PHP 判断上传文件类型的问题-PHP Tutorial-php.cn

Table of Contents

回复讨论(解决方案)

Home

Backend Development

PHP Tutorial

PHP 判断上传文件类型的问题

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 23, 2016 pm 02:02 PM

这几天都在写关于PHP文件上传的代码，BUG不断，都自己解决了，现在唯一没有解决的问题就是：
判断上传文件的类型。网上说的方法大多数是判断文件的扩展名或者类型（$_FILES['file']['type']），但是如果有人把扩展名改掉，一样可以上传。所以我不使用这种方法。
后来发现一个函数：

function checkTitle($filename)  //判断文件类型{	$filename=($_FILES['file']['tmp_name']);	$file     = fopen($filename, "rb");	$bin      = fread($file, 2); //只读2字节	fclose($file);	$strInfo  = @unpack("C2chars", $bin);	$typeCode = intval($strInfo['chars1'].$strInfo['chars2']);	$fileType = '';	switch ($typeCode)	{		case 8075:		$fileType = 'zip';		break;		case 8297:		$fileType = 'rar';		break;		case 255216:		$fileType = 'jpg';		break;		case 7173:		$fileType = 'gif';		break;		case 6677:		$fileType = 'bmp';		break;		case 13780:		$fileType = 'png';		break;		default:		$fileType = 'unknown'.$typeCode;	}	//Fix	if ($strInfo['chars1']=='-1' && $strInfo['chars2']=='-40' ){		return 'jpg';	}	    			if ($strInfo['chars1']=='-119' && $strInfo['chars2']=='80' ) 	{		return 'png';	}	return $fileType;}

Copy after login

这个函数可以判断真实的文件类型，但是我调用函数的时候，使用：
$type=array('.txt','.rtf','.doc','.docx','.xls','.xlsx','.ppt','.pptx','.jpg','.jpeg','.png','.bmp','.png','.zip','.rar','.7z','.tar','.gz','.tar.gz');
if(!in_array(checkTitle ($_FILES['file']['tmp_name']) ,$type)) //判断上传文件类型
{
//文件类型不正确的提示
}
其中标红的部分，如果是$_FILES['file']['name']就报错，而如果是$_FILES['file']['tmp_name']就会提示文件类型不正确（即使我上传图片和rar文件也一样），请问怎么写才正确？

回复讨论(解决方案)

先打印出checkTitle方法的返回值是什么。
checkTitle方法里面怎么还有个 $filename=($_FILES['file']['tmp_name']);

1、
function checkTitle($filename) //判断文件类型
{
$filename=($_FILES['file']['tmp_name']);
应写作

function checkTitle($filename)  //判断文件类型{    $filename = $filename['tmp_name']);

Copy after login

2、
if(!in_array(checkTitle($_FILES['file']['tmp_name']),$type)) //判断上传文件类型
{
应写作

if(!in_array(checkTitle($_FILES['file']),$type)) //判断上传文件类型{

Copy after login

因为你不能假定表单控件都只命名为 file，如果是别的名字呢？

1、
function checkTitle($filename)  //判断文件类型
{
    $filename=($_FILES['file']['tmp_name']);
应写作

PHP code?123function checkTitle($filename)  //判断文件类型{    $filename = $filename['tmp_n……
我的表单里面上传文件就叫“file”：

先打印出checkTitle方法的返回值是什么。
checkTitle方法里面怎么还有个$filename=($_FILES['file']['tmp_name']);
如果我写$filename=($_FILES['file']['name']);会报错，只好把name改成tmp_name

自己把问题解决了：
1.因为这时还没有移动临时文件，所以只能用tmp_name，如果用name当然无法得出结果（tmp_name的文件在服务器，而name的文件在客户端）；
2.判断不出来的原因是因为array（）里面的值都有“.”，删除掉就可以了：
$type=array('txt','rtf','doc','docx','xls','xlsx','ppt','.pptx','jpg','jpeg','png','bmp','png','zip','rar','7z','tar','gz','tar.gz');
（因为我开始使用的是按扩展名判断的方法，所以都有“.”）
现在文件上传的代码完全正常了，另外我在网上看到另一个代码，取文件头前4位，然后转换成16进制。

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

4 weeks ago By DDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

3 weeks ago By DDD

Where to find the Crane Control Keycard in Atomfall

4 weeks ago By DDD

Roblox: Dead Rails - How To Complete Every Challenge

1 months ago By DDD

How to fix KB5055523 fails to install in Windows 11?

2 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7741

Java Tutorial

1643

CakePHP Tutorial

1397

Laravel Tutorial

1291

PHP Tutorial

1233

Related knowledge

Alipay PHP SDK transfer error: How to solve the problem of 'Cannot declare class SignData'? Apr 01, 2025 am 07:21 AM

Alipay PHP...

How does session hijacking work and how can you mitigate it in PHP? Apr 06, 2025 am 12:02 AM

Session hijacking can be achieved through the following steps: 1. Obtain the session ID, 2. Use the session ID, 3. Keep the session active. The methods to prevent session hijacking in PHP include: 1. Use the session_regenerate_id() function to regenerate the session ID, 2. Store session data through the database, 3. Ensure that all session data is transmitted through HTTPS.

Explain JSON Web Tokens (JWT) and their use case in PHP APIs. Apr 05, 2025 am 12:04 AM

JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,

How to debug CLI mode in PHPStorm? Apr 01, 2025 pm 02:57 PM

How to debug CLI mode in PHPStorm? When developing with PHPStorm, sometimes we need to debug PHP in command line interface (CLI) mode...

Describe the SOLID principles and how they apply to PHP development. Apr 03, 2025 am 12:04 AM

The application of SOLID principle in PHP development includes: 1. Single responsibility principle (SRP): Each class is responsible for only one function. 2. Open and close principle (OCP): Changes are achieved through extension rather than modification. 3. Lisch's Substitution Principle (LSP): Subclasses can replace base classes without affecting program accuracy. 4. Interface isolation principle (ISP): Use fine-grained interfaces to avoid dependencies and unused methods. 5. Dependency inversion principle (DIP): High and low-level modules rely on abstraction and are implemented through dependency injection.

How to automatically set permissions of unixsocket after system restart? Mar 31, 2025 pm 11:54 PM

How to automatically set the permissions of unixsocket after the system restarts. Every time the system restarts, we need to execute the following command to modify the permissions of unixsocket: sudo...

How to send a POST request containing JSON data using PHP's cURL library? Apr 01, 2025 pm 03:12 PM

Sending JSON data using PHP's cURL library In PHP development, it is often necessary to interact with external APIs. One of the common ways is to use cURL library to send POST�...

Explain late static binding in PHP (static::). Apr 03, 2025 am 12:04 AM

Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.

See all articles