文件上傳我們需要用到HTML里面表單的type=file類(lèi)型，及其enctype屬性。這是我們大家必須要用的。當(dāng)然了PHP函數(shù)庫(kù)當(dāng)中的FILE函數(shù)庫(kù)，字符串類(lèi)型函數(shù)庫(kù)，目錄函數(shù)庫(kù)及$_FILES[]的使用是我們必須要用到的。

也許每一個(gè)站點(diǎn)都可能會(huì)對(duì)上傳文件有許多的限制，這些限制會(huì)包括 文件類(lèi)型，文件大小，擴(kuò)展名，以及上傳目錄的存在與否，上傳文件的存在與否，目錄的可寫(xiě)性，可讀性，上傳文件的改名及怎樣把文件從緩存當(dāng)中復(fù)制到你所需要的目錄當(dāng)中。

當(dāng)然出錯(cuò)的預(yù)處理也是我們不容忽視的!如果再深一步的討論我們還可以對(duì)文件的操作起用事件日志的記錄。

下面我們通過(guò)一段程序來(lái)實(shí)現(xiàn)這些功能：首先是我們預(yù)設(shè)的變量值，它包括文件大小，文件擴(kuò)展名類(lèi)型，MIMI類(lèi)型，及是否刪除的開(kāi)關(guān)變量

$MAX_SIZE = 2000000;$FILE_MIMES = array('image/jpeg','image/jpg','image/gif','image/png','application/msword');

$FILE_EXTS = array('.zip','.jpg','.png','.gif');

$DELETABLE = true

下一部就是設(shè)置瀏覽器訪(fǎng)問(wèn)變量及目錄訪(fǎng)問(wèn)變量：

$site_name = $_SERVER['HTTP_HOST'];$url_dir = http://.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);$url_this = http://.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];

$upload_dir = files/;$upload_url = $url_dir./files/;$message =;

建立上傳目錄并相應(yīng)改變權(quán)限：

if (!is_dir(files)) {　if (!mkdir($upload_dir))die (upload_files directory doesn't exist and creation failed);　if (!chmod($upload_dir,0755))die (change permission to 755 failed.);}

用戶(hù)請(qǐng)求的處理：

if ($_REQUEST[del] && $DELETABLE) {　$resource = fopen(log.txt,a);　fwrite($resource,date(Ymd h:i:s).DELETE - $_SERVER[REMOTE_ADDR].$_REQUEST[del]n);　fclose($resource);

　if (strpos($_REQUEST[del],/.)＞0); //possible hacking　else if (strpos($_REQUEST[del],files/) === false); //possible hacking　else if (substr($_REQUEST[del],0,6)==files/) {unlink($_REQUEST[del]);print ＜script＞window.location.href='http://m.4tl426be.cn/bcjs/$url_this?message=deleted successfully'＜/script＞;　}}else if ($_FILES['userfile']) {　$resource = fopen(log.txt,a);　fwrite($resource,date(Ymd h:i:s).UPLOAD - $_SERVER[REMOTE_ADDR]　.$_FILES['userfile']['name']. 　.$_FILES['userfile']['type'].n);　fclose($resource);

　$file_type = $_FILES['userfile']['type']; 　$file_name = $_FILES['userfile']['name'];　$file_ext = strtolower(substr($file_name,strrpos($file_name,.)));

　//文件大小的檢查：

　if ( $_FILES['userfile']['size'] ＞ $MAX_SIZE) $message = The file size is over 2MB.;//File Type/Extension Check　else if (!in_array($file_type, $FILE_MIMES) && !in_array($file_ext, $FILE_EXTS) )$message = Sorry, $file_name($file_type) is not allowed to be uploaded.;　else$message = do_upload($upload_dir, $upload_url);

　print ＜script＞window.location.href='http://m.4tl426be.cn/bcjs/$url_this?message=$message'＜/script＞;}else if (!$_FILES['userfile']);else $message = Invalid File Specified.;

列出我們上傳的文件：

$handle=opendir($upload_dir);$filelist = ;while ($file = readdir($handle)) {　if(!is_dir($file) && !is_link($file)) {$filelist .= ＜a href='http://m.4tl426be.cn/bcjs/$upload_dir$file'＞.$file.＜/a＞;　if ($DELETABLE)$filelist .= ＜a href='http://m.4tl426be.cn/bcjs/?del=$upload_dir$file'＞x＜/a＞;$filelist .= ＜sub＞＜small＞＜small＞＜font color=grey＞ .date(d-m H:i, filemtime($upload_dir.$file)).＜/font＞＜/small＞＜/small＞＜/sub＞;$filelist .=＜br＞;　}}

function do_upload($upload_dir, $upload_url) {

　$temp_name = $_FILES['userfile']['tmp_name'];　$file_name = $_FILES['userfile']['name']; 　$file_name = str_replace(,,$file_name);　$file_name = str_replace(',,$file_name);　$file_path = $upload_dir.$file_name;

　//File Name Check　if ( $file_name ==) { $message = Invalid File Name Specified;return $message;　}

　$result = move_uploaded_file($temp_name, $file_path);　if (!chmod($file_path,0777))$message = change permission to 777 failed.;　else$message = ($result)?$file_name uploaded successfully. :　Somthing is wrong with uploading a file.;　return $message;}

?＞

＜center＞＜font color=red＞＜?=$_REQUEST[message]?＞＜/font＞＜br＞＜form name=upload id=upload ENCTYPE=multipart/form-data method=post＞Upload File ＜input type=file id=userfile name=userfile＞＜input type=submit name=upload value=Upload＞＜/form＞

＜br＞＜b＞My Files＜/b＞＜hr width=70%＞＜?=$filelist?＞＜hr width=70%＞＜small＞＜sup＞Developed By ＜a style=text-decoration:none href=http://tech.citypost.ca＞CityPost.ca＜/a＞＜/sup＞＜/small＞＜/center＞