PHP 只允许用户提交小于 php ini 上传最大值的文件

PHP Only allow user to submit a file less than php ini upload max

在我的网站上,我允许用户提交个人资料图片,我会检查图片是否 "png or jpeg",还会检查文件是否小于“2 mb”,如果是,我会显示一条错误信息。但是当文件小于 php ini 上传最大值时,它会显示消息,但当它更大时,我会收到很多 php 错误,这不是我想要显示的。我如何删除错误并向用户显示我生成的消息。我找到了 post 但 post 是如何读取错误的。当提交的文件大于 200mb 或 php ini 上传最大值时,我只会收到这些错误。当它较低时,它会很好。这是我的代码和错误消息

错误信息

PHP

<?php

session_start();

if(isset($_COOKIE['username'])){

    if($_SESSION['came_from_upload'] != true){

        setcookie("username", "", time() - 60*60);
        $_COOKIE['username'] = "";
        header("Location: developerLogin.php");
        exit;


    }

    if($_SERVER['REQUEST_METHOD'] =="POST"){
        $userid = $_SESSION['id'];
        $fullname = addslashes(trim($_POST['fullname']));
        $username = addslashes(trim($_POST['username']));
        $email = addslashes(trim($_POST['email']));
        $password = addslashes(trim($_POST['password']));
        $storePassword = password_hash($password, PASSWORD_BCRYPT, array('cost' => 10));
        $file_name = addslashes(trim($_FILES['file']['name']));
        $file_tmp = addslashes(trim($_FILES['file']['tmp_name']));

        try{

        // new php data object 
        $handler = new PDO('mysql:host=127.0.0.1;dbname=magicsever', 'root', '');
        //ATTR_ERRMODE set to exception
        $handler->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        }catch(PDOException $e){
             die("There was an error connecting to the database");   

        }


        $stmtChecker = $handler->prepare("SELECT * FROM generalusersdata WHERE user_id = ?");
        $stmtChecker->execute(array($userid));
        if(!$stmtChecker->fetch()){

            setcookie("username", "", time() - 60*60);
            $_COOKIE['username'] = "";
            header("Location: developerLogin.php");
            exit;
        }


        if(!empty($fullname)){

            $stmtFullname = $handler->prepare("UPDATE generalusersdata SET fullname = ? WHERE user_id = ?");
            $stmtFullname->execute(array($fullname, $userid));
        }

        if(!empty($username)){

            $stmtCheckerUsername = $handler->prepare("SELECT * FROM generalusersdata WHERE username = ?");
            $stmtCheckerUsername->execute($username);
            if($resultCheckerUsername = $stmtCheckerUsername->fetch()){

                die("Username Already in use! Please try again");
            }

            $stmtUsername = $handler->prepare("UPDATE generalusersdata SET username = ? WHERE user_id = ?");
            $stmtUsername->execute(array($username, $userid));

        }

        if(!empty($email)){

            if(filter_var($email, FILTER_VALIDATE_EMAIL) == false){

            die ("Email is Not Valid!");
        }

            $stmtCheckerEmail = $handler->prepare("SELECT * FROM generalusersdata WHERE email = ?");
            $stmtCheckerEmail->execute($email);
            if($resultCheckerEmail = $stmtCheckerEmail->fetch()){

                die("Email Already in use! Please try again");
            }

            $stmtEmail = $handler->prepare("UPDATE generalusersdata SET email = ? WHERE user_id = ?");
            $stmtEmail->execute(array($email, $userid));

        }

        if(!empty($password)){

            if(strlen($password) < 6){

            die ("Password has to be GREATER than 6 characters!");

        }

            //Check if password has atleast ONE Uppercase, One Lowercase and a number
            if(!preg_match("(^(?=.*[a-z])(?=.*[A-Z])(?=.*\d).+$)",$password)){

                    echo 'Password needs to be at least ONE uppercase, ONE lowercase, and a number!';
                    exit;
                }

            $stmtPassword = $handler->prepare("UPDATE generalusersdata SET password = ? WHERE user_id = ?");
            $stmtPassword->execute(array($storePassword, $userid));


        }

        if($_FILES['file']['error'] == UPLOAD_ERR_OK){


            $allowedTypes = array(IMAGETYPE_PNG, IMAGETYPE_JPEG);
            $detectedType = exif_imagetype($_FILES['file']['tmp_name']);
            if($extensionCheck = !in_array($detectedType, $allowedTypes) || $_FILES['file']['size'] < 2000){

                die("Failed to upload image; the format is not supported");
            }

             $dir = "userprofilepicture";

             if(is_dir($dir)==false){

                 mkdir($dir, 0700);
             }


            move_uploaded_file($file_tmp,$dir.'/'.$file_name);

            $stmtPassword = $handler->prepare("UPDATE generalusersdata SET profile_image = ? WHERE user_id = ?");
            $stmtPassword->execute(array($file_name, $userid));

        }

        echo "ok";

    }



}else{

    header("Location: developerLogin.php");
    exit;
}





?>

我认为这会帮助您找到答案。

How to gracefully handle files that exceed PHP's `post_max_size`?

"If the size of post data is greater than post_max_size, the $_POST and $_FILES superglobals are empty. This can be tracked in various ways, e.g. by passing the $_GET variable to the script processing the data, i.e. , and then checking if $_GET['processed'] is set."

在开始会话后将其放在脚本的开头。

    if(empty($_FILES) && empty($_POST) && isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){ //catch file overload error...
        $postMax = ini_get('post_max_size'); //grab the size limits...
        echo "<p style=\"color: #F00;\">\nPlease note files larger than {$postMax} will result in this error!<br>Please be advised this is not a limitation in the CMS, This is a limitation of the hosting server.<br>For various reasons they limit the max size of uploaded files, if you have access to the php ini file you can fix this by changing the post_max_size setting.<br> If you can't then please ask your host to increase the size limits, or use the FTP uploaded form</p>"; // echo out error and solutions...
        return $postMax
    }

提交带有超大文件的表单后,请尝试转储整个 Post。它可能是空的。由于这些是通知消息,您可以使用

error_reporting(E_ALL & ~E_NOTICE);

在您的文件中获取它们。但这不会解决导致此错误的问题。