php脚本中的错误显然都来自一行代码

时间:2014-01-12 19:15:38

标签: php mysql

我遇到了PHP脚本的问题,显然是从一行中收到错误。这段代码中的顶行显然造成了相当大的麻烦:

 if (move_uploaded_file($_FILES["image"]["tmp_name"], "./upload/".$imageName)) {
    mysql_query("INSERT " .$pages. " SET inmenu='$inmenu', pagid='$pagid', title='$titlename', content='$contentname', image='$image', youtube='$youtube'")
 or die(mysql_error()); 

    header("Location: index.php"); 
 }

我在顶行代码中遇到的错误:

Warning: Unexpected character in input: ' in cms/new.php on line 131

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at cms/new.php:131) in cms/new.php on line 85

首先我认为CHmodding上传文件夹到777会解决这个错误,但显然它没有。我真的不知道该怎么做了。有人可以提供帮助吗?

包含上面小片段的完整代码块:

<?php 
     }
 session_start();
 if(!isset($_SESSION['username'])){
        header("location:login.php");
    }

 include("config.php");

 // check if the form has been submitted. If it has, start to process the form and save it to the database
 if (isset($_POST['submit']))
 { 

 //set root
 $root = getcwd ();

 // get form data, making sure it is valid
 $inmenu = mysql_real_escape_string(htmlspecialchars($_POST['inmenu']));
 $pagid = strtolower(str_replace(" ", "-", mysql_real_escape_string(htmlspecialchars($_POST['pagid']))));
 $titlename = mysql_real_escape_string(htmlspecialchars($_POST['title']));
 $contentname = mysql_real_escape_string(htmlspecialchars($_POST['contentedit']));
 $youtube = mysql_real_escape_string(htmlspecialchars($_POST['youtube'])); 

 // check to make sure both fields are entered
 if ($titlename == '' || $pagid == '')
 {
 // generate error message
 $error = 'ERROR: Please fill in all required fields!';

 // if either field is blank, display the form again
 renderForm($pagid, $titlename, $contentname, $error);
 }
 else
 {

    if(file_exists($root."/upload/".$_FILES["image"]["name"]))
    {
        $filename = explode(".",$_FILES['image']['name']);
        $randomnumber = rand(0, 10000);
        $imageName = $filename[0].$randomnumber.".".$filename[1];
    }
    else
    {
        $imageName = $_FILES['image']['name'];
    }

    $image = mysql_real_escape_string(htmlspecialchars("/upload/".$imageName));

 if (move_uploaded_file($_FILES["image"]["tmp_name"], "./upload/".$imageName)) {
 // save the data to the database
 mysql_query("INSERT " .$pages. " SET inmenu='$inmenu', pagid='$pagid', title='$titlename', content='$contentname', image='$image', youtube='$youtube'")
 or die(mysql_error()); 

 // once saved, redirect back to the view page
 header("Location: index.php"); 
 }
 else {
     // save the data to the database
 mysql_query("INSERT " .$pages. " SET inmenu='$inmenu', pagid='$pagid', title='$titlename', content='$contentname', youtube='$youtube'")
 or die(mysql_error()); 

 // once saved, redirect back to the view page
 header("Location: index.php"); 
 }
 }
 }
 else
 // if the form hasn't been submitted, display the form
 {
 renderForm('','','');
 }
?> 

1 个答案:

答案 0 :(得分:1)

使用双引号时,您只需插入PHP变量即可 试试这个:

if (move_uploaded_file($_FILES["image"]["tmp_name"], "./upload/".$imageName)) {

    $query = "INSERT " . $pages . SET inmenu=$inmenu, pagid=$pagid, title=$titlename, contenct=$contentname, image=$image, youtube=$youtube";

    mysql_query($query) or die(mysql_error()); 

    header("Location: index.php"); 
 }

另一种方式(如果你愿意)将是这样的:

if (move_uploaded_file($_FILES["image"]["tmp_name"], "./upload/".$imageName)) {
    mysql_query("INSERT " .$pages. " SET inmenu='".$inmenu."', pagid='".$pagid."',     title='".$titlename."', content='".$contentname."', image='".$image."', youtube='".$youtube."'")
 or die(mysql_error()); 

    header("Location: index.php"); 
}