下面是提交文字和/或上传图片的表格代码
<form id="comments" action="insertcomment.php" method="POST" enctype="multipart/form-data">
Comment: <input type="text" name="comment" id="commentfield">
<br>
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
Image URL (Limit: 1MB): <input type="file" name="image">
<br>
<input type="submit" name="submit" value="Post comment" class="btn btn-primary">
</form>
当用户点击提交按钮时,它将转到此PHP脚本
<?php
include('../c_database.php');
$timeSet = date_default_timezone_set("Europe/London");
$User = $_COOKIE['username'];
$comments = mysqli_real_escape_string($dbc, $_REQUEST['comment']);
$time = date(DATE_RFC822);
if($_FILES['image']['size'] <= 1048576){
$allowedExts = array("jpg", "jpeg", "gif", "png", "bmp", "tiff", "xtiff");
$extension = end(explode(".", $_FILES["image"]["name"]));
if ((($_FILES["image"]["type"] == "image/gif")
|| ($_FILES["image"]["type"] == "image/jpeg")
|| ($_FILES["new_image"]["type"] == "image/png")
|| ($_FILES["image"]["type"] == "image/pjpeg"))
|| ($_FILES["image"]["type"] == "image/bmp"))
&& in_array($extension, $allowedExts))
{
if ($_FILES["image"]["error"] > 0) {
$error_message = $_FILES["image"]["error"];
} else {
if (file_exists("images/" . $_FILES["image"]["name"]))
{
$error_message = $_FILES["image"]["name"] . " " . $LANG['image_exist'];
} else {
if(move_uploaded_file($_FILES["image"]["tmp_name"], "images/" . $_FILES["image"]["name"])) {
// success
$image_name = $_FILES["image"]["name"];
} else {
$error_message = "Upload Failed!";
}
}
}
} else {
$error_message = "Error: May be different ext or size";
}
}
$imagepath = 'images/'. $_FILES["image"]["name"];
$commentQuery = "INSERT INTO comments (username, comments, time_added, imagepath) VALUES ('$User' ,'$comments' ,'$time' ,'$imagepath')";
$executeCommentQuery = mysqli_query($dbc, $commentQuery);
if($executeCommentQuery){
$user = $_COOKIE['username'];
$commentsMadeUpdate = "UPDATE login SET Comments_Made = Comments_Made +1 WHERE Username='$user'";
$executeUpdateQuery = mysqli_query($dbc, $commentsMadeUpdate);
echo '<!DOCTYPE html>
<html>
<head>
<title>Comment</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.3.0/jquery.mobile-1.3.0.min.css" />
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="http://code.jquery.com/mobile/1.3.0/jquery.mobile-1.3.0.min.js"> </script>
</head>
<body>';
echo 'Comment and/or image uploaded successfully';
echo '<script>location.href="comments.php"</script>';
echo '
</body>
</html>';
} else {
echo '<!DOCTYPE html>
<html>
<head>
<title>Comment</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.3.0/jquery.mobile-1.3.0.min.css" />
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="http://code.jquery.com/mobile/1.3.0/jquery.mobile-1.3.0.min.js"> </script>
</head>
<body>';
printf("Errormessage: %s\n", mysqli_error($dbc));
echo '
</body>
</html>';
}
?>
此代码应插入注释,并将上传的图像移动到images文件夹并将图像路径存储在数据库中,但是当用户单击提交时,他们的注释会被插入而不是图像路径而图像不在temp中文件夹或图像文件夹,有人能告诉我哪里出错了?
答案 0 :(得分:1)
由于可能的拼写错误,可能永远不会触发最高级别的条件,即检查文件类型:$ _FILES [“new_image”] [“type”]
应该是:$ _FILES ['image'] ['type']?
您还应该考虑捕获数据库操作的异常:
mysqli_query(..) or trigger_error(mysqli_error($dbc));