问题描述

我有一个cURL上传，从PHP 5.5升级到5.6后失败：

I've got a cURL upload that fails after upgrading from PHP 5.5 to 5.6:

$aPost = array(
    'file' => "@".$localFile,
    'default_file' => 'html_version.html',
    'expiration' => (2*31*24*60*60)
)

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $apiurl);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_BUFFERSIZE, 128);
curl_setopt($ch, CURLOPT_POSTFIELDS, $aPost);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$sResponse = curl_exec ($ch);

目标系统上的文件似乎为空。

The file seems to be empty on the target system.

推荐答案

实际上，我在启动问题时找到了答案。 PHP 5.5中包含curl中的一个新变量： CURLOPT_SAFE_UPLOAD 在PHP 5.5中默认设置为 false 在PHP 5.6中切换到默认值 true 。

Actually I found the answer while starting the question. There is a new Variable included with curl in PHP 5.5: CURLOPT_SAFE_UPLOAD this is set to false by default in PHP 5.5 and is switched to a default of true in PHP 5.6.

这将阻止@上传修饰符工作出于安全原因 - 用户输入可能包含恶意上传请求。您可以使用 CURLFile 类上传文件，而将 CURLOPT_SAFE_UPLOAD 设置为 true 或（如果您确定您的变量是安全的，您可以手动将 CURLOPT_SAFE_UPLOAD 切换为 false ：

This will prevent the '@' upload modifier from working for security reasons - user input could contain malicious upload requests. You can use the CURLFile class to upload files while CURLOPT_SAFE_UPLOAD is set to true or (if you're sure your variables are safe you can switch the CURLOPT_SAFE_UPLOAD to false manually):

 curl_setopt($ch, CURLOPT_SAFE_UPLOAD, false);

这里有一个信息来源，让我在正确的方向搜索：

Here's a source for the information that got me searching in the right direction: http://comments.gmane.org/gmane.comp.php.devel/87521

更改的函数中也提到了：
但不是在向后不兼容的更改，真的让我关闭...

It's mentioned in the changed functions too: http://php.net/manual/en/migration56.changed-functions.phpBut not in the backward incompatible changes, really tripped me off...

这篇关于cURL文件上传在从PHP 5.5升级到5.6后不再工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！