study/uTools-Manuals
1
0
Fork 0
mirror of https://github.com/fofolee/uTools-Manuals.git synced 2025-06-19 06:16:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
uTools-Manuals/docs/php/is_uploaded_file.html
fofolee 7ca94f1141 0.0.1
2019-04-08 23:22:26 +08:00

99 lines
5.8 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>判断文件是否是通过 HTTP POST 上传的</title>
</head>
<body class="docs"><div id="layout">
<div id="layout-content"><div id="function.is-uploaded-file" class="refentry">
<div class="refnamediv">
<h1 class="refname">is_uploaded_file</h1>
<p class="verinfo">(PHP 4 &gt;= 4.0.3, PHP 5, PHP 7)</p><p class="refpurpose"><span class="refname">is_uploaded_file</span> &mdash; <span class="dc-title">判断文件是否是通过 HTTP POST 上传的</span></p>
</div>
<div class="refsect1 description" id="refsect1-function.is-uploaded-file-description">
<h3 class="title">说明</h3>
<div class="methodsynopsis dc-description">
<span class="methodname"><strong>is_uploaded_file</strong></span>
( <span class="methodparam"><span class="type">string</span> <code class="parameter">$filename</code></span>
) : <span class="type">bool</span></div>
<p class="para rdfs-comment">
如果 <code class="parameter">filename</code> 所给出的文件是通过
HTTP POST 上传的则返回 <strong><code>TRUE</code></strong>。这可以用来确保恶意的用户无法欺骗脚本去访问本不能访问的文件,例如
<var class="filename">/etc/passwd</var>
</p>
<p class="para">
这种检查显得格外重要,如果上传的文件有可能会造成对用户或本系统的其他用户显示其内容的话。
</p>
<p class="para">
为了能使 <span class="function"><strong>is_uploaded_file()</strong></span> 函数正常工作,必段指定类似于
<var class="varname"><var class="varname"><a href="reserved.variables.files.html" class="classname">$_FILES['userfile']['tmp_name']</a></var></var> 的变量,而在从客户端上传的文件名
<var class="varname"><var class="varname"><a href="reserved.variables.files.html" class="classname">$_FILES['userfile']['name']</a></var></var> 不能正常运作。
</p>
</div>
<div class="refsect1 parameters" id="refsect1-function.is-uploaded-file-parameters">
<h3 class="title">参数</h3>
<p class="para">
<dl>
<dt>
<code class="parameter">filename</code></dt>
<dd>
<p class="para">
要检查的文件名。
</p>
</dd>
</dl>
</p>
</div>
<div class="refsect1 returnvalues" id="refsect1-function.is-uploaded-file-returnvalues">
<h3 class="title">返回值</h3>
<p class="para">
成功时返回 <strong><code>TRUE</code></strong> 或者在失败时返回 <strong><code>FALSE</code></strong>
</p>
</div>
<div class="refsect1 examples" id="refsect1-function.is-uploaded-file-examples">
<h3 class="title">范例</h3>
<p class="para">
<div class="example" id="example-2817">
<p><strong>Example #1 <span class="function"><strong>is_uploaded_file()</strong></span> 例子</strong></p>
<div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /><br /></span><span style="color: #007700">if&nbsp;(</span><span style="color: #0000BB">is_uploaded_file</span><span style="color: #007700">(</span><span style="color: #0000BB">$_FILES</span><span style="color: #007700">[</span><span style="color: #DD0000">'userfile'</span><span style="color: #007700">][</span><span style="color: #DD0000">'tmp_name'</span><span style="color: #007700">]))&nbsp;{<br />&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"File&nbsp;"</span><span style="color: #007700">.&nbsp;</span><span style="color: #0000BB">$_FILES</span><span style="color: #007700">[</span><span style="color: #DD0000">'userfile'</span><span style="color: #007700">][</span><span style="color: #DD0000">'name'</span><span style="color: #007700">]&nbsp;.</span><span style="color: #DD0000">"&nbsp;uploaded&nbsp;successfully.\n"</span><span style="color: #007700">;<br />&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"Displaying&nbsp;contents\n"</span><span style="color: #007700">;<br />&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">readfile</span><span style="color: #007700">(</span><span style="color: #0000BB">$_FILES</span><span style="color: #007700">[</span><span style="color: #DD0000">'userfile'</span><span style="color: #007700">][</span><span style="color: #DD0000">'tmp_name'</span><span style="color: #007700">]);<br />}&nbsp;else&nbsp;{<br />&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"Possible&nbsp;file&nbsp;upload&nbsp;attack:&nbsp;"</span><span style="color: #007700">;<br />&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"filename&nbsp;'"</span><span style="color: #007700">.&nbsp;</span><span style="color: #0000BB">$_FILES</span><span style="color: #007700">[</span><span style="color: #DD0000">'userfile'</span><span style="color: #007700">][</span><span style="color: #DD0000">'tmp_name'</span><span style="color: #007700">]&nbsp;.&nbsp;</span><span style="color: #DD0000">"'."</span><span style="color: #007700">;<br />}<br /><br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
</div>
</div>
</p>
</div>
<div class="refsect1 seealso" id="refsect1-function.is-uploaded-file-seealso">
<h3 class="title">参见</h3>
<p class="para">
<ul class="simplelist">
<li class="member"><span class="function"><a href="move_uploaded_file.html" class="function" rel="rdfs-seeAlso">move_uploaded_file()</a> - 将上传的文件移动到新位置</span></li>
<li class="member"><var class="varname"><var class="varname"><a href="reserved.variables.files.html" class="classname">$_FILES</a></var></var></li>
<li class="member">关于用法的简单例子
<a href="features.file_upload.html" class="link">文件上传处理</a></li>
</ul>
</p>
</div>
</div></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink