Author: admin

ubuntu下用xhprof测试php程序性能 

admin PHP 暂无评论 1,984 浏览

ubuntu下用xhprof测试php程序性能

XHProf是facebook开源出来的一个php轻量级的性能分析工具,跟Xdebug类似,但性能开销更低,还可以用在生产环境中,也可以由程序开 关来控制是否进行profile。总体来说是个不错的工具,下面介绍下在ubuntu下的安装及使用过程。…

            
Read more

php上传类(安全上传类)

admin PHP 暂无评论 1,469 浏览

php上传类(安全上传类)

[php]
<?php
//php文件上传类
//author: lenix 2014.10.7<!--more-->
header("Content-Type:text/html; charset=utf-8");
date_default_timezone_set("Asia/Shanghai");

class UploadFile
{
private $imageType=["image/gif","image/jpeg","image/jpg","image/png","image/x-png","image/bmp","image/x-ms-bmp","image/pjpeg"];//图片类型
private $fileType=["application/zip","application/msexcel","application/xml","application/vnd.ms-excel","application/vnd.openxmlformats-officedocument.wordprocessingml.document","application/mspowerpoint","application/vnd.ms-powerpoint","application/pdf","application/x-shockwave-flash","application/x-rar-compressed","application/x-rar","audio/mpeg","audio/x-ms-wma","flv-application/octet-stream","audio/x-ms-wmv","video/mp4","video/x-flv","audio/x-wav","application/msword","video/mpeg"];//文件类型
private $tmpName;
private $fileName;
private $error;
private $fileSize;//上传文件大小
private $maxSize=10000000;//最大允许上传大小
private $upName;
private $upDir="uploadfile/";//上传目录

//构造函数 默认为图片上传
function __construct($upType="image")
{
$this-&gt;tmpName = $_FILES["file"]["tmp_name"];
$this-&gt;fileName …

        
Read more

apache,nginx上传目录无执行权限的设置方法

admin Nginx 暂无评论 1,611 浏览
至于为什么设置上传目录无权限这个我就不累赘了,现在比较流行的web服务有iis,apache,nginx,使用操作系统无非是windows or *nux
我们来看俩段通常对上传目录设置无权限的列子,配置如下:
复制代码代码如下:
<Directory "/var/www/upload">
<FilesMatch ".php">
Order Allow,Deny
Deny from all
</FilesMatch>
</Directory>

还有网上那个对nginx上传目录无执行权限

复制代码代码如下:
location ~ ^/upload/.*\.(php|php5)$
{
deny all;
}

这些配置表面上看起来是没什么问题的,确实在windows下可以这么说。
但是*nux就不同了,大家都是知道的*nux操作系统是区分大小写的,这里如果换成大写后缀名*.phP一类就bypasss了

这里我说下我个人的解决方法:

复制代码代码如下:
<Directory "/var/www/upload">
<FilesMatch "(?i:.php)">
        
Read more