Php 正在上传文件并创建目录
Php uploading a file & creating a directory
英语不是我的 first/second 语言,我不知道如何说出来,但我会尝试解释一下我想做什么。
我不是要有人直接为我做这件事,而是指导我从哪里开始,因为现在我什至不知道在 google 上搜索什么。
基本上我有一个共享主机上的域。主要用于测试目的,所以我并不真正关心安全性或任何此类问题,因为我的域中没有上传任何内容 important/sensitive。
所以基本上我经常必须通过 FTP 登录并创建一个新文件夹并添加一个简单的预制 index.html 文件,当我每天必须执行相同的任务 10 次以上时会变得很累.
所以我在想,如果我创建一个简单的 UI ,我可以简单地将其放入目录名称并附加 .html 文件,这样它就可以完成了。无需通过 FTP.
登录
简单吗?我只是想进入域。com/create 并有一个简单的 UI,您只需在其中附加 .html 文件和目录名称,然后单击“提交”。
我真诚地希望我写的东西有意义,因为我不知道从哪里开始。
如果你认真看完这篇文章,谢谢。
是的,只要您不关心安全性,这就相当容易 ;)
您想看mkdir and move_uploaded_file。以表格形式收集目录名称和文件,创建目录,并将上传的文件移动到那里。我链接到的文档中的示例代码应该足以使其工作。
[编辑] 下面是一个如何以比较安全的方式执行此操作的示例。这是 bare-bones 的结果。免责声明 - 允许文件上传到您的网络根目录是危险的。我不负责有人拥有你的服务器!
<?php
//Set up variables we will need later
$directoryName = '';
$status = 'init';
$errorMessage = '';
//A super secret password that is required in order to do the dangerous things
$password = 'secret!';
//If submit is in the post (result of the submit button being pressed)
if (array_key_exists('submit', $_POST))
{
try
{
//Get the directory name input first so we can set it back in the field if the login fails
$directoryName = $_POST['directory_name'];
//First verify the password
$passwordEntry = $_POST['password'];
if ($passwordEntry != $password)
{
throw new Exception('Authentication error');
}
//If the directory name is blank, bail out
if (empty($directoryName))
{
throw new Exception('Directory name is required');
}
//Make sure nobody can traverse from the root of the filesystem
if (substr($directoryName, 0, 1) == '/')
{
$directoryName = substr($directoryName, 1);
}
/*
* Get rid of slashes and anything after them. After this, if someone entered
* "/etc/passwd", we would have "etc"
*/
$directoryName = preg_replace('/\/(.*)?/', '', $directoryName);
//If the directory already exists, bail out
if (file_exists($directoryName))
{
throw new Exception('Directory already exists');
}
//Make sure we have a file in the request. If not, bail out.
if (empty($_FILES["index_file"]["tmp_name"]))
{
throw new Exception('Please upload a file');
}
//Create our directory
mkdir($directoryName);
//Get the temporary path to the file - this is where the server stashed it
$tmpName = $_FILES["index_file"]["tmp_name"];
//Create a path to where we want the file
$destinationPath = $directoryName . '/index.html';
//Attempt to move the file, this return true on success, false on failure
$fileMoveStatus = move_uploaded_file($tmpName, $destinationPath);
//If the file could not be moved, remove the directory we created an bail out
if ($fileMoveStatus === false)
{
rmdir($directoryName);
throw new Exception('Unable to move file to destination');
}
//Change the permissions on the HTML file so nobody can monkey with it
chmod($directoryName . '/index.html', 0644);
/*
* Reset the directory name - we put this variable in the field so the user
* won't have to re-type it if an error occurs. We want it to be empty now
* that the process was successful
*/
$directoryName = '';
// Set the status to success so we display the success alert to the user
$status = 'success';
}
catch (Exception $e)
{
// Set the status to error so we display the error alert to the user
$status = 'error';
// Set the error message to the message from the exception
$errorMessage = $e->getMessage();
}
}
?>
<!DOCTYPE HTML>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>Directory Manager</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"
integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Directory Manager</h1>
<form method="post" enctype="multipart/form-data">
<?php
if ($status == 'error')
{
?>
<div class="alert alert-danger" role="alert">
<?php echo $errorMessage; ?>
</div>
<?php
}
elseif ($status == 'success')
{
?>
<div class="alert alert-success" role="alert">
File uploaded successfully<br>
<a href="<?php echo $destinationPath; ?>">Go to file</a>
</div>
<?php
}
?>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="directory_name">Directory Name</label>
<input type="text" class="form-control" name="directory_name" id="directory_name" aria-describedby="directory_name_help" value="<?php echo $directoryName ?>">
<small id="directory_name_help" class="form-text text-muted">Name of directory to be
created.</small>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="directory_name">HTML File</label>
<input type="file" class="form-control" name="index_file" id="index_file" aria-describedby="file_help">
<small id="file_help" class="form-text text-muted">index.html file</small>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="password">Password</label>
<input type="password" class="form-control" name="password" id="password">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<button type="submit" name="submit" class="btn btn-primary">Submit</button>
</div>
</div>
</div>
</div>
</body>
</html>
[编辑2]复制模板文件而不是上传的版本。
<?php
//Set up variables we will need later
$directoryName = '';
$status = 'init';
$errorMessage = '';
//A super secret password that is required in order to do the dangerous things
$password = 'secret!';
// Path to the template file that will be copied into created directories
$sourcePath = 'template.html';
//If submit is in the post (result of the submit button being pressed)
if (array_key_exists('submit', $_POST))
{
try
{
//Get the directory name input first so we can set it back in the field if the login fails
$directoryName = $_POST['directory_name'];
//First verify the password
$passwordEntry = $_POST['password'];
if ($passwordEntry != $password)
{
throw new Exception('Authentication error');
}
//If the directory name is blank, bail out
if (empty($directoryName))
{
throw new Exception('Directory name is required');
}
//Make sure nobody can traverse from the root of the filesystem
if (substr($directoryName, 0, 1) == '/')
{
$directoryName = substr($directoryName, 1);
}
/*
* Get rid of slashes and anything after them. After this, if someone entered
* "/etc/passwd", we would have "etc"
*/
$directoryName = preg_replace('/\/(.*)?/', '', $directoryName);
//If the directory already exists, bail out
if (file_exists($directoryName))
{
throw new Exception('Directory already exists');
}
//Create our directory
mkdir($directoryName);
//Create a path to where we want the file
$destinationPath = $directoryName . '/index.html';
//Attempt to copy the file, this return true on success, false on failure
$fileCopyStatus = copy($sourcePath, $destinationPath);
//If the file could not be copied, remove the directory we created an bail out
if ($fileCopyStatus === false)
{
rmdir($directoryName);
throw new Exception('Unable to copy template file to destination');
}
//Change the permissions on the HTML file so nobody can monkey with it
chmod($directoryName . '/index.html', 0644);
/*
* Reset the directory name - we put this variable in the field so the user
* won't have to re-type it if an error occurs. We want it to be empty now
* that the process was successful
*/
$directoryName = '';
// Set the status to success so we display the success alert to the user
$status = 'success';
}
catch (Exception $e)
{
// Set the status to error so we display the error alert to the user
$status = 'error';
// Set the error message to the message from the exception
$errorMessage = $e->getMessage();
}
}
?>
<!DOCTYPE HTML>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>Directory Manager</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"
integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Directory Manager</h1>
<form method="post" enctype="multipart/form-data">
<?php
if ($status == 'error')
{
?>
<div class="alert alert-danger" role="alert">
<?php echo $errorMessage; ?>
</div>
<?php
}
elseif ($status == 'success')
{
?>
<div class="alert alert-success" role="alert">
File uploaded successfully<br>
<a href="<?php echo $destinationPath; ?>">Go to file</a>
</div>
<?php
}
?>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="directory_name">Directory Name</label>
<input type="text" class="form-control" name="directory_name" id="directory_name" aria-describedby="directory_name_help" value="<?php echo $directoryName ?>">
<small id="directory_name_help" class="form-text text-muted">Name of directory to be
created.</small>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="password">Password</label>
<input type="password" class="form-control" name="password" id="password">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<button type="submit" name="submit" class="btn btn-primary">Submit</button>
</div>
</div>
</div>
</div>
</body>
</html>
英语不是我的 first/second 语言,我不知道如何说出来,但我会尝试解释一下我想做什么。 我不是要有人直接为我做这件事,而是指导我从哪里开始,因为现在我什至不知道在 google 上搜索什么。 基本上我有一个共享主机上的域。主要用于测试目的,所以我并不真正关心安全性或任何此类问题,因为我的域中没有上传任何内容 important/sensitive。
所以基本上我经常必须通过 FTP 登录并创建一个新文件夹并添加一个简单的预制 index.html 文件,当我每天必须执行相同的任务 10 次以上时会变得很累. 所以我在想,如果我创建一个简单的 UI ,我可以简单地将其放入目录名称并附加 .html 文件,这样它就可以完成了。无需通过 FTP.
登录简单吗?我只是想进入域。com/create 并有一个简单的 UI,您只需在其中附加 .html 文件和目录名称,然后单击“提交”。
我真诚地希望我写的东西有意义,因为我不知道从哪里开始。 如果你认真看完这篇文章,谢谢。
是的,只要您不关心安全性,这就相当容易 ;)
您想看mkdir and move_uploaded_file。以表格形式收集目录名称和文件,创建目录,并将上传的文件移动到那里。我链接到的文档中的示例代码应该足以使其工作。
[编辑] 下面是一个如何以比较安全的方式执行此操作的示例。这是 bare-bones 的结果。免责声明 - 允许文件上传到您的网络根目录是危险的。我不负责有人拥有你的服务器!
<?php
//Set up variables we will need later
$directoryName = '';
$status = 'init';
$errorMessage = '';
//A super secret password that is required in order to do the dangerous things
$password = 'secret!';
//If submit is in the post (result of the submit button being pressed)
if (array_key_exists('submit', $_POST))
{
try
{
//Get the directory name input first so we can set it back in the field if the login fails
$directoryName = $_POST['directory_name'];
//First verify the password
$passwordEntry = $_POST['password'];
if ($passwordEntry != $password)
{
throw new Exception('Authentication error');
}
//If the directory name is blank, bail out
if (empty($directoryName))
{
throw new Exception('Directory name is required');
}
//Make sure nobody can traverse from the root of the filesystem
if (substr($directoryName, 0, 1) == '/')
{
$directoryName = substr($directoryName, 1);
}
/*
* Get rid of slashes and anything after them. After this, if someone entered
* "/etc/passwd", we would have "etc"
*/
$directoryName = preg_replace('/\/(.*)?/', '', $directoryName);
//If the directory already exists, bail out
if (file_exists($directoryName))
{
throw new Exception('Directory already exists');
}
//Make sure we have a file in the request. If not, bail out.
if (empty($_FILES["index_file"]["tmp_name"]))
{
throw new Exception('Please upload a file');
}
//Create our directory
mkdir($directoryName);
//Get the temporary path to the file - this is where the server stashed it
$tmpName = $_FILES["index_file"]["tmp_name"];
//Create a path to where we want the file
$destinationPath = $directoryName . '/index.html';
//Attempt to move the file, this return true on success, false on failure
$fileMoveStatus = move_uploaded_file($tmpName, $destinationPath);
//If the file could not be moved, remove the directory we created an bail out
if ($fileMoveStatus === false)
{
rmdir($directoryName);
throw new Exception('Unable to move file to destination');
}
//Change the permissions on the HTML file so nobody can monkey with it
chmod($directoryName . '/index.html', 0644);
/*
* Reset the directory name - we put this variable in the field so the user
* won't have to re-type it if an error occurs. We want it to be empty now
* that the process was successful
*/
$directoryName = '';
// Set the status to success so we display the success alert to the user
$status = 'success';
}
catch (Exception $e)
{
// Set the status to error so we display the error alert to the user
$status = 'error';
// Set the error message to the message from the exception
$errorMessage = $e->getMessage();
}
}
?>
<!DOCTYPE HTML>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>Directory Manager</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"
integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Directory Manager</h1>
<form method="post" enctype="multipart/form-data">
<?php
if ($status == 'error')
{
?>
<div class="alert alert-danger" role="alert">
<?php echo $errorMessage; ?>
</div>
<?php
}
elseif ($status == 'success')
{
?>
<div class="alert alert-success" role="alert">
File uploaded successfully<br>
<a href="<?php echo $destinationPath; ?>">Go to file</a>
</div>
<?php
}
?>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="directory_name">Directory Name</label>
<input type="text" class="form-control" name="directory_name" id="directory_name" aria-describedby="directory_name_help" value="<?php echo $directoryName ?>">
<small id="directory_name_help" class="form-text text-muted">Name of directory to be
created.</small>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="directory_name">HTML File</label>
<input type="file" class="form-control" name="index_file" id="index_file" aria-describedby="file_help">
<small id="file_help" class="form-text text-muted">index.html file</small>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="password">Password</label>
<input type="password" class="form-control" name="password" id="password">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<button type="submit" name="submit" class="btn btn-primary">Submit</button>
</div>
</div>
</div>
</div>
</body>
</html>
[编辑2]复制模板文件而不是上传的版本。
<?php
//Set up variables we will need later
$directoryName = '';
$status = 'init';
$errorMessage = '';
//A super secret password that is required in order to do the dangerous things
$password = 'secret!';
// Path to the template file that will be copied into created directories
$sourcePath = 'template.html';
//If submit is in the post (result of the submit button being pressed)
if (array_key_exists('submit', $_POST))
{
try
{
//Get the directory name input first so we can set it back in the field if the login fails
$directoryName = $_POST['directory_name'];
//First verify the password
$passwordEntry = $_POST['password'];
if ($passwordEntry != $password)
{
throw new Exception('Authentication error');
}
//If the directory name is blank, bail out
if (empty($directoryName))
{
throw new Exception('Directory name is required');
}
//Make sure nobody can traverse from the root of the filesystem
if (substr($directoryName, 0, 1) == '/')
{
$directoryName = substr($directoryName, 1);
}
/*
* Get rid of slashes and anything after them. After this, if someone entered
* "/etc/passwd", we would have "etc"
*/
$directoryName = preg_replace('/\/(.*)?/', '', $directoryName);
//If the directory already exists, bail out
if (file_exists($directoryName))
{
throw new Exception('Directory already exists');
}
//Create our directory
mkdir($directoryName);
//Create a path to where we want the file
$destinationPath = $directoryName . '/index.html';
//Attempt to copy the file, this return true on success, false on failure
$fileCopyStatus = copy($sourcePath, $destinationPath);
//If the file could not be copied, remove the directory we created an bail out
if ($fileCopyStatus === false)
{
rmdir($directoryName);
throw new Exception('Unable to copy template file to destination');
}
//Change the permissions on the HTML file so nobody can monkey with it
chmod($directoryName . '/index.html', 0644);
/*
* Reset the directory name - we put this variable in the field so the user
* won't have to re-type it if an error occurs. We want it to be empty now
* that the process was successful
*/
$directoryName = '';
// Set the status to success so we display the success alert to the user
$status = 'success';
}
catch (Exception $e)
{
// Set the status to error so we display the error alert to the user
$status = 'error';
// Set the error message to the message from the exception
$errorMessage = $e->getMessage();
}
}
?>
<!DOCTYPE HTML>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>Directory Manager</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"
integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
</head>
<body>
<div class="container">
<h1>Directory Manager</h1>
<form method="post" enctype="multipart/form-data">
<?php
if ($status == 'error')
{
?>
<div class="alert alert-danger" role="alert">
<?php echo $errorMessage; ?>
</div>
<?php
}
elseif ($status == 'success')
{
?>
<div class="alert alert-success" role="alert">
File uploaded successfully<br>
<a href="<?php echo $destinationPath; ?>">Go to file</a>
</div>
<?php
}
?>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="directory_name">Directory Name</label>
<input type="text" class="form-control" name="directory_name" id="directory_name" aria-describedby="directory_name_help" value="<?php echo $directoryName ?>">
<small id="directory_name_help" class="form-text text-muted">Name of directory to be
created.</small>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="password">Password</label>
<input type="password" class="form-control" name="password" id="password">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<button type="submit" name="submit" class="btn btn-primary">Submit</button>
</div>
</div>
</div>
</div>
</body>
</html>