001.
<?php
002.
003.
004.
005.
006.
007.
008.
009.
010.
011.
if
(
$_POST
) {
012.
013.
$data
[
'name'
] = filter_input(INPUT_POST,
'name'
, FILTER_SANITIZE_STRING);
014.
015.
016.
$errorFound
= false;
017.
018.
if
(isset(
$_FILES
[
'image'
])) {
019.
020.
if
(
021.
isset(
$_FILES
[
'image'
][
'error'
]) &&
022.
$_FILES
[
'image'
][
'error'
] !== UPLOAD_ERR_OK &&
023.
$_FILES
[
'image'
][
'error'
] !== UPLOAD_ERR_NO_FILE
024.
) {
025.
026.
switch
(
$_FILES
[
'image'
][
'error'
]) {
027.
case
UPLOAD_ERR_INI_SIZE:
028.
$errorMessage
=
"The uploaded file exceeds the upload_max_filesize directive in php.ini"
;
029.
break
;
030.
case
UPLOAD_ERR_FORM_SIZE:
031.
$errorMessage
=
"The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form"
;
032.
break
;
033.
case
UPLOAD_ERR_PARTIAL:
034.
$errorMessage
=
"The uploaded file was only partially uploaded"
;
035.
break
;
036.
case
UPLOAD_ERR_NO_FILE:
037.
$errorMessage
=
"No file was uploaded"
;
038.
break
;
039.
case
UPLOAD_ERR_NO_TMP_DIR:
040.
$errorMessage
=
"Missing a temporary folder"
;
041.
break
;
042.
case
UPLOAD_ERR_CANT_WRITE:
043.
$errorMessage
=
"Failed to write file to disk"
;
044.
break
;
045.
case
UPLOAD_ERR_EXTENSION:
046.
$errorMessage
=
"File upload stopped by extension"
;
047.
break
;
048.
default
:
049.
$errorMessage
=
"Unknown upload error"
;
050.
break
;
051.
}
052.
$errorFound
= true;
053.
}
elseif
(
$_FILES
[
'image'
][
'error'
] === UPLOAD_ERR_OK) {
054.
055.
056.
$Finfo
=
new
finfo();
057.
$fileMime
=
$Finfo
->file(
$_FILES
[
'image'
][
'tmp_name'
], FILEINFO_MIME_TYPE);
058.
$fileSize
=
filesize
(
$_FILES
[
'image'
][
'tmp_name'
]);
059.
$allowedMimes
= [
'image/gif'
,
'image/jpeg'
,
'image/png'
];
060.
unset(
$Finfo
);
061.
062.
if
(
$fileSize
> 1024000) {
063.
$errorFound
= true;
064.
$errorMessage
=
'ขนาดไฟล์ใหญ่เกินกว่า 1 MB.'
;
065.
}
elseif
(!in_array(
strtolower
(
$fileMime
),
$allowedMimes
)) {
066.
$errorFound
= true;
067.
$errorMessage
=
'กรุณา upload รูปภาพเท่านั้น.'
;
068.
}
else
{
069.
070.
$expUploadFile
=
explode
(
'.'
,
$_FILES
[
'image'
][
'name'
]);
071.
$fileExt
=
'.'
.
$expUploadFile
[
count
(
$expUploadFile
) - 1];
072.
unset(
$expUploadFile
);
073.
074.
$newUploadFileName
= md5(time()) .
$fileExt
;
075.
unset(
$fileExt
);
076.
077.
$uploadResult
= move_uploaded_file(
$_FILES
[
'image'
][
'tmp_name'
],
$newUploadFileName
);
078.
if
(
$uploadResult
!== true) {
079.
$errorFound
= true;
080.
$errorMessage
=
'ไม่สามารถอัพโหลดได้.'
;
081.
}
082.
unset(
$uploadResult
);
083.
}
084.
085.
unset(
$allowedMimes
,
$Finfo
,
$fileMime
,
$fileSize
);
086.
}
087.
}
088.
089.
if
(
$errorFound
=== false) {
090.
091.
092.
if
(isset(
$newUploadFileName
)) {
093.
094.
$data
[
'image'
] =
$newUploadFileName
;
095.
unset(
$newUploadFileName
);
096.
097.
unlink(
$data
[
'image'
]);
098.
}
099.
100.
101.
print_r(
$data
);
102.
}
else
{
103.
104.
if
(isset(
$errorMessage
)) {
105.
106.
107.
trigger_error(
$errorMessage
, E_USER_ERROR);
108.
}
109.
exit
();
110.
}
111.
}