我怎樣才能確保沒有php/html文件上傳到我的服務器?這是我迄今爲止的代碼,但它不起作用。PHP--將上傳的文件過濾到imags
<?php
$target = "upload/";
$target = $target . basename($_FILES['uploaded']['name']) ;
$ok=1;
//This is our size condition
if ($uploaded_size > 35000)
{
echo "Your file is too large.<br>";
$ok=0;
}
//This is our limit file type condition
if ($uploaded_type =="text/php")
{
echo "No PHP files<br>";
$ok=0;
}
//Here we check that $ok was not set to 0 by an error
if ($ok==0)
{
Echo "Sorry your file was not uploaded";
}
//If everything is ok we try to upload it
else
{
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
{
echo "The file ". basename($_FILES['uploadedfile']['name']). " has been uploaded and will be revied by moderators. You will recieve points based on the review.";
}
else
{
echo "Sorry, there was a problem uploading your file.";
}
}
?>
你從哪裏得到'$ uploaded_size'? – alex 2011-03-20 02:16:37
你在哪裏設置'$ uploaded_type'?它的價值是什麼? – 2011-03-20 02:16:45