php 如何调试 move_uploaded_file 的问题?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5227381/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I debug problems with move_uploaded_file?
提问by JM at Work
I have a form like
我有一个像
<form action="send.php" method="post" enctype="multipart/form-data">
<div>
<label for="subject">Subject</label>
<input type="text" name="subject" />
</div>
<div>
<label for="image">Image</label>
<input type="file" name="image" />
</div>
<input type="submit" value="Send" />
</form>
PHP like
PHP 喜欢
echo '<pre>'; print_r($_FILES); echo '</pre>';
if (move_uploaded_file($_FILES['image']['tmp_name'], 'images/' . $_FILES['image']['name'])) {
echo 'ok';
} else {
echo 'error!';
};
I keep getting errorthe print_r looks like
我不断得到errorprint_r 的样子
Array
(
[image] => Array
(
[name] => Untitled-1.jpg
[type] => image/jpeg
[tmp_name] => /tmp/phpprWdjN
[error] => 0
[size] => 61768
)
)
采纳答案by deceze
Activate error reporting, then you should see the error thrown by move_uploaded_filetelling you what's wrong.
激活错误报告,然后您应该通过move_uploaded_file告诉您出了什么问题来看到抛出的错误。
回答by Marc B
Your $_FILES looks file, error=0 means the upload completed successfully. Most likely it's a permissions error. You can try doing something like:
您的 $_FILES 看起来是文件,error=0 表示上传成功完成。很可能是权限错误。您可以尝试执行以下操作:
if (!is_writeable('images/' . $_FILES['image']['name'])) {
die("Cannot write to destination file");
}
However, be aware that you're using a user-provided filename, so if someone uploads "pwn_my_server.php", your script will write it out to the images directory, and then they can simply visit yoursite.com/images/pwn_my_server.phpand take control of your site.
但是,请注意您使用的是用户提供的文件名,因此如果有人上传“pwn_my_server.php”,您的脚本会将其写入图像目录,然后他们就可以简单地访问yoursite.com/images/pwn_my_server.php并控制您的站点。
In general it is NEVER a good idea to trust anything in the $_FILES array, or use it directly, since the entirety of its contents are under remote user control. The only thing created by the server is the error code and tmp_name. The rest is potentially malicious.
一般来说,信任 $_FILES 数组中的任何内容或直接使用它从来都不是一个好主意,因为它的全部内容都在远程用户控制之下。服务器创建的唯一内容是错误代码和 tmp_name。其余的可能是恶意的。
回答by Michael Bai
maybe the problem is 'image/' folder, you can set the absolute path here and make sure that path is writable, then have a try.
也许问题是'image/'文件夹,你可以在这里设置绝对路径并确保该路径是可写的,然后尝试一下。
回答by Sujeet
Use the code below: 1. create the directory named 'uploads' 2. save the file with .php extension
使用以下代码: 1. 创建名为 'uploads' 的目录 2. 以 .php 扩展名保存文件
now run the code.
现在运行代码。
<?php
if (!empty($_FILES))
{
// PATH TO THE DIRECTORY WHERE FILES UPLOADS
$file_src = 'uploads/'.$_FILES['image']['name'];
// FUNCTION TO UPLOAD THE FILE
if(move_uploaded_file($_FILES['image']['tmp_name'], $file_src)):
// SHOW THE SUCCESS MESSAGE AFTER THE MOVE - NO VISIBLE CHANGE
echo 'Your file have been uploaded sucessfuly';
else:
// SHOW ERROR MESSAGE
echo 'Error';
endif;
}
?>
<form action="" method="post" enctype="multipart/form-data">
<div>
<label for="subject">Subject</label>
<input type="text" name="subject" />
</div>
<div>
<label for="image">Image</label>
<input type="file" name="image" />
</div>
<input type="submit" value="Send" name='submit' />
</form>
:)
:)
