PHP FTP_PUT上传到目录

Question

我自己从一本名为"PHP完整参考 - PHP5.2"的书中学习PHP我目前在第11章FTP,上传,删除,makedir等但是遇到了本书未涉及的一些问题:

根据我的教科书,这是一个上传到服务器的简单代码:

$connect=ftp_connect("johnsite.com");
$result=ftp_login($connect,"john@johnsite","johnnyWalker");
if(!$result){
echo'Could not connect to Server';  
}
$result=ftp_put($connect,'myFile.php',FTP_ASCII);
echo'UPLOADING FILE......';
if($result){
    echo'File Uploaded!';
}

我的问题:

1. 要上传到哪个目录,如果我想上传到目录,我将如何修改代码呢 public_html/images/myFile.jpg

2. 在示例中,myFile.php是硬编码的,如果我希望用户选择要上传的文件,该怎么办？假设您可以这样做,我是否正确:

   <input type="file" name="myFile" value="upload a file" />
   <input type="submit" name="upload" />
   
   if(isset($_POST['upload'])){
       $fileName=$_POST['myFile']; //file is now assigned to var name
       $result=ftp_put($connect,$fileName,FTP_ASCII); //file linked to var name being uploaded
   }
   

3. 这是最有效的安全方式吗？

谢谢你的阅读

Answer 1

正如 @Bonner 所说，Fabien 的答案是不正确的，因为您正在寻找一个脚本来将文件从网站上的页面上传到服务器。

首先要记住的是ftp_put()函数将始终覆盖现有文件。相反，我建议您查看 PHP move_uploaded_file

代码

这就是形式。在操作属性中，我们指定一个文件，它将处理和处理所有文件。您需要使用表单的 enctype 属性的 multipart/form-data 值。

为了更好地理解，我几乎在所有地方都添加了评论。

<form action="upload.php" method="post" enctype="multipart/form-data">
    File: <input type="file" name="upload-file" size="30" />
    <input type="submit" name="submit" value="Upload file" />
</form>

上传.php

<?php
    // Used to determinated if the upload file is really a valid file
    $isValid = true;
    // The maximum allowed file upload size
    $maxFileSize = 1024000;
    //Allowed file extensions
    $extensions = array('gif', 'jpg', 'jpeg', 'png');

    // See if the Upload file button was pressed.
    if(isset($_POST['submit'])) {
        // See if there is a file waiting to be uploaded
        if(!empty($_FILES['upload-file']['name'])) {

            // Check for errors
            if(!$_FILES['upload-file']['error']) {
                // Renamed the file
                $renamedFile = strtolower($_FILES['upload-file']['tmp_name']);

                // Get the file extension
                $fileInfo = pathinfo($_FILES['upload-file']['name']);

                // Now vaidate it
                if (!in_array($fileInfo['extension'], $extensions)) {
                    $isValid = false;
                    echo "This file extension is not allowed";
                }

                // Validate that the file is not bigger than 1MB
                if($_FILES['upload-file']['size'] > $maxFileSize) {
                    $isValid = false;
                    echo "Your file's size is to large. The file should not be bigger than 1MB";
                }

                // If the file has passed all tests
                if($isValid)
                {
                    // Move it to where we want it to be
                    move_uploaded_file($_FILES['upload-file']['tmp_name'], 'uploads/'.$renamedFile);
                    echo 'File was successfully uploaded!';
                }
            }
            // If there is an error show it
            else {
                echo 'There was an error file trying to upload the file:  '.$_FILES['upload-file']['error'];
            }
        }
    }