php文件上传

php文件上传注意项

1、检测文件大小、类型

2、上传目录是否存在、是否重命名

3、检测是否通过HTTP上传(is_upload_file)

4、检测是否为真正的图片  (getimgsize)

5、服务器相关配置项（post_max_size、upload_max_filesize等）

<?php/** * @desc php文件上传类 * @date 2015-12-30 15:41:44 * @author huangyr */class upload {    protected $fileName;    protected $maxSize;    protected $allowMime;    protected $allowExt;    protected $uploadPath;    protected $imgFlag;    protected $fileInfo;    protected $error;    protected $ext;    /**     * @param string $fileName     * @param string $uploadPath     * @param string $imgFlag     * @param number $maxSize     * @param array $allowExt     * @param array $allowMime     */    public function __construct($fileName = 'myFile', $uploadPath = './uploads', $imgFlag = true, $maxSize = 5242880, $allowExt = array('jpeg', 'jpg', 'png', 'gif'), $allowMime = array('image/jpeg', 'image/png', 'image/gif')) {        $this->fileName = $fileName;        $this->maxSize = $maxSize;        $this->allowMime = $allowMime;        $this->allowExt = $allowExt;        $this->uploadPath = $uploadPath;        $this->imgFlag = $imgFlag;        $this->fileInfo = $_FILES[$this->fileName];    }    /**     * 检测上传文件是否出错     * @return boolean     */    protected function checkError() {        if (!is_null($this->fileInfo)) {            if ($this->fileInfo['error'] > 0) {                switch ($this->fileInfo['error']) {                    case 1:                        $this->error = '超过了PHP配置文件中upload_max_filesize选项的值';                        break;                    case 2:                        $this->error = '超过了表单中MAX_FILE_SIZE设置的值';                        break;                    case 3:                        $this->error = '文件部分被上传';                        break;                    case 4:                        $this->error = '没有选择上传文件';                        break;                    case 6:                        $this->error = '没有找到临时目录';                        break;                    case 7:                        $this->error = '文件不可写';                        break;                    case 8:                        $this->error = '由于PHP的扩展程序中断文件上传';                        break;                }                return false;            } else {                return true;            }        } else {            $this->error = '文件上传出错';            return false;        }    }    /**     * 检测上传文件的大小     * @return boolean     */    protected function checkSize() {        if ($this->fileInfo['size'] > $this->maxSize) {            $this->error = '上传文件过大';            return false;        }        return true;    }    /**     * 检测扩展名     * @return boolean     */    protected function checkExt() {        $this->ext = strtolower(pathinfo($this->fileInfo['name'], PATHINFO_EXTENSION));        if (!in_array($this->ext, $this->allowExt)) {            $this->error = '不允许的扩展名';            return false;        }        return true;    }    /**     * 检测文件的类型     * @return boolean     */    protected function checkMime() {        if (!in_array($this->fileInfo['type'], $this->allowMime)) {            $this->error = '不允许的文件类型';            return false;        }        return true;    }    /**     * 检测是否是真实图片     * @return boolean     */    protected function checkTrueImg() {        if ($this->imgFlag) {            if (!@getimagesize($this->fileInfo['tmp_name'])) {                $this->error = '不是真实图片';                return false;            }            return true;        }    }    /**     * 检测是否通过HTTP POST方式上传上来的     * @return boolean     */    protected function checkHTTPPost() {        if (!is_uploaded_file($this->fileInfo['tmp_name'])) {            $this->error = '文件不是通过HTTP POST方式上传上来的';            return false;        }        return true;    }    /**     * 显示错误      */    protected function showError() {        exit('<span style="color:red">' . $this->error . '</span>');    }    /**     * 检测目录不存在则创建     */    protected function checkUploadPath() {        if (!file_exists($this->uploadPath)) {            mkdir($this->uploadPath, 0777, true);        }    }    /**     * 产生唯一字符串     * @return string     */    protected function getUniName() {        return md5(uniqid(microtime(true), true));    }    /**     * 上传文件     * @return string     */    public function uploadFile() {        if ($this->checkError() && $this->checkSize() && $this->checkExt() && $this->checkMime() && $this->checkTrueImg() && $this->checkHTTPPost()) {            $this->checkUploadPath();            $this->uniName = $this->getUniName();            $this->destination = $this->uploadPath . '/' . $this->uniName . '.' . $this->ext;            if (@move_uploaded_file($this->fileInfo['tmp_name'], $this->destination)) {                return $this->destination;            } else {                $this->error = '文件移动失败';                $this->showError();            }        } else {            $this->showError();        }    }}

这里只是简单的文件上传检测，如果需要自行扩展（水印、缩略图、多文件）