У меня есть сайт, на котором клиенты могут загружать pdf файл с информацией о продукте. По какой-то причине pdf-код переименовывается в "Office", который не будет работать, поскольку загружается много файлов PDF. Как сохранить имя загружаемого pdf файла? Любой совет будет принят во внимание.
Вот мой код.
session_start();
include('../config.php');
error_reporting(0);
// SESSION CHECK SET OR NOT
if(!isset($_SESSION['admin']))
{
header('location:index.php');
}
if(isset($_POST['submit']))
{
//When no image is selected
if($_FILES['image']['name']=='')
{
$query = "INSERT INTO 'products' SET Office = ?,Description = ?,Unit = ?,Generic = ?,Category=?";
$parameters = array($_POST['Office'],$_POST['Description'],$_POST['Unit'],$_POST['Generic'],$_POST['Category']);
}else{
$allowed_filetypes = array('jpg','jpeg','png','gif','pjpeg');
$ext = end((explode(".", $_FILES['image']['name'])));
$imageName = $_POST['Office'].'.'.$ext;
$path = "../".$path.$imageName;
$tmp = $_FILES['image']['tmp_name'];
if(!in_array($ext,$allowed_filetypes))
{
$error = 'danger';
$errormsg = "You uploaded wrong image format";
}else
{
$moved = move_uploaded_file($tmp,$path);
//Resize the uploaded avatar
resize($path , '150', '150', $ext);
$query = "INSERT INTO 'products' SET Office = ?,Description = ?,Unit = ?,Generic = ?,image=?,Category=?";
$parameters = array($_POST['Office'],$_POST['Description'],$_POST['Unit'],$_POST['Generic'],$imageName,$_POST['Category']);
}
}
// PDF UPLOAD
$allowed_filetypes_pdf = array('pdf');
$ext_pdf = end((explode(".", $_FILES['pdf']['name'])));
$pdfName = $_POST['Office'].'.'.$ext_pdf;
$path = "../".$path_pdf.$_POST['Office']."/";
//$path_pdf = "../".$path_pdf.$pdfName;
$pdf=$path_pdf.$pdfName;
$tmp_pdf = $_FILES['pdf']['tmp_name'];
if(!in_array($ext_pdf,$allowed_filetypes_pdf))
{
$error = 'danger';
$errormsg = "You uploaded wrong image format";
}else
{
$moved1 = move_uploaded_file($tmp_pdf, $path_pdf);
$query = "INSERT INTO 'products' SET Office = ?,Description = ?,Unit = ?,Generic = ?,image=?,PDF_Path=?,Category=?";
$parameters = array($_POST['Office'],$_POST['Description'],$_POST['Unit'],$_POST['Generic'],$imageName,$pdf,$_POST['Category']);
}
$statement = $db->prepare($query);
$statement->execute($parameters);
$error = 'success';
$errormsg = "New User added successfully";
}
$query = "select DISTINCT(Office) from userinfo ";
$statement = $db->prepare($query);
$statement->execute();
?>
HTML
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!-->
<html class="no-js"> <!--<![endif]-->
<head>
<title>Add Product</title>
<?php include "include/head.php" ?>
<link rel="stylesheet" href="../assets/plugins/fileupload/bootstrap-fileupload.css" type="text/css" />
<link rel="stylesheet" href="../assets/css/custom.css" type="text/css" />
</head>
<body>
<div id="wrapper">
<?php include 'include/header.php'; ?>
<?php include 'include/topMenu.php'; ?>
<?php include 'include/sidebar.php'; ?>
<div id="content">
<div id="content-header">
<h1>Add New Product</h1>
</div> <!-- #content-header -->
<div id="content-container">
<?php
if($errormsg){
echo "<div class='alert alert-$error' style='padding-left: 5px;'>$errormsg</div>";
}?>
<div class="row">
<div class="col-sm-6">
<div class="portlet">
<div class="portlet-header">
<h3><i class="fa fa-plus-square"></i>
Add Product
</h3>
</div> <!-- /.portlet-header -->
<div class="portlet-content">
<div id="error"></div>
<form id="validate-basic" action="" data-validate="parsley" method="post" class="form parsley-form ajax_form" enctype="multipart/form-data">
<div class="form-group">
<label for="name">Office</label>
<select class="form-control" name="Office">
<?php
while($row = $statement->fetch(PDO::FETCH_ASSOC))
{
echo "<option value='{$row['Office']}'>{$row['Office']}</option>";
}?>
</select>
</div>
<div class="input-group">
<h5 style="font-weight: 700; font-size: 13px;">Please select PDF</h5>
<div class="input-group-btn">
<input type="file" name="pdf"/>
</div>
</div>
<div class="form-group" id="images">
<label for="avatar">Product Image</label>
<div class="fileupload fileupload-new" data-provides="fileupload">
<div class="fileupload-new thumbnail" style="width: 180px; height: 150px;"><img src="../images/avatar/noimage.gif" alt="Product Avatar" /></div>
<div class="fileupload-preview fileupload-exists thumbnail" style="max-width: 150px; max-height: 200px; line-height: 20px;"></div>
<div>
<span class="btn btn-default btn-file"><span class="fileupload-new">Select image</span><span class="fileupload-exists">Change</span>
<input type="file" name='image' /></span>
<a href="#" class="btn btn-default fileupload-exists" data-dismiss="fileupload">Remove</a>
</div>
</div>
</div>
<div class="form-group">
<label for="name">Description</label>
<input type="text" id="Description" name="Description" class="form-control" value="<?php echo $row_user['Description'] ?>">
</div>
<div class="form-group">
<label for="name">Unit</label>
<input type="text" id="Unit" name="Unit" class="form-control" value="<?php echo $_POST['Unit'] ?>">
</div>
<div class="form-group">
<label for="select-input">Category</label>
<select id="select-input" name="Category" class="form-control">
<option value="G">Generic</option>
<option value="S">Stationary</option>
<option value="E">Envelopes</option>
<option value="M">Megazine Reprint</option>
<option value="T">Tabs</option>
</select>
</div>
<div class="form-group">
<label for="select-input">Generic</label>
<select id="select-input" name="Generic" class="form-control">
<option value="1">Yes</option>
<option value="0">No</option>
</select>
</div>
<div class="form-group">
<button type="submit" name="submit" class="btn btn-primary"><i class="fa fa-check-square-o"></i> Submit</button>
</div>
</form>
</div>
<!--END PORTLET-CONTENT -->
</div>
<!-- END PORTLET -->
</div>
<!-- END COL -->
</div>
<!--END ROW -->
</div>
<!-- END CONTENT-CONATINER -->
</div>
<!--END CONTENT -->
</div>
<!--END WRAPPER -->
'
// EDIT PRODUCT
$allowed_filetypes_pdf = array('pdf');
$ext_pdf = end((explode(".", $_FILES['pdf']['name'])));
$pdfName = $_POST['Office'].'.'.$ext_pdf;
$pdf = ($_FILES['pdf']['name'])?$path_pdf.$pdfName:$_SESSION['oldpdf'];
// $path = "../".$path_pdf.$_POST['Office']."/";
$path_pdf = "../".$path_pdf.$pdfName;
// chmod($path_pdf, 0777);
$tmp_pdf = $_FILES['pdf']['tmp_name'];
$moved1 = move_uploaded_file($tmp_pdf, $path_pdf);
$query = "UPDATE 'products' SET Office = ?,Description = ?,Unit = ?,Generic = ?,image=?,PDF_Path=?,Category=? WHERE ID=?";
$parameters = array($_POST['Office'],$_POST['Description'],$_POST['Unit'],$_POST['Generic'],$imageName,$pdf,$_POST['Category'],$_POST['ID']);
Пытаться....
// PDF UPLOAD
$allowed_filetypes_pdf = array('pdf');
$ext_pdf = end((explode(".", $_FILES['pdf']['name'])));
$pdfName = basename( $_FILES["pdf"]["name"]);
$path = "../".$path_pdf.$_POST['Office']."/";
//$path_pdf = "../".$path_pdf.$pdfName;
$pdf=$path_pdf.$pdfName;
$tmp_pdf = $_FILES['pdf']['tmp_name'];
if(!in_array($ext_pdf,$allowed_filetypes_pdf))
{
$error = 'danger';
$errormsg = "You uploaded wrong image format";
}else
{
$moved1 = move_uploaded_file($tmp_pdf, $path_pdf);
$query = "INSERT INTO 'products' SET Office = ?,Description = ?,Unit = ?,Generic = ?,image=?,PDF_Path=?,Category=?";
$parameters = array($_POST['Office'],$_POST['Description'],$_POST['Unit'],$_POST['Generic'],$imageName,$pdf,$_POST['Category']);
}
Попробуй это:
Я сделал 2 исправления уязвимости для вас
Недостаточно проверки расширения имени файла. Если вы переименуете.pdf в.php, тогда его передают и загружают, а также.pdf. Если вы проверите тип файла mime, это не повторится.
В имени pdf вы отправляете переменную Office, что еще более уязвимо, если злоумышленник переходит в папки и загружает его где-то в другом месте. Например, если значение Office -../../Someoffice
//$allowed_filetypes_pdf = array('pdf');
//$ext_pdf = end((explode(".", $_FILES['pdf']['name'])));
//$pdfName = $_POST['Office'].'.'.$ext_pdf;
$name = $_FILES["pdf"]["name"];
$pdfName = substr($name, strrpos($name, "/"));
$dirName = str_replace(["../", "\0"], "", $_POST["Office"]);
$pdfName = $dirName."-".$pdfName;
//$path = "../".$path_pdf.$_POST['Office']."/";
//$path_pdf = "../".$path_pdf.$pdfName;
//$pdf=$path_pdf.$pdfName;
$path_pdf = "../{$dirName}/{$name}";
$finfo = new finfo(FILEINFO_MIME);
$type = $finfo->file($tmp_pdf);
if( $type != "application/pdf" )
{
$error = 'danger';
$errormsg = "You uploaded wrong image format";
}
else
{
move_uploaded_file($tmp_pdf, $path_pdf);
$query = "INSERT INTO 'products' SET Office = ?,Description = ?,Unit = ?,Generic = ?,image=?,PDF_Path=?,Category=?";
$parameters = array($_POST['Office'],$_POST['Description'],$_POST['Unit'],$_POST['Generic'],$imageName,$path_pdf,$_POST['Category']);
}
$pdfName = $_POST['Office'].'.'.$ext_pdf;
... Может быть,$ext_pdf
пуст?