限制PHP表单上传的文件类型和大小 [英] Restrict File Type and size in PHP form upload

问题描述

大家好，我在 http://apptools.com 上找到了一些非常好的代码，这帮助我创建了一个表单允许用户在那里输入详细信息上传文件，然后自动发送给我，这是很好的。我只是想知道你是否知道如何将文件类型限制为doc，pdf，psd，ai，jpg，bmp以及将来可能还有其他一些文件类型，并将其限制为5mb大小。我的代码如下：

Hi all I have found some really good code over on http://apptools.com thats helped me create a form that allows users to enter there details upload a file and it then emails it to me automatically which is great. I just wondered if you knew how I could restrict the file types to doc, pdf, psd, ai, jpg, bmp and maybe a few more in the future and also restrict it to 5mb in size. The code I have is below:

<?php
if(!isset($_POST['Submit'])){
echo "error; you need to submit the form!";
}
else {


$to="my@email.com";
$subject="Subject header";
$enquiry = $_POST['message2'];
$company = $_POST['company2'];
$tel = $_POST['tel2'];
$client = $_POST['fromname'];
$clientemail = $_POST['fromemail'];
$from = stripslashes($_POST['fromname'])."<".stripslashes($_POST['fromemail']).">";
$mime_boundary="==Multipart_Boundary_x".md5(mt_rand())."x";
$headers = "From: $from\r\n" .
"MIME-Version: 1.0\r\n" .
"Content-Type: multipart/mixed;\r\n" .
" boundary=\"{$mime_boundary}\"";

$message="Email from $fromname on  Contact form.\n\n Details are as follows:\n Name:
$client \n Company: $company \n Email: $clientemail \n Telephone: $tel \n Message: 
$enquiry \n".
"\n Please contact them within 48 hours.";

$message = "This is a multi-part message in MIME format.\n\n" .
"--{$mime_boundary}\n" .
"Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
"Content-Transfer-Encoding: 7bit\n\n" .
$message . "\n\n";
foreach($_FILES as $userfile){
$tmp_name = $userfile['tmp_name'];
$type = $userfile['type'];
$name = $userfile['name'];
$size = $userfile['size'];


if (file_exists($tmp_name)){


if(is_uploaded_file($tmp_name)){
$file = fopen($tmp_name,'rb');
$data = fread($file,filesize($tmp_name));
fclose($file);
$data = chunk_split(base64_encode($data));
}

$message .= "--{$mime_boundary}\n" .
"Content-Type: {$type};\n" .
" name=\"{$name}\"\n" .
"Content-Disposition: attachment;\n" .
" filename=\"{$fileatt_name}\"\n" .
"Content-Transfer-Encoding: base64\n\n" .
$data . "\n\n";
}
}
$message.="--{$mime_boundary}--\n";
if (@mail($to, $subject, $message, $headers))
echo "Message Sent";
else
echo "Failed to send";
}  ?>

任何帮助都会很棒。

Any help would be great.

推荐答案

您可以在php.ini中限制上传大小（ here ），你可以检查上传文件名称的扩展名，以确认它是一个可接受的格式（未经测试的代码）：

You can limit the upload size in php.ini (here), and you can check the extension of the name of the uploaded file to verify it is an acceptable format (not tested code):

$okExtensions = array('jpg', 'png');
$fileName = 'test.doc';

$fileParts = explode('.', $fileName);

if( in_array( strtolower( end($fileParts) ), $okExtensions) )
{
  // proceed
}

这篇关于限制PHP表单上传的文件类型和大小的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！