.txt PHP 文件上传 txt 扩展名?

发布于 2024-10-17 12:45:08 字数 108 浏览 1 评论 0原文

我正在用 php 进行文件上传。 .txt 是上传过滤器的有效扩展名吗?如果可以的话我可以看一个例子吗?

编辑:抱歉我不太清楚。我的意思是我只希望用户能够上传 .txt 文件,仅此而已。

I am doing a file upload in php. Is .txt a valid extension to upload filters? If so may I see an example?

EDIT: I'm sorry I'm not too clear. What I mean is I only want the user to be able to upload .txt files and that is all.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

淤浪 2024-10-24 12:45:08

任何东西都是有效的,直到您在上传文件时使其无效为止。使用此代码,您将看到哪些属性使 PHP 的文件处理生效:

upload.html:

<html>
  <head>
    <title>Upload a File</title>
  </head>

  <body>
    <form action="upload_file.php" method="post" enctype="multipart/form-data">
      <label for="file">Filename:</label>
      <input type="file" name="file" id="file" /> 

      <br />

      <input type="submit" name="submit" value="Submit" />
    </form>
  </body>
</html>

upload_file.php:

<?php
if ($_FILES["file"]["error"] > 0)
  {
    echo "Error: " . $_FILES["file"]["error"] . "<br />";
  } else {
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    echo "Stored in: " . $_FILES["file"]["tmp_name"];
  }
?>

我不太确定您在问什么,所以稍微澄清一下就好了。


我不使用 PHP (Python FTW),但如果您想确保只有文本文件通过,请过滤它们:

if ($_FILE['file']['type'] == 'text/plain' && strrpos($_FILE['file']['name'], '.txt') === strlen($_FILE['file']['name']) - strlen('.txt'))
{
  echo 'Your file is legit. Continue...'
} else {
  echo 'You can\'t upload that!'
}

我不确定 text/plain 是否会导致漏报,所以如果有,只需将其删除即可。

Anything's valid until you make it invalid when it comes to uploading files. Play with this code and you'll see what properties make PHP's file processing tick:

upload.html:

<html>
  <head>
    <title>Upload a File</title>
  </head>

  <body>
    <form action="upload_file.php" method="post" enctype="multipart/form-data">
      <label for="file">Filename:</label>
      <input type="file" name="file" id="file" /> 

      <br />

      <input type="submit" name="submit" value="Submit" />
    </form>
  </body>
</html>

upload_file.php:

<?php
if ($_FILES["file"]["error"] > 0)
  {
    echo "Error: " . $_FILES["file"]["error"] . "<br />";
  } else {
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    echo "Stored in: " . $_FILES["file"]["tmp_name"];
  }
?>

I'm not really sure what you're asking, so a bit clarification would be nice.


I don't work with PHP (Python FTW), but if you want to make sure only text files get through, filter them:

if ($_FILE['file']['type'] == 'text/plain' && strrpos($_FILE['file']['name'], '.txt') === strlen($_FILE['file']['name']) - strlen('.txt'))
{
  echo 'Your file is legit. Continue...'
} else {
  echo 'You can\'t upload that!'
}

I'm not sure if the text/plain will cause false-negatives, so if it does, just remove it.

一个人练习一个人 2024-10-24 12:45:08

默认情况下,除非您使用某种第三方库,否则任何文件都可以上传。你用它做什么,解析它,是另一个故事了:)

By default, unless you're using a 3rd-party library of some sorts, any file can be uploaded. What you do with it, parsing it, is another story :)

满栀 2024-10-24 12:45:08

使用表单中提供的文件名,您必须提取文件扩展名。然后,您将文件扩展名与扩展名列表(您允许的)进行比较,如果与其中任何扩展名都不匹配,则不处理该文件。

首先提取扩展名并

$ext = substr(strrchr($file_name,'.'),1);

使用 case 语句比较结果,或者(因为您有 1 个允许的扩展名)如果

if ($ext == 'txt') // upload the file

Using the supplied filename from your form, you must extract the file extension. You then compare the file extension to a list of extensions (that you allow) and if it does not match any of them, do not process the file.

First extract the extension by

$ext = substr(strrchr($file_name,'.'),1);

and compare the result using a case statement or (since you have 1 allowed extension) just if

if ($ext == 'txt') // upload the file
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文