . basename( $_FILES['myfile']['name']);

if(@move_uploaded_file($_FILES['myfile']['tmp_name'], $target_path)) {   
   ...
}

sleep(1);
?>

<script language="javascript" type="text/javascript">top.upload_class_list(<?php echo $result; ?>);</script>

脚本最后触发,但 PHP 代码没有进入if(在本地开发环境中),因此$result保持为 0。

似乎它没有选择path要上传的文件;$destination_path指向 PHP 文件所在的文件夹,而不是文件所在的文件夹。

我认为当我更改为 Mountain Lion 并重建 PHP 设置时,我的本地环境可能已经停止工作。

缺少什么来阻止文件被找到?

让我强调一下:完全相同的代码在我的实时 Hostmonster 设置中运行良好,所以我猜这是一个环境问题 :)

谢谢。

4

2 回答 2

5

if(@move_uploaded_file($_FILES['myfile']['tmp_name'], $target_path)) {
... }

缺少什么来阻止文件被找到?

是什么让您认为问题在于找到的文件?也许找到了文件,但失败的是...move例如因为 Web 服务器没有权限写入target_path.

您可以检查:

$src = $_FILES['myfile']['tmp_name'];
$dst = $target_path;

if (!file_exists($src))
   die("Okay, the file is actually not found");

if (!is_readable($src))
   die("Very bad hosting juju. The file was uploaded but I can't read it?!?");

if (!is_writeable($destination_path))
   die("As expected, you can't upload a file here. This is a good thing.");

@touch($dst);
if (!file_exists($dst))
   die("So call me a Marine, the file SHOULD be writeable (which is not so good), and yet I could not write it! Perhaps disk full? User overquota? Some weird security setup?");

这是一件好事,因为该目录包含可执行的 PHP 文件,如果有人可以在其中上传 PHP 文件,那将是一个主要的安全漏洞。

您可以留出另一个目录并使其可写(记得在其中放置一个 .htaccess 或其他系统以禁止从外部读取/执行访问)。

于 2013-04-09T10:27:34.227 回答
-1

可能是这个

<?php 
 $target = "upload/"; 
 $target = $target . basename( $_FILES['uploaded']['name']) ; 
 $ok=1; 
 if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) 
 {
    echo "The file ". basename( $_FILES['uploaded']['name']). " has been uploaded";
 } 
 else {
    echo "Sorry, there was a problem uploading your file.";
}
?>
于 2013-04-09T10:15:11.137 回答