我有7个文件输入字段,即:
<input type="file" accept="image/*" name="imgreq1">
<input type="file" accept="image/*" name="imgreq2">
<input type="file" accept="image/*" name="imgreq3">
<input type="file" accept="image/*" name="imgreq4">
<input type="file" accept="image/*" name="imgreq5">
<input type="file" accept="image/*" name="imgreq6">
<input type="file" accept="image/*" name="imgreq7">
如果我在第一个和第二个输入字段中上传了一个文件,如何检查其他输入字段是否为空。然后提交表单,将其他字段留空?
<?php
if(isset($_POST['sumit'])){
$count = count($_FILES);
for($i = 1; $i <= $count; ++$i){
if(is_uploaded_file($_FILES['imgreq'.$i]['tmp_name']) || !file_exists($_FILES['imgreq'.$i]['tmp_name'])){
echo "$i";
// your code
}else{
//to retrieve user_id to stored in the request table in the database
$query = "SELECT * FROM dummyclients_tbl WHERE user_id = '".$_SESSION['user']."'";
if (!$result = mysql_query($query)) {
exit(mysql_error());
}
if(mysql_num_rows($result) > 0){
while($row = mysql_fetch_assoc($result)){
$sid= ''.$row['user_id'].'';
$coll=''.$row['college'].'';
$stat="Pending";
//$query="SELECT document_name FROM document_tbl WHERE document_id = '$passed_id'";
//$dn=mysql_query($query);
//$getname=mysql_fetch_assoc($dn);
//var_dump($getname);
//to analyze the contents of the image selected in filebrowser1
$image1=addslashes($_FILES['imgreq1']['tmp_name']);
$name1=addslashes($_FILES['imgreq1']['name']);
$image1=file_get_contents($image1);
$image1=base64_encode($image1);
//to analyze the contents of the image selected in filebrowser2
$image2=addslashes($_FILES['imgreq2']['tmp_name']);
$name2=addslashes($_FILES['imgreq2']['name']);
$image2=file_get_contents($image2);
$image2=base64_encode($image2);
//to analyze the contents of the image selected in filebrowser3
$image3=addslashes($_FILES['imgreq3']['tmp_name']);
$name3=addslashes($_FILES['imgreq3']['name']);
$image3=file_get_contents($image3);
$image3=base64_encode($image3);
//to analyze the contents of the image selected in filebrowser4
$image4=addslashes($_FILES['imgreq4']['tmp_name']);
$name4=addslashes($_FILES['imgreq4']['name']);
$image4=file_get_contents($image4);
$image4=base64_encode($image4);
//to analyze the contents of the image selected in filebrowser5
$image5=addslashes($_FILES['imgreq5']['tmp_name']);
$name5=addslashes($_FILES['imgreq5']['name']);
$image5=file_get_contents($image5);
$image5=base64_encode($image5);
//to analyze the contents of the image selected in filebrowser6
$image6=addslashes($_FILES['imgreq6']['tmp_name']);
$name6=addslashes($_FILES['imgreq6']['name']);
$image6=file_get_contents($image6);
$image6=base64_encode($image6);
//to analyze the contents of the image selected in filebrowser7
$image7=addslashes($_FILES['imgreq7']['tmp_name']);
$name7=addslashes($_FILES['imgreq7']['name']);
$image7=file_get_contents($image7);
$image7=base64_encode($image7);
//function nga defined sa dalum para i insert ang uploaded files sa databasess
saveimage($sid,$passed_id,$image1,$image2,$image3,$image4,$image5,$image6,$image7,$stat,$coll);
}
}
}
}
}
function saveimage($sid,$passed_id,$image1,$image2,$image3,$image4,$image5,$image6,$image7,$stat,$coll){
$con=mysql_connect("localhost","root","");
mysql_select_db("dummy",$con);
$qry="INSERT INTO request_tbl (user_id,document_id,imgreq1,imgreq2,imgreq3,imgreq4,imgreq5,imgreq6,imgreq7,request_status,college) VALUES ('$sid','$passed_id','$image1','$image2','$image3','$image4','$image5','$image6','$image7','$stat','$coll')";
$result=mysql_query($qry,$con);
if($result){
?>
<script>alert('Requirements Successfully Submitted!');</script>
<?php
}else{
?>
<script>alert('Error while submitting form!');</script>
<?php
}
}
?>
答案 0 :(得分:1)
来自OP's comment,
但你如何使用每个循环这个PHP的功能是一个很深的...
使用简单的for循环与is_uploaded_file()函数一起检查用户是否通过HTTP POST上传了文件,如下所示:
$count = count($_FILES);
for($i = 1; $i <= $count; ++$i){
if(is_uploaded_file($_FILES['imgreq'.$i]['tmp_name'])){
// user has uploaded a file
}
}
基于以下与OP的讨论,完整的解决方案将是这样的:
<?php
if(isset($_POST['sumit'])){
$count = count($_FILES);
$query = "SELECT * FROM dummyclients_tbl WHERE user_id = '".$_SESSION['user']."'";
if (!$result = mysql_query($query)) {
exit(mysql_error());
}
if(mysql_num_rows($result)){
$row = mysql_fetch_assoc($result);
$sid = $row['user_id'];
$coll =$row['college'];
$query = "INSERT INTO request_tbl (user_id,document_id,imgreq1,imgreq2,imgreq3,imgreq4,imgreq5,imgreq6,imgreq7,request_status,college) VALUES ('$sid','$passed_id'";
for($i = 1; $i <= $count; ++$i){
if(is_uploaded_file($_FILES['imgreq'.$i]['tmp_name']) && $_FILES['imgreq'.$i]['size']){
$query .= ",'" . base64_encode(file_get_contents(addslashes($_FILES['imgreq'.$i]['tmp_name']))) . "'";
}else{
$query .= ",NULL";
}
}
$query .= ",'$stat','$coll')";
saveimage($query);
}
}
function saveimage($qry){
$con = new mysqli("localhost", "root", "", "dummy");
$result=mysqli_query($con, $qry);
if($result){
?>
<script>alert('Requirements Successfully Submitted!');</script>
<?php
}else{
?>
<script>alert('Error while submitting form!');</script>
<?php
}
}
?>
作为旁注,了解prepared statement,因为它可以阻止您查询任何类型的SQL注入攻击。这是对how you can prevent SQL injection in PHP的好读。