PHPÎļþÉÏ´«ÎÊÌâ - PHP / »ù´¡±à³Ì
ÎÒÓÐÒ»¸ö»ñÈ¡ÉÏ´«Îļþ´óСµÄÐèÇó£¬Èç¹ûÎļþ´óС´óÓÚij¸öÌض¨Öµ£¬¾ÍÌáʾÓû§Îļþ¹ý´ó£¬²»ÔÊÐíÉÏ´«¡£´ÓÍøÉϲéÁ˺ܳ¤Ê±¼ä£¬¶¼Ã»ÓÐÕÒµ½ºÏÊʵķ½·¨£¬Õâ¸öÎÊÌâ¿àÄÕÁËÎҺܳ¤Ê±¼ä£¬ÇëÎÊÓÐûÓÐÈËÄܸøÎÒÒ»¸ö½â¾öµÄ·½°¸¡£Íò·Ö¸Ðл£¡£¡
PHP code:
if($_FILES['postName']['size'] > $fileAllowedMaxSize){
echo "The file isn't allowed";
}
Õâ¸ö·½·¨²»ÔõôºÃÓ᣻¹ÊÇлл
Ϊʲô²»ºÃÓã¿
ǰ̨ʹÓÃajax£¬·þÎñÆ÷¶Ë¾ÍʹÓÃ$_FILES['postName']['size']ÅжÏ
ÕâÊÇͨ³ÔµÄ°ì·¨
»¹Óиö°ì·¨jsÓÃnew image(filePath),°ÑÉÏ´«Îļþµ±Í¼Æ¬¡£µ«ÊǸ÷½·¨ÔÚ·Çieä¯ÀÀÆ÷ϲ»ÐС£
ÄãµÄÐèÇóÊÇʲô°¡ Õâ¸öºÞºÃÓà °¡
Ê×ÏÈÔÚhtmlÒ³ÃæÒþ²ØÓò´«MAX_FILE_SIZE,Õâ¾ÍÏñ¸öÌáʾ£¬Èç¹ûËûÌø¹ýÕâ²½£¬ÄÇÎÒÃÇÒ²¾ÍûʲôÀí¿÷µÄÁË£¬½ÓÏÂÀ´£¬ÔÚphpÒ³ÃæÅжÏ$_FILE['xxx']['error']
ÆäֵΪ 0£¬Ã»ÓдíÎó·¢Éú£¬ÎļþÉÏ´«³É¹¦¡£
UPLOAD_ERR_INI_SIZE
ÆäֵΪ 1£¬ÉÏ´«µÄÎļþ³¬¹ýÁË php.ini ÖÐ upload_max_filesize Ñ¡
Ïà¹ØÎÊ´ð£º
ÈçÌ⣬Ôõôд¸öheadÍ·²¿ ÈÃÒ³Ã滺´æ1ÐÇÆÚ¡£
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
Äã°ÑÀïÃæµÄʱ¼ä£¬¸Ä³Éµ±Ç°Ê±¼ä¼ÓÉÏÒ»¸öÐÇÆÚ
¼ÇµÃҪת»»³Égmtʱ¼ä
ÎÒÕâÑùдµÄ ²»ÖªµÀÐв»ÐС£
Ò»¸öÐ ......
ÏÖÓÐÒ»PHP¿Õ¼ä£¬Ö§³ÖMYSQLÊý¾Ý¿â
Ϊ½ÚÊ¡·ÑÓã¬ÏÖÏëͨ¹ýÓòÃûתÏòĿ¼ÐÎʽ½øÐйÜÀí£¨¼´½«ÓòÃûA¼Ç¼£Û°üÀ¨¶¥¼¶ÓòÃû¼°¶þ¼¶ÓòÃû£Ý¶¼Ö¸Ïòͬһ¿Õ¼ä£©
È磺·ÃÎÊÓòÃû abcd.cn Ö±½Ó·ÃÎÊÍøÕ¾¸ùĿ¼
·ÃÎʶþ¼¶ÓòÃû ef.abcd.cn ......
¼±Çó£ºÔÚphp½Å±¾ÀïÔõôµ÷ÓÃjsÎļþÀï·½·¨£¿
»òÕßÔÚjsÎļþÀïµ÷ÓÃphpÎļþдµÄseesion£¿
PHP¸ÕÈëÃÅѧϰ,ÓÑÇ鶥һ¸ö
¼±Çó£ºÔÚphp½Å±¾ÀïÔõôµ÷ÓÃjsÎļþÀï·½·¨£¿
//echo '<script>alert("ok");< ......
ÏÖÔÚÓÐa,bÈý¸öÒ³Ãæ
bÊǵǽҳÃ棬·ÃÎÊaÒ³Ã棬Èç¹ûûÓеǼ£¬Ôòheaderµ½bÒ³Ãæ
ÔÚbÒ³ÃæÈ¡²»µ½HTTP_REFERER
òËÆHTTP_REFERERÖ»ÄÜÈ¡µ½a±êÇ©ºÍpost,get·½·¨µÄÌøת
Äܲ»ÄÜαÔìÒ»¸öHTTP_REFERER£¬È»ºó¹ýÈ¥£¿
¼ÈÈ»Ö ......
