Valum php AJAX上传:将文件名和路径存储到mySQL数据库中

时间:2012-07-26 20:18:05

标签: php mysql sql ajax upload

我使用的是Valum AJAX上传脚本:https://github.com/valums/file-uploader 我在如何获取存储在mySQL数据库中的文件名和路径方面遇到了麻烦。


使用php.php我看到$ pathinfo和$ filename已经

$pathinfo = pathinfo($this->file->getName());
$filename =  rawurlencode(str_replace(' ', '-', strtolower($pathinfo['filename'])));

我尝试这样做,将它存储到我的数据库中,但它似乎没有存储任何东西。

<?php require_once('../../Connections/connSQL.php'); ?>
<?php

/**
 * Handle file uploads via XMLHttpRequest
 */
class qqUploadedFileXhr {
    /**
     * Save the file to the specified path
     * @return boolean TRUE on success
     */
    function save($path) {    
        $input = fopen("php://input", "r");
        $temp = tmpfile();
        $realSize = stream_copy_to_stream($input, $temp);
        fclose($input);

        if ($realSize != $this->getSize()){            
            return false;
        }

        $target = fopen($path, "w");        
        fseek($temp, 0, SEEK_SET);
        stream_copy_to_stream($temp, $target);
        fclose($target);

        return true;
    }
    function getName() {
        return $_GET['qqfile'];
    }
    function getSize() {
        if (isset($_SERVER["CONTENT_LENGTH"])){
            return (int)$_SERVER["CONTENT_LENGTH"];            
        } else {
            throw new Exception('Getting content length is not supported.');
        }      
    }   
}

/**
 * Handle file uploads via regular form post (uses the $_FILES array)
 */
class qqUploadedFileForm {  
    /**
     * Save the file to the specified path
     * @return boolean TRUE on success
     */
    function save($path) {
        if(!move_uploaded_file($_FILES['qqfile']['tmp_name'], $path)){
            return false;
        }
        return true;
    }
    function getName() {
        return $_FILES['qqfile']['name'];
    }
    function getSize() {
        return $_FILES['qqfile']['size'];
    }
}

class qqFileUploader {
    private $allowedExtensions = array();
    private $sizeLimit = 10485760;
    private $file;

    function __construct(array $allowedExtensions = array(), $sizeLimit = 10485760){        
        $allowedExtensions = array_map("strtolower", $allowedExtensions);

        $this->allowedExtensions = $allowedExtensions;        
        $this->sizeLimit = $sizeLimit;

        $this->checkServerSettings();       

        if (isset($_GET['qqfile'])) {
            $this->file = new qqUploadedFileXhr();
        } elseif (isset($_FILES['qqfile'])) {
            $this->file = new qqUploadedFileForm();
        } else {
            $this->file = false; 
        }
    }

    private function checkServerSettings(){        
        $postSize = $this->toBytes(ini_get('post_max_size'));
        $uploadSize = $this->toBytes(ini_get('upload_max_filesize'));        

        if ($postSize < $this->sizeLimit || $uploadSize < $this->sizeLimit){
            $size = max(1, $this->sizeLimit / 1024 / 1024) . 'M';             
            die("{'error':'increase post_max_size and upload_max_filesize to $size'}");    
        }        
    }

    private function toBytes($str){
        $val = trim($str);
        $last = strtolower($str[strlen($str)-1]);
        switch($last) {
            case 'g': $val *= 1024;
            case 'm': $val *= 1024;
            case 'k': $val *= 1024;        
        }
        return $val;
    }

    /**
     * Returns array('success'=>true) or array('error'=>'error message')
     */
    function handleUpload($uploadDirectory, $replaceOldFile = FALSE){
        if (!is_writable($uploadDirectory)){
            return array('error' => "Server error. Upload directory isn't writable.");
        }

        if (!$this->file){
            return array('error' => 'No files were uploaded.');
        }

        $size = $this->file->getSize();

        if ($size == 0) {
            return array('error' => 'File is empty');
        }

        if ($size > $this->sizeLimit) {
            return array('error' => 'File is too large');
        }

        $pathinfo = pathinfo($this->file->getName());
        $filename =  rawurlencode(str_replace(' ', '-', strtolower($pathinfo['filename'])));
        //$filename = md5(uniqid());
        $ext = $pathinfo['extension'];

        if($this->allowedExtensions && !in_array(strtolower($ext), $this->allowedExtensions)){
            $these = implode(', ', $this->allowedExtensions);
            return array('error' => 'File has an invalid extension, it should be one of '. $these . '.');
        }

        if(!$replaceOldFile){
            /// don't overwrite previous files that were uploaded
            while (file_exists($uploadDirectory . $filename . '.' . $ext)) {
                $filename .= rand(10, 99);
            }
        }

        if ($this->file->save($uploadDirectory . $filename . '.' . $ext)){
            return array('success'=>true);
        } else {
            return array('error'=> 'Could not save uploaded file.' .
                'The upload was cancelled, or server error encountered');
        }

    }    
}


// list of valid extensions, ex. array("jpeg", "xml", "bmp")
$allowedExtensions = array();
// max file size in bytes
$sizeLimit = 10 * 1024 * 1024;

$uploader = new qqFileUploader($allowedExtensions, $sizeLimit);
$result = $uploader->handleUpload('uploads/');
// to pass data through iframe you will need to encode all html tags
echo htmlspecialchars(json_encode($result), ENT_NOQUOTES);

?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}


  $updateSQL = sprintf("UPDATE filefolder SET file_title=%s, file_url=%s WHERE m_id=%s",
                       GetSQLValueString($row_Recordset1['m_id'], "text"),
                       GetSQLValueString($row_Recordset1['m_id'], "text"),
                       GetSQLValueString($row_Recordset1['m_id'], "int"));

  mysql_select_db($database_connSQL, $connSQL);
  $Result1 = mysql_query($updateSQL, $connSQL) or die(mysql_error());


mysql_select_db($database_connSQL, $connSQL);
$query_Recordset1 = "SELECT *, (filefolder.file_url) AS m_file FROM member INNER JOIN filefolder ON member.m_id = filefolder.m_id";
$Recordset1 = mysql_query($query_Recordset1, $connSQL) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>

<?php
mysql_free_result($Recordset1);
?>

上传成功,只是没有存储。任何人都可以指出我的问题或提供替代解决方案吗?

非常感谢您的帮助!

最佳,

-AC

2 个答案:

答案 0 :(得分:1)

我想你的查询失败了,因为你不是单引用你在SQL查询中插入的字符串值,试试这个:

UPDATE filefolder SET file_title='%s', file_url='%s' WHERE m_id=%s

在对SQL查询进行故障排除时,它可以节省大量时间来简单地转储生成的查询字符串并直接在MySQL中尝试查看它是否已损坏。 MySQL将为您提供有关可能出错的好提示。此外,您还可以获取mysql_error信息,以了解您遇到的SQL问题。

答案 1 :(得分:1)

在网上搜索了一段时间后,我找到了解决方案:

显然,在valums脚本中有两种上传方法,qqUploadedFileXhrqqUploadedFileForm.如果您使用示例脚本,则使用默认脚本:qqUploadedFileXhr.

所以,要获取可以使用的文件信息:$ file_name = $ _GET ['qqfile'];就是这样,只是文件名。

但是,如果使用'qqUploadedFileForm',您可以获取文件信息: - $_FILES['qqfile']['name']表示文件名 - $_FILES['qqfile']['size']表示大小 - 等等

全文:

$file_name = $_GET['qqfile'];
$uploader = new qqFileUploader($allowedExtensions, $sizeLimit);
$m_id = $row_RecUser['m_id'];
$file_type = $_REQUEST['param1'];

if (strcmp($file_type,'resume') == 0) {
$result = $uploader->handleUpload('uploader/files/resume'); }
else if (strcmp($file_type,'certificates') == 0) {
$result = $uploader->handleUpload('uploader/files/certificates/'); }

    $insertSQL = sprintf("INSERT INTO filefolder (m_id, file_type, file_title) VALUES (%s, %s, %s)",
                    GetSQLValueString($m_id, "int"),
                    GetSQLValueString($file_type, "text"),
                    GetSQLValueString($file_name, "text"));