作者:甘文靖 | 来源:互联网 | 2018-03-22 19:33
项目中删除图片的代码,希望各位大大能给些安全性的建议。
if(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'){
$url = $_GET['json'];
$url = $_SERVER['DOCUMENT_ROOT'].urldecode($url['picurl']);
$pictype = array("gif","jpg","jpeg","png","bmp");
if(file_exists($url)){
$infos = pathinfo($url);
if(in_array($infos['extension'],$pictype) && strpos($url,"uploadfile")){
if(unlink($url)){
echo json_encode(array("status"=>"1","info"=>L('删除成功!')));
}else{
echo json_encode(array("status"=>"2","info"=>L("删除失败,请检查权限!")));
}
}else{
echo json_encode(array("status"=>"2","info"=>L("删除失败,请检查权限!")));
}
}else{
echo json_encode(array("status"=>"0","info"=>L("文件不存在或已删除")));
}
}