跨境电商
经验交流分享

PHP文件上传注意事项及配置文件相关

PHP文件上传表单中的隐藏域,可以在前台有限的限制上传文件的最大值。
<input type=”hidden” name=”MAX_FILE_SIZE” value=”30000″ />
一般使用来表示上面的代码来表示。使用这段代码有两个地方要注意,1,必须在表单域的前边使用这段代码,才能起到限制作用。2,这个限制及其容易被越过,必须在服务器端限制上传文件大小。

Be sure your file upload form has attribute enctype=”multipart/form-data” otherwise the file upload will not work.

Files will, by default be stored in the server’s default temporary directory, unless another location has been given with the upload_tmp_dir directive in php.ini. The server’s default directory can be changed by setting the environment variable TMPDIR in the environment in which PHP runs. Setting it using putenv() from within a PHP script will not work. This environment variable can also be used to make sure that other operations are working on uploaded files, as well.

默认情况下,文件会被上传到临时文件夹中。除非修改PHP.ini配置文件中的upload_tmp_dir指令。服务器的默认文件夹可以通过设置环境变量TMPDIR来改变。在脚本内通过putenv()不起作用。

The file will be deleted from the temporary directory at the end of the request if it has not been moved away or renamed.

即使没有将临时文件中的文件移动或改名,在该请求结束的时候,此文件依然会被删除。

关于文件上传的几个PHP配置指令

Name Default Changeable Changelog
file_uploads “1” PHP_INI_SYSTEM PHP_INI_ALL in PHP <= 4.2.3. Available since PHP 4.0.3.
upload_tmp_dir NULL PHP_INI_SYSTEM
upload_max_filesize “2M” PHP_INI_PERDIR PHP_INI_ALL in PHP <= 4.2.3.
max_file_uploads 20 PHP_INI_SYSTEM Available since PHP 5.2.12.

file_uploads:是否允许PHP通过HTTP协议上传文件。

upload_tmp_dir:存储临时文件的文件夹地址。

upload_max_filesize:上传文件大小限制。

max_file_uploads:一次允许上传的最大文件数量。If more files are uploaded than the limit, then $_FILES will stop processing files once the limit is reached. For example, if max_file_uploads is set to 10, then $_FILES will never contain more than 10 items.

The MAX_FILE_SIZE item cannot specify a file size greater than the file size that has been set in the upload_max_filesize in the php.ini file. The default is 2 megabytes. 表单域中的MAX_FILE_SIZE不能指定比upload_max_filesize更大的值。

下面是一些会影响到PHP文件上传的其它配置指令

post_max_size sets max size of post data allowed. This setting also affects file upload. To upload large files, this value must be larger than upload_max_filesize. If memory limit is enabled by your configure script, memory_limit also affects file uploading. Generally speaking, memory_limit should be larger than post_max_size. When an integer is used, the value is measured in bytes. Shorthand notation, as described in this FAQ, may also be used. If the size of post data is greater than post_max_size, the $_POST and $_FILES superglobals are empty. This can be tracked in various ways, e.g. by passing the $_GET variable to the script processing the data, i.e. <form action=”edit.php?processed=1″>, and then checking if $_GET[‘processed’] is set.

If a memory limit is enabled, a larger memory_limit may be needed. Make sure you set memory_limit large enough.
This sets the maximum amount of memory in bytes that a script is allowed to allocate. This helps prevent poorly written scripts for eating up all available memory on a server. Note that to have no memory limit, set this directive to -1.
关于内存分配问题,memory_limit可以分配脚本运行能够占用的最大内存。可以方式垃圾代码吃掉服务器内存。设置为-1为不限制内存分配。

If max_execution_time is set too small, script execution may be exceeded by the value. Make sure you set max_execution_time large enough.
max_execution_time only affects the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), the sleep() function, database queries, time taken by the file upload process, etc. is not included when determining the maximum time that the script has been running.

You can not change this setting with ini_set() when running in safe mode. The only workaround is to turn off safe mode or by changing the time limit in the php.ini. Your web server can have other timeout configurations that may also interrupt PHP execution. Apache has a Timeout directive and IIS has a CGI timeout function. Both default to 300 seconds. See your web server documentation for specific details.
此配置营销脚本运行的最大时间。它只会影响脚本本身的执行时间。对于脚本之外,例如系统调用,文件上传过程,数据库查询等都不包括在内。在安全模式下无法使用ini_set()改变它的值。注意:影响脚本运行时间的不只有PHP配置文件,Apache的Timeout指令和IIS的CGI timeout函数都默认为300秒。

max_input_time sets the maximum time in seconds a script is allowed to parse input data, like POST and GET, this includes file uploads. For large or multiple files, or users on slower connections, the default of 60 seconds may be exceeded.
max_input_time设置对于POST和GET方式,表单对输入数据解析的最长时间,包括文件上传。对于大型文件或者用户连接速度缓慢。默认的60秒可能会不够用。

赞(0)
未经允许不得转载:锐想 » PHP文件上传注意事项及配置文件相关
分享到: 更多 (0)

评论 抢沙发

评论前必须登录!

 

锐想电商 - 跨境电商经验交流分享

锐想无限