首页导航博客电子书算法众创代码随贴关于我们

自己写的php上传类，检查文件真实性,单文件多文件通用

完全独立的 亲测好用 单文件及文件上传类 修改上传目录 内有方法

代码正文双击正文可选择全部

1[代码][php]

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>page_title</title>
  </head>
<body>
<?php

function_exists('date_default_timezone_set') && date_default_timezone_set('Asia/Shanghai');
if($_FILES)
{
	$je_upload=new jetee_upload();
	//print_r($_FILES);
	if(is_array($_FILES['file_path']['name']))
	{
		// 上传多文件
		foreach ($_FILES['file_path']['error'] AS $key => $value)
		{
			if ($value == 0)
			{
				if (!$je_upload->check_upload_type($_FILES['file_path']['type'][$key]))
				{
					echo '文件不允许请重新选invalid_img_url;';//sys_msg(sprintf($_LANG['invalid_img_url'], $key + 1), 1, array(), false);
				}
			}
			elseif ($value == 1)
			{
				echo '受php限制,文件太大img_url_too_big;';//sys_msg(sprintf($_LANG['img_url_too_big'], $key + 1, $php_maxsize), 1, array(), false);
			}
			elseif ($value == 2)
			{
				echo '受浏览器限制,文件太大img_url_too_big;';//sys_msg(sprintf($_LANG['img_url_too_big'], $key + 1, $htm_maxsize), 1, array(), false);
			}
		}
	}
	else//单文件
	{
		if ($_FILES['file_path']['error'] == 0)
		{
			if (!$je_upload->check_upload_type($_FILES['file_path']['type']))
			{
				echo 'invalid_img_url;';//sys_msg(sprintf($_LANG['invalid_img_url'], $key + 1), 1, array(), false);
			}
		}
		elseif ($_FILES['file_path']['error'] == 1)
		{
			echo 'img_url_too_big;';//sys_msg(sprintf($_LANG['img_url_too_big'], $key + 1, $php_maxsize), 1, array(), false);
		}
		elseif ($_FILES['file_path']['error'] == 2)
		{
			echo 'img_url_too_big;';//sys_msg(sprintf($_LANG['img_url_too_big'], $key + 1, $htm_maxsize), 1, array(), false);
		}
	}
	print_r( $je_upload->upload_file($_FILES['file_path'], './','|csv|'));
}

Class jetee_upload{
	/**第一步
	 * 根据php获取的$file_type信息，检查上传文件类型是否合法,基本判断 先不检查内容  允许的|csv|png|jpg|jpeg|gif|doc|xls|txt|zip|ppt|pdf|rar
	 * @access  public
	 * @param string  $file_type   $_FILES['file_path']['type'] 
	 * @return bool
	 */	   
	public function check_upload_type($file_type) {
		return $file_type == 'image/pjpeg' ||
			   $file_type == 'image/x-png' ||
			   $file_type == 'image/png'   ||
			   $file_type == 'image/gif'   ||
			   $file_type == 'image/jpeg'  ||
			   $file_type == 'application/msword'   ||
			   $file_type == 'application/vnd.ms-excel'   ||
			   $file_type == 'text/plain'   ||
			   $file_type == 'application/zip'   ||
			   $file_type == 'application/vnd.ms-powerpoint'   ||
			   $file_type == 'application/pdf' ||
			   $file_type == 'application/octet-stream' ||
			   $file_type == 'application/x-rar-compressed';
			   
	}
	/**第二步
	 * 处理上传文件，并返回上传图片名数组(上传失败时返回图片名为空）
	 *
	 * @access  public
	 * @param array     $upload     $_FILES 数组
	 * @param array     $_path       上传的绝对路径 e:/w/work/jetee.cn/data/captcha/
	 *
	 * @return arrary   单个文件array('上传图片名','及对应错误消息 成功为空')        多个文件名 成功文件名 及对应错误信息array('name'=>array(),'error'=>array()) 
	 */
	public function upload_file($upload, $_path,$_allow='|csv|png|jpg|jpeg|gif|doc|xls|txt|zip|ppt|pdf|rar|')
	{
		$multi=is_array($upload[name]);
		if($multi)//多个文件上传
		{
			$_return=array('name'=>array(),'error'=>array());
			foreach($upload['tmp_name'] as $k=>$v){
				if (!empty($v)){
					$ftype = $this->check_file_type($v, $upload['name'][$k], $_allow);//检查真实文件内容得检查   返回扩展名
					if (!empty($ftype)){
						$name=$this->get_target_filename($ftype);
						$target = $_path . $name;
						if (!$this->move_upload_file($v, $target)){
							$_return['name'][]='';
							$_return['error'][]=__LINE__.'上传文件失败！';
						}
						else{
							$_return['name'][]=$name;
							$_return['error'][]='';
						}
					}
					else{
							$_return['name'][]='';
							$_return['error'][]=__LINE__.'检查真实文件内容失败！';
					}
				}
				else
				{
					$_return['name'][]='';
					$_return['error'][]=__LINE__.'文件名为空失败！';
				}
			}
			return $_return;
		}
		else//单个文件上传
		{
			$_return=array();//
			if (!empty($upload['tmp_name'])){
				$ftype = $this->check_file_type($upload['tmp_name'], $upload['name'], $_allow);//这里只是允许的部分
				if (!empty($ftype)){
					$name=$this->get_target_filename($ftype);
					$target = $_path . $name;
					if (!$this->move_upload_file($upload['tmp_name'], $target)){
						
						$_return[]='';
						$_return[]=__LINE__.'上传文件失败！';
					}
					else{
						$_return[]=$name;
						$_return[]='';
					}
				}
				else{
						$_return[]='';
						$_return[]=__LINE__.'检查真实文件内容失败！';
				}
			}
			else{
					$_return[]='';
					$_return[]=__LINE__.'文件名为空失败！';
			}
			return $_return;
		}
	}

/**
	 * 根据文件内空检查文件真实类型
	 *
	 * @access      public
	 * @param       string      filename            文件名			如D:\apmserv\tmp\uploadtemp\php728B.tmp
	 * @param       string      realname            上传的文件名		如Book2.csv
	 * @param       string      limit_ext_types     允许的文件类型 下面有的取部分  |csv|png|jpg|jpeg|gif|doc|xls|txt|zip|ppt|pdf|rar|
	 * @return      string  exit("".__LINE__);
	 */
	private function check_file_type($filename, $realname = '', $limit_ext_types = '')
	{	//取扩展名
		if ($realname){
			$extname = strtolower(substr($realname, strrpos($realname, '.') + 1));
		}
		else{
			$extname = strtolower(substr($filename, strrpos($filename, '.') + 1));
		}
		//上传的不在允许扩展名内
		if ($limit_ext_types && stristr($limit_ext_types, '|' . $extname . '|') === false){
			echo __LINE__.'上传的不在允许扩展名内';exit;
			return '';
		}
		$str = $format = '';

$file = @fopen($filename, 'rb');
		if ($file)
		{
			$str = @fread($file, 0x400); // 读取前 1024 个字节
			@fclose($file);
		}
		else//如果无内容不用判断内容是否为真实
		{
			if (stristr($filename, $_SERVER['DOCUMENT_ROOT']) === false)
			{
				if ($extname == 'jpg' || $extname == 'jpeg' || $extname == 'gif' || $extname == 'png' || $extname == 'doc' ||
					$extname == 'xls' || $extname == 'txt'  || $extname == 'zip' || $extname == 'rar' || $extname == 'ppt' ||
					$extname == 'pdf' || $extname == 'rm'   || $extname == 'mid' || $extname == 'wav' || $extname == 'bmp' ||
					$extname == 'swf' || $extname == 'chm'  || $extname == 'sql' || $extname == 'cert'|| $extname == 'csv')
				{
					$format = $extname;
				}
			}
			else
			{
				echo __LINE__;exit;
				return '';
			}
		}
		if ($format == '' && strlen($str) >= 2 )//根据文件部分内容得出真实扩展名
		{
			if (substr($str, 0, 4) == 'MThd' && $extname != 'txt')
			{
				$format = 'mid';
			}
			elseif (substr($str, 0, 4) == 'RIFF' && $extname == 'wav')
			{
				$format = 'wav';
			}
			elseif (substr($str ,0, 3) == "\xFF\xD8\xFF")
			{
				$format = 'jpg';
			}
			elseif (substr($str ,0, 4) == 'GIF8' && $extname != 'txt')
			{
				$format = 'gif';
			}
			elseif (substr($str ,0, 8) == "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A")
			{
				$format = 'png';
			}
			elseif (substr($str ,0, 2) == 'BM' && $extname != 'txt')
			{
				$format = 'bmp';
			}
			elseif ((substr($str ,0, 3) == 'CWS' || substr($str ,0, 3) == 'FWS') && $extname != 'txt')
			{
				$format = 'swf';
			}
			elseif (substr($str ,0, 4) == "\xD0\xCF\x11\xE0")
			{   // D0CF11E == DOCFILE == Microsoft Office Document
				if (substr($str,0x200,4) == "\xEC\xA5\xC1\x00" || $extname == 'doc')
				{
					$format = 'doc';
				}
				elseif (substr($str,0x200,2) == "\x09\x08" || $extname == 'xls')
				{
					$format = 'xls';
				} elseif (substr($str,0x200,4) == "\xFD\xFF\xFF\xFF" || $extname == 'ppt')
				{
					$format = 'ppt';
				}
			} elseif (substr($str ,0, 4) == "PK\x03\x04")
			{
				$format = 'zip';
			} elseif (substr($str ,0, 4) == 'Rar!' && $extname != 'txt')
			{
				$format = 'rar';
			} elseif (substr($str ,0, 4) == "\x25PDF")
			{
				$format = 'pdf';
			} elseif (substr($str ,0, 3) == "\x30\x82\x0A")
			{
				$format = 'cert';
			} elseif (substr($str ,0, 4) == 'ITSF' && $extname != 'txt')
			{
				$format = 'chm';
			} elseif (substr($str ,0, 4) == "\x2ERMF")
			{
				$format = 'rm';
			} elseif ($extname == 'sql')
			{
				$format = 'sql';
			} elseif ($extname == 'txt')
			{
				$format = 'txt';
			}elseif ($extname == 'csv')
			{
				$format = 'csv';
			}
		}

if ($limit_ext_types && stristr($limit_ext_types, '|' . $format . '|') === false)//真空扩展名不在  限制扩展名内
		{
			$format = '';
		}

return $format;
	}	
	
	
	/**
	 * 将上传文件转移到指定位置
	 *
	 * @param string $file_name
	 * @param string $target_name
	 * @return blog
	 */
	private function move_upload_file($file_name, $target_name = '')
	{
		if (function_exists("move_uploaded_file"))
		{
			if (move_uploaded_file($file_name, $target_name))
			{
				@chmod($target_name,0755);
				return true;
			}
			else if (copy($file_name, $target_name))
			{
				@chmod($target_name,0755);
				return true;
			}
		}
		elseif (copy($file_name, $target_name))
		{
			@chmod($target_name,0755);
			return true;
		}
		return false;
	}
	/**
	 * 返回一个唯一的随机文件名
	 *
	 * @param string $extname
	 * @return $target_name
	 */
	private function get_target_filename($extname) {
		$name = date('YmdHis-').substr(sprintf("%.8f",microtime(true)),11);
		for ($i = 0; $i < 3; $i++){
			$name .= chr(mt_rand(97, 122));
		}
		return $name. '.' .$extname;
	}
}
?>
<form enctype="multipart/form-data" action="#" method="post" name="theForm" >
    
    <input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
       
    <input type="file" name="file_path[]" />   
    <input type="file" name="file_path[]" />   
    <input type="submit" value="上传文件">
</form>

</body>
</html>