I cannot imagine why should I use this function instead of a simple rename.
我无法想象为什么我应该使用这个函数而不是简单的重命名。
The manual writes:
手册写道:
move_uploaded_file
This function checks to ensure that the file designated by filename is a valid upload file (meaning that it was uploaded via PHP's HTTP POST upload mechanism). If the file is valid, it will be moved to the filename given by destination.
此函数检查以确保filename指定的文件是有效的上载文件(意味着它是通过PHP的HTTP POST上载机制上传的)。如果文件有效,它将被移动到目标给出的文件名。
This sort of check is especially important if there is any chance that anything done with uploaded files could reveal their contents to the user, or even to other users on the same system.
如果对上传文件所做的任何事情都有可能向用户或甚至同一系统上的其他用户显示其内容,则此类检查尤其重要。
Can you please write an example why is this so important?
你能写一个例子,为什么这么重要?
3 个解决方案
#1
3
Because using regular filesystem functions for this purpose might create security vulnerabilities. If you do this in your program:
因为为此目的使用常规文件系统功能可能会产生安全漏洞。如果你在你的程序中这样做:
rename($source, $destination);
and the attacker is able to control the value of $source
, they have gained the capability to rename (or move! -- rename
also moves files across directories) any file that your PHP process has access to.
并且攻击者能够控制$ source的值,他们已经获得了重命名(或移动! - 重命名也可以跨文件移动文件)PHP进程可以访问的任何文件的功能。
If they can also influence $destination
or if there is some way of gaining access to the contents of the file after it is moved they can use this vulnerability to gain access to your source code at the very least, which would usually reveal authentication credentials. And it's not difficult to imagine this happening: if you accept user uploads and make them accessible over a URL this functionality would be already built into your application.
如果它们也可以影响$ destination,或者如果有一些方法可以在移动文件后获取对文件内容的访问权限,则可以使用此漏洞至少获得对源代码的访问权限,这通常会显示身份验证凭据。并且不难想象会发生这种情况:如果您接受用户上传并通过URL访问它们,则此功能已经内置到您的应用程序中。
In general, it's a security issue that you have to think about; the _uploaded_file
functions are there to help you land in the pit of success.
一般来说,这是一个你必须考虑的安全问题; _uploaded_file功能可以帮助您降落成功。
Update (material pulled from comments):
更新(从评论中提取材料):
Modern handling of file uploads (through $_FILES
) has largely made move_uploaded_file
technically unnecessary. But don't forget that:
文件上传的现代处理(通过$ _FILES)在很大程度上使得move_uploaded_file在技术上不必要。但不要忘记:
- Technically unnecessary might still be a good idea: we are talking security, why not be extra safe?
-
move_uploaded_files
was introduced at a time where$_FILES
did not even exist and widespread usage ofregister_globals
was reality instead of a children horror story.
技术上不必要可能仍然是一个好主意:我们正在谈论安全性,为什么不安全?
move_uploaded_files是在$ _FILES甚至不存在的时候引入的,register_globals的广泛使用是现实而不是儿童恐怖故事。
#2
-1
move_uploaded_file
actually moves your uploaded file FROM tmp directory TO permanent location on your server. Yes it's important because you will have to move the file to your server at your specified location right?
move_uploaded_file实际上将您上传的文件从tmp目录移动到服务器上的永久位置。是的,这很重要,因为您必须将文件移动到指定位置的服务器吗?
Check code snippet example for move_uploaded_file
here: http://www.developphp.com/view_lesson.php?v=449
检查move_uploaded_file的代码片段示例:http://www.developphp.com/view_lesson.php?v = 449
#3
-1
You should not use rename function as rename function is used to rename an existing file with a new name. Whereas function like move_uploaded_file and copy are actually used to upload a file from tmp directory to the destination directory.
您不应使用重命名功能,因为重命名功能用于使用新名称重命名现有文件。而像move_uploaded_file和copy这样的函数实际上用于将文件从tmp目录上传到目标目录。
rename() should be used to move ordinary files, and not files uploaded through a form. The reason for this is because there is a special function, called move_uploaded_file(), which checks to make sure the file has indeed been uploaded before moving it - this stops people trying to hack your server into making private files visible. You can perform this check yourself if you like by calling the is_uploaded_file() function.
rename()应该用于移动普通文件,而不是用于通过表单上传的文件。之所以这样,是因为有一个名为move_uploaded_file()的特殊函数,它会在移动之前检查文件是否确实已上传 - 这会阻止人们试图破解您的服务器以使私有文件可见。如果您愿意,可以通过调用is_uploaded_file()函数自行执行此检查。
#1
3
Because using regular filesystem functions for this purpose might create security vulnerabilities. If you do this in your program:
因为为此目的使用常规文件系统功能可能会产生安全漏洞。如果你在你的程序中这样做:
rename($source, $destination);
and the attacker is able to control the value of $source
, they have gained the capability to rename (or move! -- rename
also moves files across directories) any file that your PHP process has access to.
并且攻击者能够控制$ source的值,他们已经获得了重命名(或移动! - 重命名也可以跨文件移动文件)PHP进程可以访问的任何文件的功能。
If they can also influence $destination
or if there is some way of gaining access to the contents of the file after it is moved they can use this vulnerability to gain access to your source code at the very least, which would usually reveal authentication credentials. And it's not difficult to imagine this happening: if you accept user uploads and make them accessible over a URL this functionality would be already built into your application.
如果它们也可以影响$ destination,或者如果有一些方法可以在移动文件后获取对文件内容的访问权限,则可以使用此漏洞至少获得对源代码的访问权限,这通常会显示身份验证凭据。并且不难想象会发生这种情况:如果您接受用户上传并通过URL访问它们,则此功能已经内置到您的应用程序中。
In general, it's a security issue that you have to think about; the _uploaded_file
functions are there to help you land in the pit of success.
一般来说,这是一个你必须考虑的安全问题; _uploaded_file功能可以帮助您降落成功。
Update (material pulled from comments):
更新(从评论中提取材料):
Modern handling of file uploads (through $_FILES
) has largely made move_uploaded_file
technically unnecessary. But don't forget that:
文件上传的现代处理(通过$ _FILES)在很大程度上使得move_uploaded_file在技术上不必要。但不要忘记:
- Technically unnecessary might still be a good idea: we are talking security, why not be extra safe?
-
move_uploaded_files
was introduced at a time where$_FILES
did not even exist and widespread usage ofregister_globals
was reality instead of a children horror story.
技术上不必要可能仍然是一个好主意:我们正在谈论安全性,为什么不安全?
move_uploaded_files是在$ _FILES甚至不存在的时候引入的,register_globals的广泛使用是现实而不是儿童恐怖故事。
#2
-1
move_uploaded_file
actually moves your uploaded file FROM tmp directory TO permanent location on your server. Yes it's important because you will have to move the file to your server at your specified location right?
move_uploaded_file实际上将您上传的文件从tmp目录移动到服务器上的永久位置。是的,这很重要,因为您必须将文件移动到指定位置的服务器吗?
Check code snippet example for move_uploaded_file
here: http://www.developphp.com/view_lesson.php?v=449
检查move_uploaded_file的代码片段示例:http://www.developphp.com/view_lesson.php?v = 449
#3
-1
You should not use rename function as rename function is used to rename an existing file with a new name. Whereas function like move_uploaded_file and copy are actually used to upload a file from tmp directory to the destination directory.
您不应使用重命名功能,因为重命名功能用于使用新名称重命名现有文件。而像move_uploaded_file和copy这样的函数实际上用于将文件从tmp目录上传到目标目录。
rename() should be used to move ordinary files, and not files uploaded through a form. The reason for this is because there is a special function, called move_uploaded_file(), which checks to make sure the file has indeed been uploaded before moving it - this stops people trying to hack your server into making private files visible. You can perform this check yourself if you like by calling the is_uploaded_file() function.
rename()应该用于移动普通文件,而不是用于通过表单上传的文件。之所以这样,是因为有一个名为move_uploaded_file()的特殊函数,它会在移动之前检查文件是否确实已上传 - 这会阻止人们试图破解您的服务器以使私有文件可见。如果您愿意,可以通过调用is_uploaded_file()函数自行执行此检查。