.jpg)
dengan diberikan nikmat dan rezeki dari Allah SWT, saya Mr.Gagaltotal666 akan
berbagi kepada anda yaitu tentang Cara Membuat Multiple Upload Files
di Framework PHP Laravel dengan webserver Apache GNU/Linux.
multi upload image di framework laravel
bahan yang harus di persiapkan :
- composer
- package php 7.4 or latest version
- database Mariadb or Mysql
disini saya akan mengasih contoh upload foto dan pdf
1. Form Upload (Blade + Bootstrap 4)
di folder resources/views/upload.blade.php
<!DOCTYPE html><html lang="id"><head><meta charset="UTF-8"><title>Multiple Upload</title><link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css"></head><body><div class="container mt-5"><h4>Multiple Upload Foto & PDF</h4>@if ($errors->any())<div class="alert alert-danger"><ul class="mb-0">@foreach ($errors->all() as $error)<li>{{ $error }}</li>@endforeach</ul></div>@endif@if (session('success'))<div class="alert alert-success">{{ session('success') }}</div>@endif<form action="{{ route('upload.store') }}" method="POST" enctype="multipart/form-data">@csrf<div class="form-group"><label>Upload File (Foto / PDF)</label><input type="file"name="files[]"class="form-control"multipleaccept=".jpg,.jpeg,.png,.pdf"required><small class="text-muted">Maksimal 2MB / file. JPG, PNG, PDF saja.</small></div><button class="btn btn-primary">Upload</button></form></div></body></html>
2. di bagian Route
di folder routes/web.php
use App\Http\Controllers\UploadController;Route::get('/upload', function () {return view('upload');});Route::post('/upload', [UploadController::class, 'store'])->name('upload.store');
3. Controller (KEAMANAN + SANITIZE)
di letak folder app/Http/Controllers/UploadController.php
namespace App\Http\Controllers;use Illuminate\Http\Request;use Illuminate\Support\Str;class UploadController extends Controller{public function store(Request $request){// VALIDASI KETAT$request->validate(['files' => 'required|array','files.*' => ['required','file','max:2048', // 2MB'mimes:jpg,jpeg,png,pdf',],]);foreach ($request->file('files') as $file) {/*** 1. Cek MIME type ASLI*/$allowedMime = ['image/jpeg','image/png','application/pdf',];if (!in_array($file->getMimeType(), $allowedMime)) {abort(403, 'File tidak valid');}/*** 2. Buang metadata berbahaya (khusus image)*/if (str_starts_with($file->getMimeType(), 'image/')) {$image = imagecreatefromstring(file_get_contents($file->getRealPath()));if ($image === false) {abort(403, 'File gambar rusak');}}/*** 3. Rename file (anti double extension & shell.php.jpg)*/$extension = $file->extension(); // dari Laravel (bukan original)$safeName = Str::uuid() . '.' . $extension;/*** 4. SIMPAN DI STORAGE*/$file->storeAs('uploads',$safeName,'local' // storage/app/uploads);}return back()->with('success', 'File berhasil diupload');}}
4. Kenapa Aman dari PHP Shell / Backdoor?
- Validasi array & per file
- Validasi extension + MIME real
- Rename random (anti shell.php.jpg)
- Disimpan di storage (tidak executable)
- Tidak percaya input HTML / tamper
- Image di-decode ulang (shell di image akan rusak)
oke mungkin itu saja semoga bermanfaat....
oke mungkin itu saja semoga bermanfaat....
jika ada kesalahan dan kekurangan bisa masukan nya di komentar
Wasalamualaikum Wr.Wb....
Wasalamualaikum Wr.Wb....
.jpg&description=Cara Membuat Multiple Upload Files di Framework PHP Laravel dengan webserver Apache GNU/Linux){kind=link}
0 Comments