www.gusucode.com > iWebshop开源PHP商城系统 v2.8源码程序 > iwebshop/lib/core/util/upload_class.php
<?php /** * @copyright (c) 2011 jooyea.cn * @file upload_class.php * @brief 文件上传处理 * @author nswe * @date 2010-12-06 * @version 0.6 */ /** * @class IUpload * @brief 文件上传类 */ class IUpload { //允许上传附件类型 private $allowType = array('jpg','gif','png','zip','rar','docx','doc'); //需要检测木马的文件类型 private $checkType = array('jpg','gif','png'); //附件存放物理目录 private $dir = 'upload'; //最大允许文件大小,单位为B(字节) private $maxsize; //伪造upload提交 public $isForge = false; /** * @brief 构造函数 * @param Int $size 允许最大上传KB数 * @param Array $type 允许上传的类型 */ function __construct($size = 10000,$type = array()) { //设置附件上传类型 if($type) { $this->allowType = $type; } //设置附件上传最大值 $iniMaxSize = $this->getIniPostMaxSize(); $uploadMaxSize = $size << 10; $this->maxsize = ($uploadMaxSize <= $iniMaxSize) ? $uploadMaxSize : $iniMaxSize; } /** * @brief 设置上传文件存放目录 * @param String $dir 文件存放目录 * @return object $this 返回当前对象,以支持连贯操作 */ public function setDir($dir) { if($dir != '' && !is_dir($dir)) { IFile::mkdir($dir); } $dir = strtr($dir,'\\','/'); $this->dir = substr($dir,0,-1)=='/' ? $dir : $dir.'/'; return $this; } /** * @brief get php.ini minimum post_max_size and upload_max_filesize */ public static function getMaxSize() { return min(ini_get('upload_max_filesize'),ini_get('post_max_size')); } /** * @brief 获取环境POST数据的最大上传值 * @return int 最大上传的字节数 */ private function getIniPostMaxSize() { $maxSize = trim(self::getMaxSize()); $unit = strtolower($maxSize{strlen($maxSize)-1}); $maxSize = intval($maxSize); $step = 0; switch($unit) { //GB单位 case 'g': { $step = 9; } break; //MB单位 case 'm': { $step = 6; } break; //KB单位 case 'k': default: { $step = 3; } break; } return str_pad($maxSize,strlen($maxSize)+$step,"0"); } /** * @brier 设置需要做HEX检查的文件类型 * @param string|array|boolean $type 需要做HEX检查的文件类型 * @return object $this 返回当前对象,以支持连贯操作 */ public function setCheckFileType($type) { if($type === false) { $this->checkType = array(); } elseif(is_string($type)) { $this->checkType = array($type); } elseif(is_array($type)) { $this->checkType = $type; } return $this; } /** * @brief show code message * @param sring $code code * @return string */ public static function errorMessage($code) { $codeMessage = array( '-1'=>'上传的文件超出服务器限制', '-2'=>'上传的文件超出浏览器限制', '-3'=>'上传的文件被部分上传', '-4'=>'没有找到上传的文件', '-5'=>'上传的文件丢失', '-6'=>'上传的临时文件没有正确写入', '-7'=>'扩展名不允许上传', '-8'=>'上传的文件超出了程序的限制', '-9'=>'上传的文件中有木马病毒', '1' =>'上传成功' ); return isset($codeMessage[$code]) ? $codeMessage[$code] : ''; } /** * @brief 开始执行上传 * @return array 包含上传成功信息的数组 * $file = array( * name 如果上传成功,则返回上传后的文件名称,如果失败,则返回客户端名称 * size 上传附件大小 * fileSrc 上传文件完整路径 * dir 上传目录 * ininame 上传图片名 * flag -1:上传的文件超出服务器限制; -2:上传的文件超出浏览器限制; -3:上传的文件被部分上传; -4:没有找到上传的文件; -5:上传的文件丢失; * -6:上传的临时文件没有正确写入; -7:扩展名不允许上传; -8:上传的文件超出了程序的限制; -9:上传的文件中有木马病毒 ; 1:上传成功; * ext 上传附件扩展名 * ); */ public function execute() { //总的文件上传信息 $info = array(); foreach($_FILES as $field => $file) { $fileInfo = array(); //不存在上传的文件名 if(!isset($_FILES[$field]['name']) || $_FILES[$field]['name'] == '') { continue; } //上传控件为数组格式 file[]格式 if(is_array($_FILES[$field]['name'])) { $keys = array_keys($_FILES[$field]['name']); foreach($keys as $key) { $fileInfo[$key]['name'] = $_FILES[$field]['name'][$key]; //上传出现错误 if(isset($_FILES[$field]['error'][$key]) && $_FILES[$field]['error'][$key] != 0) { $fileInfo[$key]['flag'] = 0 - $_FILES[$field]['error'][$key]; } else { //获取扩展名 $fileext = IFile::getFileType($_FILES[$field]['tmp_name'][$key]); if(is_array($fileext) || $fileext == null) { $fileext = IFile::getFileSuffix($_FILES[$field]['name'][$key]); } //图片木马检测 if(in_array($fileext,$this->checkType) && !IFilter::checkHex($_FILES[$field]['tmp_name'][$key])) { $fileInfo[$key]['flag'] = -9; } else { /*开始上传文件*/ //(1)上传类型不符合 if(!in_array($fileext,$this->allowType)) { $fileInfo[$key]['flag'] = -7; } //(2)上传大小不符合 else if($_FILES[$field]['size'][$key] > $this->maxsize) { $fileInfo[$key]['flag'] = -8; } //(3)成功情况 else { //修改图片状态值 $fileInfo[$key]['name'] = ITime::getDateTime('Ymdhis').mt_rand(100,999).'.'.$fileext; $fileInfo[$key]['dir'] = $this->dir; $fileInfo[$key]['size'] = $_FILES[$field]['size'][$key]; $fileInfo[$key]['ininame'] = $_FILES[$field]['name'][$key]; $fileInfo[$key]['ext'] = $fileext; $fileInfo[$key]['fileSrc'] = $fileInfo[$key]['dir'].$fileInfo[$key]['name']; $fileInfo[$key]['flag'] = 1; if($this->isForge == false) { if(is_uploaded_file($_FILES[$field]['tmp_name'][$key])) { IFile::mkdir($this->dir); move_uploaded_file($_FILES[$field]['tmp_name'][$key],$this->dir.$fileInfo[$key]['name']); } } else { IFile::xcopy($_FILES[$field]['tmp_name'][$key],$this->dir.$fileInfo[$key]['name']); } } } } } } else { $fileInfo[0]['name'] = $_FILES[$field]['name']; //上传出现错误 if(isset($_FILES[$field]['error']) && $_FILES[$field]['error'] != 0) { $fileInfo[0]['flag'] = 0 - $_FILES[$field]['error']; } else { //获取扩展名 $fileext = IFile::getFileType($_FILES[$field]['tmp_name']); if(is_array($fileext) || $fileext == null) { $fileext = IFile::getFileSuffix($_FILES[$field]['name']); } //图片木马检测 if(in_array($fileext,$this->checkType) && !IFilter::checkHex($_FILES[$field]['tmp_name'])) { $fileInfo[0]['flag'] = -9; } else { /*开始上传文件*/ //(1)上传类型不符合 if(!in_array($fileext,$this->allowType)) { $fileInfo[0]['flag'] = -7; } //(2)上传大小不符合 else if($_FILES[$field]['size'] > $this->maxsize) { $fileInfo[0]['flag'] = -8; } //(3)成功情况 else { //修改图片状态值 $fileInfo[0]['name'] = ITime::getDateTime('Ymdhis').mt_rand(100,999).'.'.$fileext; $fileInfo[0]['dir'] = $this->dir; $fileInfo[0]['size'] = $_FILES[$field]['size']; $fileInfo[0]['ininame'] = $_FILES[$field]['name']; $fileInfo[0]['ext'] = $fileext; $fileInfo[0]['fileSrc'] = $fileInfo[0]['dir'].$fileInfo[0]['name']; $fileInfo[0]['flag'] = 1; if($this->isForge == false) { if(is_uploaded_file($_FILES[$field]['tmp_name'])) { IFile::mkdir($this->dir); move_uploaded_file($_FILES[$field]['tmp_name'],$this->dir.$fileInfo[0]['name']); } } else { IFile::xcopy($_FILES[$field]['tmp_name'],$this->dir.$fileInfo[0]['name']); } } } } } $info[$field] = $fileInfo; } return $info; } }