我正在尝试允许用户在我的网站上传个人资料照片。基本上我遵循链接的代码:Allow users to upload a pic for their profile
我不知道代码是否足够安全。我担心用户可能会上传恶意文件。
另外,我担心如果有很多用户,我会在一个文件夹中有很多图片,这可能会减慢检索过程。我想知道存储配置文件图片的最佳做法是什么。最多几张照片是否应该在文件夹中以提高效率?
感谢您的建议!!以下是我的代码:
if(is_uploaded_file($_FILES['image']['tmp_name']))
{
uploadImage($_FILES['image']['tmp_name'], 100, 100, "image/users/test2.jpeg");
}
和
function uploadImage($source, $max_width, $max_height, $destination) {
list($width, $height) = getimagesize($source);
if ($width > 150 || $height > 150) {
$ratioh = $max_height / $height;
$ratiow = $max_width / $width;
$ratio = max($ratioh, $ratiow);
// New dimensions
$newwidth = intval($ratio * $width);
$newheight = intval($ratio * $height);
$newImage = imagecreatetruecolor($newwidth, $newheight);
$ext = trim(strtolower($_FILES['image']['type']));
$sourceImage = null;
// Generate source image depending on file type
switch ($ext) {
case "image/jpg":
case "image/jpeg":
$sourceImage = imagecreatefromjpeg($source);
break;
case "image/gif":
$sourceImage = imagecreatefromgif($source);
break;
case "image/png":
$sourceImage = imagecreatefrompng($source);
break;
}
imagecopyresampled($newImage, $sourceImage, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
// Output file depending on type
switch ($ext) {
case "image/jpg":
case "image/jpeg":
imagejpeg($newImage, $destination);
break;
case "image/gif":
imagegif($newImage, $destination);
break;
case "image/png":
imagepng($newImage, $destination);
break;
}
// Destroy resources
imagedestroy($newImage);
imagedestroy($sourceImage);
}
}
谢谢!