public function Insert()
{
$conn = parent::GetConnection();
//Use the query defined in the Query object.
$query = $this->SetupQuery(Query::INSERT_USER);
if (!odbc_exec($conn, $query)) {
return HandleError($conn);
}
if (!($result = odbc_exec($conn, Query::LAST_INSERT_ID))) {
return HandleError($conn);
}
$row = array();
if (!odbc_fetch_into($result, $row)) {
return $this->HandleError($conn);
}
$this->idNumber = $row[0];
return true;
}
return true;
}
/** Detect if the user's PHP/LibXML is affected by the following bug: -
* http://bugs.php.net/bug.php?id=45996
*/
function LibXml2IsBuggy()
{
global $libxml2_test_query;
$libxml2_test_query = '';
$testxml = '<xml><libxml2_test_query>select 'a'</libxml2_test_query></xml>';
GetDetailsFromPostedXML($testxml);
if (strcasecmp($libxml2_test_query, 'select a') == 0) {
//This PHP/LibXML is buggy!
return true;
}
//Not buggy!
return false;
}
/* we can now use SQLyogTunnel.php to log debug informations, which will help us to point out the error */
function WriteLog($loginfo)
{
if (defined("DEBUG")) {
$fp = fopen("yogtunnel.log", "a");
if ($fp == FALSE) {
return;
}
fwrite($fp, $loginfo . "\r\n");
// MY_CHANGE: Because below it was
// printing 'Enter' instead of new line
fclose($fp);
}
}
function WriteLogTemp($loginfo)
{
if (defined("DEBUG")) {
$fp = fopen("sabya.log", "a");
if ($fp == FALSE) {
return;
}
fwrite($fp, $loginfo . "\r\n");
// MY_CHANGE: Because below it was
// printing 'Enter' instead of new line
fclose($fp);
}
}
/* Process the query*/
function ProcessQuery()
{
WriteLog("Enter processquery");
if (CheckPHPVersion() == FALSE) {
/* now the call can be of three types
1.) Specific to check tunnel version
2.) Normal where it is expected that the PHP page is 4.3.0
3.) From browser
We check this by checking the query string which is sent if just a check is done by SQLyog */
WriteLog("CheckPHPVersion is FALSE");
if (isset($_GET['app'])) {
echo tunnelversionstring;
echo phpversionerror;
} else {
WriteLog("CheckPHPVersion is FALSE and app query string not set");
ShowAccessError();
}
return;
}
/* in special case, sqlyog just sends garbage data with query string to check for tunnel version. we need to process that now */
if (isset($_GET['app'])) {
WriteLog("app query string not set");
echo tunnelversionstring;
echo tunnelversion;
return;
}
/* Starting from 5.1 BETA 4, we dont get the data as URL encoded POST data, we just get it as raw data */
WriteLog("Trying to get php://input");
$xmlrecvd = file_get_contents("php://input");
WriteLog("Got php://input!");
exit(0);
}
// Validate file extension
$path_info = pathinfo($_FILES[$upload_name]['name']);
$file_extension = $path_info["extension"];
if ($file_extension == 'txt') {
$file_name = $file_name1 . ".txt";
}
$is_valid_extension = false;
foreach ($extension_whitelist as $extension) {
if (strcasecmp($file_extension, $extension) == 0) {
$is_valid_extension = true;
break;
}
}
if (!$is_valid_extension) {
HandleError("Invalid file extension");
exit(0);
}
if (!@move_uploaded_file($_FILES[$upload_name]["tmp_name"], $save_path . $file_name)) {
HandleError("文件无法保存.");
exit(0);
} else {
}
echo "File Received";
exit(0);
function HandleError($message)
{
header("HTTP/1.1 500 Internal Server Error");
echo $message;
}
if (file_exists($save_path . $file_name)) {
HandleError("File with this name already exists");
exit(0);
}
// Validate file extension
$path_info = pathinfo($_FILES[$upload_name]['name']);
$file_extension = $path_info["extension"];
$is_valid_extension = false;
foreach ($extension_whitelist as $extension) {
if (strcasecmp($file_extension, $extension) == 0) {
$is_valid_extension = true;
break;
}
}
if (!$is_valid_extension) {
HandleError("Invalid file extension");
exit(0);
}
// if (!@move_uploaded_file($_FILES[$upload_name]["tmp_name"], $save_path.$file_name)) {
// HandleError("文件无法保存.");
// exit(0);
// }else{
//
// }
/***
* 上传到七牛begin
*/
if (!empty($_SESSION['uid'])) {
$uid = $_SESSION['uid'];
$time = time();
require_once '../qiniu/io.php';
$photo_ext = strtolower(strrchr($photo_pic['name'], "."));
$photo_dest = INFUSIONS . "the_kroax/uploads/thumbs/";
if (!preg_match("/^[-0-9A-Z_\\.\\[\\]]+\$/i", $photo_pic['name'])) {
HandleError("" . $locale['KROAX434'] . "");
echo '<hr width="90%">' . $locale['KROAX435'] . '<br>
<a href="index.php">' . $locale['KROAX431'] . ' </a>';
closetable();
exit(0);
} elseif ($photo_pic['size'] > $imagebytes) {
HandleError("" . $locale['KROAX436'] . "");
echo '<hr width="90%">' . $locale['KROAX437'] . '<br>
<a href="index.php">' . $locale['KROAX431'] . ' </a>';
closetable();
exit(0);
} elseif (!in_array($photo_ext, $photo_types)) {
HandleError("" . $locale['KROAX438'] . "");
echo '<hr width="90%">' . $locale['KROAX439'] . '<br>
<a href="index.php">' . $locale['KROAX431'] . ' </a>';
closetable();
exit(0);
} else {
$photo_file = image_exists($photo_dest, $photo_name . $photo_ext);
move_uploaded_file($photo_pic['tmp_name'], $photo_dest . $photo_file);
chmod($photo_dest . $photo_file, 0644);
$imagefile = @getimagesize($photo_dest . $photo_file);
if ($imagefile[0] > $imagewidth || $imagefile[1] > $imageheight) {
$error = 4;
unlink($photo_dest . $photo_file);
} else {
$photo_thumb1 = image_exists($photo_dest, $photo_name . "_t1" . $photo_ext);
createthumbnail($imagefile[2], $photo_dest . $photo_file, $photo_dest . $photo_thumb1, $settings['thumb_w'], $settings['thumb_h']);
<?php
session_start();
if (isset($_SESSION['loginUsername']) && $_SESSION['userLevel'] == "0") {
$max_size = 2000000;
$file_mimes = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png');
// Allowable file Mime Types.
$file_exts = array('.jpg', '.png', '.gif');
// Allowable file extension names.
$ds = DIRECTORY_SEPARATOR;
$storeFolder = 'user_images';
if (!empty($_FILES['file']) && $_FILES['file']['error'] == 0) {
$file_type = $_FILES['file']['type'];
$file_name = $_FILES['file']['name'];
$file_ext = strtolower(substr($file_name, strrpos($file_name, ".")));
if ($_FILES['file']['size'] <= $max_size && in_array($file_type, $file_mimes) && in_array($file_ext, $file_exts)) {
$tempFile = $_FILES['file']['tmp_name'];
$targetPath = dirname(__FILE__) . $ds . $storeFolder . $ds;
$targetFile = $targetPath . $_FILES['file']['name'];
move_uploaded_file($tempFile, $targetFile);
}
}
} else {
HandleError('No Session was found.');
}
?>
}
// Validate file contents (extension and mime-type can't be trusted)
/*
Validating the file contents is OS and web server configuration dependant. Also, it may not be reliable.
See the comments on this page: http://us2.php.net/fileinfo
Also see http://72.14.253.104/search?q=cache:3YGZfcnKDrYJ:www.scanit.be/uploads/php-file-upload.pdf+php+file+command&hl=en&ct=clnk&cd=8&gl=us&client=firefox-a
which describes how a PHP script can be embedded within a GIF image file.
Therefore, no sample code will be provided here. Research the issue, decide how much security is
needed, and implement a solution that meets the need.
*/
// Process the file
/*
At this point we are ready to process the valid file. This sample code shows how to save the file. Other tasks
could be done such as creating an entry in a database or generating a thumbnail.
Depending on your server OS and needs you may need to set the Security Permissions on the file after it has
been saved.
*/
if (!@move_uploaded_file($_FILES[$upload_name]["tmp_name"], $save_path . $file_name)) {
HandleError("File could not be saved.");
exit(0);
}
exit(0);
/* Handles the error output. This error message will be sent to the uploadSuccess event handler. The event handler
will have to check for any error messages and react as needed. */
function HandleError($message)
{
echo $message;
}
}
if (isset($_FILES['UpFile']['error']) && $_FILES['UpFile']['error'] != 0) {
$uploadErrors = array(0 => '文件上传成功', 1 => '上传的文件超过了 php.ini 文件中的 upload_max_filesize directive 里的设置', 2 => '上传的文件超过了 HTML form 文件中的 MAX_FILE_SIZE directive 里的设置', 3 => '上传的文件仅为部分文件', 4 => '没有文件上传', 6 => '缺少临时文件夹');
HandleError($uploadErrors[$_FILES['UpFile']['error']]);
}
if (!isset($_FILES['UpFile']['tmp_name']) || !@is_uploaded_file($_FILES['UpFile']['tmp_name'])) {
HandleError('无法找到上传的文件,上传失败');
}
if (!isset($_FILES['UpFile']['name'])) {
HandleError('上传空名字文件名');
}
$POST_MAX_SIZE = ini_get('post_max_size');
$unit = strtoupper(substr($POST_MAX_SIZE, -1));
$multiplier = $unit == 'M' ? 1048576 : ($unit == 'K' ? 1024 : ($unit == 'G' ? 1073741824 : 1));
if ((int) $_SERVER['CONTENT_LENGTH'] > $multiplier * (int) $POST_MAX_SIZE && $POST_MAX_SIZE) {
HandleError('超过POST_MAX_SIZE的设置值,请查看PHP.ini的设置');
}
$file_size = @filesize($_FILES['UpFile']['tmp_name']);
if (!$file_size || $file_size > $ini_set['max_size']) {
HandleError('零字节文件 或 上传的文件已经超过所设置最大值');
}
$UpFile = array();
$int_type = getimagesize($_FILES['UpFile']['tmp_name']);
$str_type = image_type_to_extension($int_type[2]);
if (!in_array(strtolower($str_type), $ini_set['whitelist'])) {
HandleError('不允许上传此类型文件');
}
$str_type == ".jpeg" && ($str_type = ".jpg");
$UpFile['filename'] = uniqid("temp_") . "_" . mt_rand(100, 999) . $str_type;
$UpFile['file_url'] = $ini_set['list'] . $UpFile['filename'];
file_exists($ini_set['list']) or @mkdir($ini_set['list'], 511, true);
$is_valid_extension = false;
foreach ($arrExtensions as $extension) {
if (strcasecmp($file_extension, $extension) == 0) {
$is_valid_extension = true;
break;
}
}
if (!$is_valid_extension) {
HandleError("Invalid file extension");
exit(0);
}
if (!@move_uploaded_file($_FILES[$upload_name]["tmp_name"], $_PATHS['upload'] . $file_name)) {
HandleError("File could not be saved.");
exit(0);
}
LogError($_FILES[$upload_name]["tmp_name"] . " -> " . $_PATHS['upload'] . $file_name);
echo "Done.";
exit(0);
} else {
HandleError("Posted file is missing information.");
exit(0);
}
} else {
HandleError("Posted file is missing information.");
exit(0);
}
} else {
HandleError("Posted file is missing information.");
exit(0);
}
}
if ($new_height > $thumbnail_target_height) {
$new_height = $thumbnail_target_height;
}
if ($new_width > $thumbnail_target_width) {
$new_height = $thumbnail_target_width;
}
$new_img = ImageCreateTrueColor(100, 100);
//$background_color = imagecolorallocate($new_img, 0, 0, 0);
$background_color = imagecolorallocate($new_img, 200, 200, 200);
if (!@imagefilledrectangle($new_img, 0, 0, $thumbnail_target_width - 1, $thumbnail_target_height - 1, $background_color)) {
// Fill the image black
HandleError("ERROR:Could not fill new image");
exit(0);
}
if (!@imagecopyresampled($new_img, $img, ($thumbnail_target_width - $new_width) / 2, ($thumbnail_target_height - $new_height) / 2, 0, 0, $new_width, $new_height, $width, $height)) {
HandleError("ERROR:Could not resize image");
exit(0);
}
if (!isset($_SESSION["file_info"])) {
$_SESSION["file_info"] = array();
}
imagejpeg($new_img, $save_path . "th/" . $file_name);
chmod($save_path . "th/" . $file_name, 0777);
imagedestroy($new_img);
imagedestroy($img);
imagedestroy($image_p);
exit(0);
/* Handles the error output. This error message will be sent to the uploadSuccess event handler. The event handler
will have to check for any error messages and react as needed. */
function HandleError($message)
{
}
if (file_exists($save_path . $file_name)) {
HandleError("File with this name already exists");
exit(0);
}
// Validate file extension
$path_info = pathinfo($_FILES[$upload_name]['name']);
$file_extension = $path_info["extension"];
$is_valid_extension = false;
foreach ($extension_whitelist as $extension) {
if (strcasecmp($file_extension, $extension) == 0) {
$is_valid_extension = true;
break;
}
}
if (!$is_valid_extension) {
HandleError("Invalid file extension");
exit(0);
}
if (!@move_uploaded_file($_FILES[$upload_name]["tmp_name"], $save_path . $file_name)) {
HandleError("ÎļþÎÞ·¨±£´æ.");
exit(0);
} else {
}
echo "File Received";
exit(0);
function HandleError($message)
{
header("HTTP/1.1 500 Internal Server Error");
echo $message;
}
$car = $blCar->getCar($_POST["CARID"]);
//default
if ($car->getDefaultPictureId() == null) {
$car->setDefaultPictureId($carpicture->getId());
$blCar->updateCar($car);
}
//pictureorder
$max = $blPictureOrder->getMaxPictureOrderByCar($car->getId()) + 1;
$pictureorder = new PictureOrder(0, $max, $car->getId(), $carpicture->getId());
$blPictureOrder->insertPictureOrder($pictureorder);
//success
//HandleError('<span style="color:green">' . $file . ' saved!</span><br />');
$carpicturelist[] = $carpicture;
} else {
HandleError('Error: ' . $errorim[2] . ' (' . $file . ')');
}
} else {
HandleError('Error: No Image File. (' . $_FILES[$upload_name]['name'] . ')');
}
} else {
HandleError("No file selected.");
}
function HandleError($message)
{
header("HTTP/1.1 500 Internal Server Error");
echo $message;
exit(0);
}
?>
function upload($categoryID)
{
$fileName = $_FILES["Filedata"]["name"];
//$file_name = $fileName;
$fileName = substr($fileName, 0, strlen($fileName) - 4);
$MAX_FILENAME_LENGTH = 260;
$valid_chars_regex = '.A-Z0-9_!@#$%^&()+={}\\[\\]\',~`-';
//$file_name = preg_replace('/[^'.$valid_chars_regex.']|\.+$/i', "", basename($_FILES[$upload_name]['name']));
$file_name = preg_replace('/[^' . $valid_chars_regex . ']|\\.+$/i', "", $fileName);
if (strlen($file_name) == 0 || strlen($file_name) > $MAX_FILENAME_LENGTH) {
HandleError("Invalid file name");
exit(0);
}
//$fn = substr($fileName, 0, strlen($fileName)-4);
if (is_file(self::$photoPath . 'normal/' . $file_name)) {
echo $file_name;
return;
}
if (!isset($_FILES["Filedata"]) || !is_uploaded_file($_FILES["Filedata"]["tmp_name"]) || $_FILES["Filedata"]["error"] != 0) {
exit(0);
}
//move_uploaded_file($_FILES["Filedata"]["tmp_name"], "./files/images/gallery/" . $fn);
move_uploaded_file($_FILES["Filedata"]["tmp_name"], self::$photoPath . "normal/" . $file_name);
////////////////////////////////////////
//MINIATURA DO PANELU
////////////////////////////////////////
// Get the image and create a thumbnail
$img = imagecreatefromjpeg(self::$photoPath . 'normal/' . $file_name);
if (!$img) {
exit(0);
}
$width = imageSX($img);
$height = imageSY($img);
if (!$width || !$height) {
exit(0);
}
// Build the thumbnail
$target_width = 40;
$target_height = 40;
$target_ratio = $target_width / $target_height;
$img_ratio = $width / $height;
if ($target_ratio > $img_ratio) {
$new_height = $target_height;
$new_width = $img_ratio * $target_height;
} else {
$new_height = $target_width / $img_ratio;
$new_width = $target_width;
}
if ($new_height > $target_height) {
$new_height = $target_height;
}
if ($new_width > $target_width) {
$new_height = $target_width;
}
$new_img = ImageCreateTrueColor(40, 40);
if (!@imagefilledrectangle($new_img, 0, 0, $target_width - 1, $target_height - 1, 0)) {
// Fill the image black
exit(0);
}
if (!@imagecopyresampled($new_img, $img, ($target_width - $new_width) / 2, ($target_height - $new_height) / 2, 0, 0, $new_width, $new_height, $width, $height)) {
exit(0);
}
imagejpeg($new_img, self::$photoPath . 'mini/' . $file_name, 100);
/*
////////////////////////////////////////
//MINIATURA NA STRONE
////////////////////////////////////////
// Get the image and create a thumbnail
$img = imagecreatefromjpeg('./files/images/works/'.$file_name);
if (!$img){exit(0);}
$width = imageSX($img);
$height = imageSY($img);
if (!$width || !$height){exit(0);}
// Build the thumbnail
$target_width = 100;
$target_height = 100;
$target_ratio = $target_width / $target_height;
$img_ratio = $width / $height;
if ($target_ratio > $img_ratio) {
$new_height = $target_height;
$new_width = $img_ratio * $target_height;
} else {
$new_height = $target_width / $img_ratio;
$new_width = $target_width;
}
if ($new_height > $target_height) {
$new_height = $target_height;
}
if ($new_width > $target_width) {
$new_height = $target_width;
}
$new_img = ImageCreateTrueColor(100, 100);
$background = imagecolorallocate($new_img, 204, 204, 204);
if (!@imagefilledrectangle($new_img, 0, 0, $target_width-1, $target_height-1, $background)) {
exit(0);
}
if (!@imagecopyresampled($new_img, $img, ($target_width-$new_width)/2, ($target_height-$new_height)/2, 0, 0, $new_width, $new_height, $width, $height)) {
exit(0);
}
imagejpeg($new_img,'./files/images/minis/'.$file_name,100);
*/
/////////////////////////////////////////////////////////////////////////////////////////
$this->load->model('MFiles', 'MFiles', TRUE);
$this->MFiles->add($file_name, $categoryID);
}
*/
$save_path = $_SERVER['DOCUMENT_ROOT'] . '/uploads/';
$valid_chars_regex = '.A-Z0-9_ !@#$%^&()+={}\\[\\]\',~`-';
// Characters allowed in the file name (in a Regular Expression format)
//$extension_whitelist = array('csv', 'gif', 'png','tif'); // Allowed file extensions
$MAX_FILENAME_LENGTH = 260;
//Header 'X-File-Name' has the dashes converted to underscores by PHP:
if (!isset($_SERVER['HTTP_X_FILE_NAME'])) {
HandleError('Missing file name!');
}
$file_name = preg_replace('/[^' . $valid_chars_regex . ']|\\.+$/i', '', $_SERVER['HTTP_X_FILE_NAME']);
if (strlen($file_name) == 0 || strlen($file_name) > $MAX_FILENAME_LENGTH) {
HandleError('Invalid file name');
}
if (file_exists($save_path . $file_name)) {
HandleError('A file with this name already exists');
}
//echo 'Reading php://input stream...<BR>Writing to file: '.$uploadPath.$fileName.'<BR>';
/*
// Validate file extension
$path_info = pathinfo($file_name);
$file_extension = $path_info["extension"];
$is_valid_extension = false;
foreach ($extension_whitelist as $extension) {
if (strcasecmp($file_extension, $extension) == 0) {
$is_valid_extension = true;
break;
}
}
if (!$is_valid_extension) {
HandleError("Invalid file extension");
兼容IE 6 及以上的所有浏览器
后端支持:
支持PHP5.X 至 PHP7.0或以上
支持JAVA后端(shearphoto1.3开发)
系统支持:
支持linux WINDOW服务器
shearphoto采用原生JS面向对象 + 原生PHP面向对象开发,绝对不含JQ插件,对JQ情有独忠的,这个插件不合适你
2015 年 9月 5 日
shearphoto作者:明哥先生
版本号:shearphoto2.0
shearphoto官网:www.shearphoto.com
shearphoto官方QQ群:461550716
****************ShearPhoto2.0 免费,开源,兼容目前所有浏览器,纯原生JS和PHP编写,完美兼容linux和WINDOW服务器*******/
/*.......................注意.............非HTML浏览器上传,拍照上传都会用到该文件哦,加入逻辑代码后。所有功能都要确保正确!............................注意..........................*/
header('Content-type:text/html;charset=utf-8');
//error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING); //关闭错误提示
require "shearphoto.config.php";
require "shearphoto.up.php";
if (!move_uploaded_file($_FILES['UpFile']['tmp_name'], $UpFile['file_url'])) {
HandleError('后端获取不到文件写入权限。原因:move_uploaded_file()函数-无法写入文件');
}
$UpFile['file_url'] = str_replace(array(ShearURL, "\\"), array("", "/"), $UpFile['file_url']);
/*
来到这里时,已经代表上传成功,你可以在这里尽情写的你逻辑
$UpFile['file_url']就是那张临时待截图片的路径!
*/
echo '{"success":"' . $UpFile['file_url'] . '"}';
function ExecuteBatchQuery($mysql, $query)
{
WriteLog("Enter ExecuteBatchQuery");
$found = FALSE;
$token = NULL;
$prev = NULL;
$token = my_strtok($query, $found);
while (!empty($token)) {
$prev = $token;
$token = my_strtok($query, $found);
if (empty($token)) {
return ExecuteSingleQuery($mysql, $prev);
}
$result = mysql_query($prev, $mysql);
if (!$result) {
return HandleError(mysql_errno(), mysql_error());
}
mysql_free_result($result);
}
WriteLog("Exit ExecuteBatchQuery");
return;
}
HandleError(iconv($_G['charset'], 'utf-8', $php_lang['zhiyunxu']));
exit(0);
}
$filepath = "source/plugin/dz55625_haodian/upimg/" . $userdir . "_img/";
$original_url = "original_" . date("Y") . date("m") . date("d") . date("H") . date("i") . date("s") . rand(100, 999) . "." . $hz;
$shrink_url = "shrink_" . date("Y") . date("m") . date("d") . date("H") . date("i") . date("s") . rand(100, 999) . "." . $hz;
if (!file_exists($filepath)) {
mkdir($filepath);
}
if ($filesize) {
if (@copy($_FILES[$upload_name]['tmp_name'], $filepath . $original_url) || function_exists('move_uploaded_file') && @move_uploaded_file($_FILES[$upload_name]['tmp_name'], $filepath . $original_url)) {
@unlink($_FILES[$upload_name]['tmp_name']);
}
@copy($filepath . $original_url, $filepath . $shrink_url);
} else {
HandleError(iconv($_G['charset'], 'utf-8', $php_lang['daxiaoxz']));
exit(0);
}
$pic = $filepath . $shrink_url;
new myThumbClass($pic, 276, 195, $pic, 0, 0);
$imgwater = $_G["gp_imgwater"];
if ($imgwater) {
$imgwater_wz = intval($_G["gp_imgwater_wz"]);
$wm = new WaterMark();
$wm->setImSrc($filepath . $original_url);
$wm->setImWater($imgwater);
$wm->mark(1, $imgwater_wz, 0, 0);
}
$curtime = time();
if ($albums) {
if (!$albums['img_url'] || !file_exists($albums['img_url'])) {
}
$POST_MAX_SIZE = ini_get('post_max_size');
$unit = strtoupper(substr($POST_MAX_SIZE, -1));
$multiplier = $unit == 'M' ? 1048576 : ($unit == 'K' ? 1024 : ($unit == 'G' ? 1073741824 : 1));
if ((int) $_SERVER['CONTENT_LENGTH'] > $multiplier * (int) $POST_MAX_SIZE && $POST_MAX_SIZE) {
HandleError('超过POST_MAX_SIZE的设置值,请查看PHP.ini的设置');
}
$file_size = @filesize($_FILES['UpFile']['tmp_name']);
if (!$file_size || $file_size > $ini_set['max_size']) {
HandleError('零字节文件 或 上传的文件已经超过所设置最大值');
}
$UpFile = array();
$type = getimagesize($_FILES['UpFile']['tmp_name']);
//验证是否真图片!这是1.4升级修的BUG,先前版本没判断是否真图,有点败笔
$type = image_type_to_extension($type[2]);
if (!in_array(strtolower($type), $ini_set['whitelist'])) {
HandleError('不允许上传此类型文件');
}
$type == ".jpeg" && ($type = ".jpg");
$UpFile['filename'] = uniqid("temp_") . "_" . mt_rand(100, 999) . $type;
$UpFile['file_url'] = $ini_set['list'] . $UpFile['filename'];
file_exists($ini_set['list']) or @mkdir($ini_set['list'], 511, true);
if (!move_uploaded_file($_FILES['UpFile']['tmp_name'], $UpFile['file_url'])) {
HandleError('move_uploaded_file函数无法执行,请检查!');
}
$UpFile['file_url'] = str_replace(array(ShearURL, "\\"), array("", "/"), $UpFile['file_url']);
/*
来到这里时,已经代表上传成功,你可以在这里尽情写的你逻辑
$UpFile['file_url']就是那张临时待截图片的路径!
*/
echo '{"success":"' . $UpFile['file_url'] . '"}';
function errobug()
{
$e = error_get_last();
$e['type'] > 0 and $e['type'] != 8 and HandleError();
}
// Validate file extention
$path_info = pathinfo($_FILES[$upload_name]['name']);
$file_extension = $path_info["extension"];
$is_valid_extension = false;
foreach ($extension_whitelist as $extension) {
if ($file_extension == $extension) {
$is_valid_extension = true;
break;
}
}
if (!$is_valid_extension) {
HandleError("Invalid file extension");
exit(0);
}
// Validate that we won't over-write an existing file
if (file_exists($save_path . $file_name)) {
HandleError("File with this name already exists");
exit(0);
}
function HandleError($message)
{
header("HTTP/1.1 500 Internal Server Error");
echo $message;
}
if (!@move_uploaded_file($_FILES[$upload_name]["tmp_name"], $save_path . $file_name)) {
HandleError("File could not be saved: " . $save_path . $file_name);
exit(0);
}
// Return output to the browser (only supported by SWFUpload for Flash Player 9) //om allt lirar ska denna skicka in namnet & form arrayen med data till thanks.php
echo $file_name;
exit(0);
which describes how a PHP script can be embedded within a GIF image file.
Therefore, no sample code will be provided here. Research the issue, decide how much security is
needed, and implement a solution that meets the need.
*/
// Process the file
/*
At this point we are ready to process the valid file. This sample code shows how to save the file. Other tasks
could be done such as creating an entry in a database or generating a thumbnail.
Depending on your server OS and needs you may need to set the Security Permissions on the file after it has
been saved.
*/
if (!@move_uploaded_file($_FILES[$upload_name]["tmp_name"], $save_path . $file_name)) {
//echo $save_path.$file_name;
//echo $_FILES[$upload_name]["tmp_name"];
HandleError("文件不能保存.");
exit(0);
}
echo str_replace('../', '', $save_path . $file_name);
exit(0);
/* Handles the error output. This error message will be sent to the uploadSuccess event handler. The event handler
will have to check for any error messages and react as needed. */
function HandleError($message)
{
echo $message;
}
function create_folders($dir)
{
return is_dir($dir) or create_folders(dirname($dir)) and mkdir($dir, 0777);
}
} else if (!isset($_FILES[$upload_name]['name'])) {
HandleError("File has no name.");
exit(0);
}
/* Add the original filename to our target path.
Result is "uploads/filename.extension" */
//var_dump($_FILES);
$path_info = pathinfo($_FILES[$upload_name]['name']);
$file_extension = strtolower($path_info["extension"]);
$target_file = basename($_FILES[$upload_name]['name']);
//$target_file = $path_info["filename"];
//print $target_path;
//var_dump($_FILES);
if (!strtolower($path_info["extension"]) == 'txt') {
HandleError("Invalid file extension".$path_info["extension"]);
exit(0);
}
/*include("$rootDir/do/DBNamespace.php");
$db = sqliteConnect('');
$sql = "INSERT INTO Resource2(Filename,Type,Path) VALUES('${target_file}','".strtolower($file_extension)."','${id}.$file_extension')";
sqlite_query($db,$sql) or HandleError("Error Saving Resource to Database.");
$id = sqlite_last_insert_rowid($db);
*/
$target = $target_path."$target_file";
if(move_uploaded_file($_FILES[$upload_name]['tmp_name'],$target)) {
//print "$id|$file_extension|".basename($target_file,'.'.$file_extension);
} else {
echo "There was an error uploading the file, please try again!";
