php文件上传问题 [英] php file upload problem

问题描述

此代码可在我的本地主机上正常工作.我正在使用xampp 1.7.3.但是，当我将其放在实时服务器中时，它会显示Possible file upload attack!. "upload/"是服务器上"public_html"文件夹下的文件夹.我可以通过该目录中的其他脚本上传文件.

This code works properly in my localhost. I am using xampp 1.7.3. but when I put it in the live server it shows Possible file upload attack!. 'upload/' is the folder under 'public_html' folder on the server. I can upload files via other script in that directory.

<?php

$uploaddir = '/upload/';//I used C:/xampp/htdocs/upload/ in localhost. is it correct here?
$uploadfile = $uploaddir . basename($_FILES['file_0']['name']);

echo '<pre>';
if (move_uploaded_file($_FILES['file_0']['tmp_name'], $uploadfile)) {
    echo "File is valid, and was successfully uploaded.\\n";
} else {
    echo "Possible file upload attack!\\n";
}

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";

?>

推荐答案

您可能无法将文件移动到服务器文件系统根目录下的上载"文件夹/upload/中，因此move_uploaded_file()报告FALSE和您的消息.另外，此/upload/文件夹可能甚至不存在，也不可写.

You probably can't move your file to /upload/ which is an "upload" folder at the root of the server file system, hence move_uploaded_file() reporting FALSE and your message. Plus, this /upload/ folder probably doesn't even exist nor is it writeable.

您可能希望将其移动到$_SERVER['DOCUMENT_ROOT'].'/upload/'，该目录将指向您的虚拟主机根目录(例如www或您要上传应用程序文件的任何位置).不要忘记创建此文件夹并相应地更改其权限(CHMOD 777是个好主意).

You probably want to move it to $_SERVER['DOCUMENT_ROOT'].'/upload/' which will point to your virtual host root (something like www or wherever you're uploading your application files). Don't forget to create this folder and to change its permissions accordingly (CHMOD 777 is a good idea).

这篇关于php文件上传问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！