PHP 多文件上传脚本无法正常工作

发布于 2024-12-17 04:01:19 字数 4813 浏览 2 评论 0原文

我在此处找到了一个多文件上传脚本。

当我尝试上传文件时,我收到错误消息:

警告:file_exists() [function.file-exists]:open_basedir 限制生效。文件(/usr/local/apache/htdocs/register/uploaded_files/1321720804-bg.png)不在/home/中允许的路径内:(/home/:/usr/lib/php:/tmp) a2767984/public_html/register/multiple.upload.processor.php 第 80 行

上传文件夹“uploaded_files”的文件权限是设置为 777 并位于与脚本相同的文件夹中。(public_html/register/)

我真的不明白为什么这不起作用。花了两天时间摸不着头脑。有什么想法吗?

这是处理脚本:

<?php  

// filename: upload.processor.php

// first let's set some variables

// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);

// make a note of the directory that will recieve the uploaded files
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';

// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'multiple.upload.form.php';

// make a note of the location of the success page
$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'multiple.upload.success.php';

// name of the fieldname used for the file in the HTML form
$fieldname = 'file';

//echo'<pre>';print_r($_FILES);exit;



// Now let's deal with the uploaded files

// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded', 
                2 => 'html form max file size exceeded', 
                3 => 'file upload was only partial', 
                4 => 'no file was attached');

// check the upload form was actually submitted else print form
isset($_POST['submit'])
    or error('the upload form is needed', $uploadForm);

// check if any files were uploaded and if 
// so store the active $_FILES array keys
$active_keys = array();
foreach($_FILES[$fieldname]['name'] as $key => $filename)
{
    if(!empty($filename))
    {
        $active_keys[] = $key;
    }
}

// check at least one file was uploaded
count($active_keys)
    or error('No files were uploaded', $uploadForm);

// check for standard uploading errors
foreach($active_keys as $key)
{
    ($_FILES[$fieldname]['error'][$key] == 0)
        or error($_FILES[$fieldname]['tmp_name'][$key].': '.$errors[$_FILES[$fieldname]['error'][$key]], $uploadForm);
}

// check that the file we are working on really was an HTTP upload
foreach($active_keys as $key)
{
    @is_uploaded_file($_FILES[$fieldname]['tmp_name'][$key])
        or error($_FILES[$fieldname]['tmp_name'][$key].' not an HTTP upload', $uploadForm);
}

// validation... since this is an image upload script we 
// should run a check to make sure the upload is an image
foreach($active_keys as $key)
{
    @getimagesize($_FILES[$fieldname]['tmp_name'][$key])
        or error($_FILES[$fieldname]['tmp_name'][$key].' not an image', $uploadForm);
}

// make a unique filename for the uploaded file and check it is 
// not taken... if it is keep trying until we find a vacant one
foreach($active_keys as $key)
{
    $now = time();
    while(file_exists($uploadFilename[$key] = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name'][$key]))
    {
        $now++;
    }
}

// now let's move the file to its final and allocate it with the new filename
foreach($active_keys as $key)
{
    @move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key], $uploadFilename[$key])
        or error('receiving directory insuffiecient permission', $uploadForm);
}

// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to the success page.
header('Location: ' . $uploadSuccess);

// make an error handler which will be used if the upload fails
function error($error, $location, $seconds = 5)
{
    header("Refresh: $seconds; URL=\"$location\"");
    echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
    '"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
    '<html lang="en">'."\n".
    '   <head>'."\n".
    '       <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n".
    '       <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
    '   <title>Upload error</title>'."\n\n".
    '   </head>'."\n\n".
    '   <body>'."\n\n".
    '   <div id="Upload">'."\n\n".
    '       <h1>Upload failure</h1>'."\n\n".
    '       <p>An error has occured: '."\n\n".
    '       <span class="red">' . $error . '...</span>'."\n\n".
    '       The upload form is reloading</p>'."\n\n".
    '    </div>'."\n\n".
    '</html>';
    exit;
} // end error handler

?>

I found a multi file upload script here.

When I try to upload the files i get an error message:

Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/usr/local/apache/htdocs/register/uploaded_files/1321720804-bg.png) is not within the allowed path(s): (/home/:/usr/lib/php:/tmp) in /home/a2767984/public_html/register/multiple.upload.processor.php on line 80

The file permissions for the upload folder which is 'uploaded_files' is set to 777 and is located in the same folder as the script.(public_html/register/)

I really don't understand why this is not working. Spent two days scratching my head. Any ideas??

Here is the processing script:

<?php  

// filename: upload.processor.php

// first let's set some variables

// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);

// make a note of the directory that will recieve the uploaded files
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';

// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'multiple.upload.form.php';

// make a note of the location of the success page
$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'multiple.upload.success.php';

// name of the fieldname used for the file in the HTML form
$fieldname = 'file';

//echo'<pre>';print_r($_FILES);exit;



// Now let's deal with the uploaded files

// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded', 
                2 => 'html form max file size exceeded', 
                3 => 'file upload was only partial', 
                4 => 'no file was attached');

// check the upload form was actually submitted else print form
isset($_POST['submit'])
    or error('the upload form is needed', $uploadForm);

// check if any files were uploaded and if 
// so store the active $_FILES array keys
$active_keys = array();
foreach($_FILES[$fieldname]['name'] as $key => $filename)
{
    if(!empty($filename))
    {
        $active_keys[] = $key;
    }
}

// check at least one file was uploaded
count($active_keys)
    or error('No files were uploaded', $uploadForm);

// check for standard uploading errors
foreach($active_keys as $key)
{
    ($_FILES[$fieldname]['error'][$key] == 0)
        or error($_FILES[$fieldname]['tmp_name'][$key].': '.$errors[$_FILES[$fieldname]['error'][$key]], $uploadForm);
}

// check that the file we are working on really was an HTTP upload
foreach($active_keys as $key)
{
    @is_uploaded_file($_FILES[$fieldname]['tmp_name'][$key])
        or error($_FILES[$fieldname]['tmp_name'][$key].' not an HTTP upload', $uploadForm);
}

// validation... since this is an image upload script we 
// should run a check to make sure the upload is an image
foreach($active_keys as $key)
{
    @getimagesize($_FILES[$fieldname]['tmp_name'][$key])
        or error($_FILES[$fieldname]['tmp_name'][$key].' not an image', $uploadForm);
}

// make a unique filename for the uploaded file and check it is 
// not taken... if it is keep trying until we find a vacant one
foreach($active_keys as $key)
{
    $now = time();
    while(file_exists($uploadFilename[$key] = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name'][$key]))
    {
        $now++;
    }
}

// now let's move the file to its final and allocate it with the new filename
foreach($active_keys as $key)
{
    @move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key], $uploadFilename[$key])
        or error('receiving directory insuffiecient permission', $uploadForm);
}

// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to the success page.
header('Location: ' . $uploadSuccess);

// make an error handler which will be used if the upload fails
function error($error, $location, $seconds = 5)
{
    header("Refresh: $seconds; URL=\"$location\"");
    echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
    '"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
    '<html lang="en">'."\n".
    '   <head>'."\n".
    '       <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n".
    '       <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
    '   <title>Upload error</title>'."\n\n".
    '   </head>'."\n\n".
    '   <body>'."\n\n".
    '   <div id="Upload">'."\n\n".
    '       <h1>Upload failure</h1>'."\n\n".
    '       <p>An error has occured: '."\n\n".
    '       <span class="red">' . $error . '...</span>'."\n\n".
    '       The upload form is reloading</p>'."\n\n".
    '    </div>'."\n\n".
    '</html>';
    exit;
} // end error handler

?>

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

鹿港巷口少年归 2024-12-24 04:01:19

您的问题是, $_SERVER['DOCUMENT_ROOT'] 似乎返回了错误的值,因此您的 $uploadsDirectory 不在允许的路径内(请参阅第 11 行脚本)。

尝试替换

$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';

$uploadsDirectory = __DIR__.'/uploaded_files/';

如果这也不起作用,我会采用简单的方法并对路径进行硬编码:

$uploadsDirectory = '/home/a2767984/public_html/register/uploaded_files/';

Your problem is, that $_SERVER['DOCUMENT_ROOT'] seems to return the wrong value, so your $uploadsDirectory is not within in the allowed path (see line 11 of your script).

Try replacing

$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';

with

$uploadsDirectory = __DIR__.'/uploaded_files/';

If that doesn't work either, I would go the easy way and hardcode the path:

$uploadsDirectory = '/home/a2767984/public_html/register/uploaded_files/';
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文