如何检查目录是否适合在 php 中上传文件？

Question

我正在制作一份申请表，供用户申请工作并上传他们的简历。我制作的 php 代码将文件名发送到数据库，所以我猜它工作正常。

因为经过几次测试后我没有看到任何文件。我尝试更改上传目录，因此当用户上传他们的 CV 时，它会转到根目录中的“uploads”文件夹。

<?php

if(isset($_POST['uploadCV'])) {
    $file = $_FILES['uploadCV'];
    $fileName = $_FILES['uploadCV']['name'];
    $fileTmpName = $_FILES['uploadCV']['tmp_name'];
    $fileSize = $_FILES['uploadCV']['size'];
    $fileError = $_FILES['uploadCV']['Error'];
    $fileType = $_FILES['uploadCV']['type'];

    $fileExt = explode('.', $fileName);
    $fileActualExt = strtolower(end($fileExt));

    $allowed = array('jpg', 'jpeg', 'png', 'doc', 'docs', 'pdf');
    if(in_array($fileActualExt, $allowed) ) {
        if($fileError === 0) {
            if($fileSize < 50000 ) {
                $fileNameNew = uniqid('', true). '.' . $fileActualExt;
                $fileDestination = 'uploads/' . $fileNameNew;
                move_uploaded_file($fileTmpName, $fileDestination);
                echo "File uploaded!";
            } else {
                echo "File is too large...minimum size is 50MB";
            }
        } else {
            echo "there was a error uploading your file, please ty again!";
        }
    } else {
        echo "You can't upload this file type!";
    }
}

至于 HTML：

<input type="file" name="uploadCV"/>

创建-form.php：

<?php
header("Location: http://localhost/Rocket/includes/thankYou.php");

include('connection.php');

if(isset($_POST['addForm'])) {

    $fullName = $_POST['fullName'];
    $email = $_POST['email'];
    $mobile = $_POST['mobile'];
    $dob = $_POST['dob'];
    $degree = $_POST['degree'];
    $expYears = $_POST['expYears'];
    $position = $_POST['jobPosition'];
    $whyHire = $_POST['whyHire'];
    $uploadCV = $_POST['uploadCV'];
    $dateApplied = $_POST['dateApplied'];


    $db = new Database();
    $db->connect();
    $db->insert('users',array('fullName'=>$fullName,'email'=>$email, 'mobile'=>$mobile,
                'dob'=>$dob, 'degree'=>$degree, 'expYears'=>$expYears, 'position'=>$position,
                'whyHire'=>$whyHire, 'uploadCV'=>$uploadCV, 'dateApplied'=>$dateApplied));  // Table name, column names and respective values
    $res = $db->getResult();
    print_r($res);

    if($res) {
        echo "Sent to DB";
        die();
    } else {
        echo "query error";
    }
}

我期望代码将用户选择的文件上传到“上传”文件夹，但遗憾的是没有运气，我不明白为什么。但我感觉是我写上传目录的方式可能有问题。

Answer 1

伙计，你应该改变if条件如下：

<?php

if(isset($_FILES['uploadCV'])) {
    $file = $_FILES['uploadCV'];
    $fileName = $_FILES['uploadCV']['name'];
    $fileTmpName = $_FILES['uploadCV']['tmp_name'];
    $fileSize = $_FILES['uploadCV']['size'];
    $fileType = $_FILES['uploadCV']['type'];

    $fileExt = explode('.', $fileName);
    $fileActualExt = strtolower(end($fileExt));

    $allowed = array('jpg', 'jpeg', 'png', 'doc', 'docs', 'pdf');
    if(in_array($fileActualExt, $allowed) ) {
            if($fileSize < 50000 ) {
                $fileNameNew = uniqid('', true). '.' . $fileActualExt;
                $fileDestination = 'uploads/' . $fileNameNew;
                print_r($fileDestination);
                move_uploaded_file($fileTmpName, $fileDestination);
                echo "File uploaded!";
            } else {
                echo "File is too large...minimum size is 50MB";
            }
    } else {
        echo "You can't upload this file type!";
    }
}
?>

<html>
    <body>
        <form action="" enctype="multipart/form-data" method="post">
            <input type="file" name="uploadCV"/>            
            <input type="submit" name="subkit" value="submit"/>            
        </form>
    </body>
</html>

您应该检查$_FILES 而不是$_POST。此外，您可以从 $_FILES 中删除错误。希望它会帮助你。

Answer 2

检查目录是否可写

if (is_writable($fileDestination)) {
  // File is writable
}