php文件上传
error_reporting(-1);
header("Content-type: text/html; charset=utf-8");
$dangers = "php,php3,php4,phtml,php5,jsp,py,rb,asp,aspx,ashx,asa,cer,cdx,aspl,shtm,shtml,html,htm";
//$ext='php ';
$filename=$_FILES['file1']['name'];
//move_uploaded_file($_FILES['file']['tmp_name'],$filename);
$tmpfile=$_FILES['file1']['tmp_name'];
$ext=strtolower(pathinfo($filename, PATHINFO_EXTENSION));
//echo strlen($ext);
//echo $tmpfile;
//echo $filename;
//echo $ext;
echo strpos($dangers,$ext);
//echo "";
if(strpos($dangers,$ext) !== false){
echo "不可绕过";
exit();
}else{
if(move_uploaded_file($tmpfile, './'.time().'.'.$ext))
echo strlen($ext);
else{
echo "upload failed";
}
}
?>
header("Content-type: text/html; charset=utf-8");
$dangers = "php,php3,php4,phtml,php5,jsp,py,rb,asp,aspx,ashx,asa,cer,cdx,aspl,shtm,shtml,html,htm";
//$ext='php ';
$filename=$_FILES['file1']['name'];
//move_uploaded_file($_FILES['file']['tmp_name'],$filename);
$tmpfile=$_FILES['file1']['tmp_name'];
$ext=strtolower(pathinfo($filename, PATHINFO_EXTENSION));
//echo strlen($ext);
//echo $tmpfile;
//echo $filename;
//echo $ext;
echo strpos($dangers,$ext);
//echo "";
if(strpos($dangers,$ext) !== false){
echo "不可绕过";
exit();
}else{
if(move_uploaded_file($tmpfile, './'.time().'.'.$ext))
echo strlen($ext);
else{
echo "upload failed";
}
}
?>