我希望我的脚本检查是否存在以当前登录用户命名的文件夹,如果他正在尝试上传文件。脚本将检查文件夹是否存在,然后文件将上传到具有用户名的文件夹,如果它不存在它将创建新文件并上传文件。目前我的代码是:
<?php
$result = mysql_query("SELECT user_name FROM upl_users");
$row = mysql_fetch_assoc($result);
echo $row['user_name'];
if (!securePage($_SERVER['PHP_SELF'])) {
die();
}
while ( $row = mysql_fetch_array($sql_res) ) {
$username = $row['user_name'];
$dir = "uploads/$username/";
if (!is_dir($dir)) {
mkdir($dir, 0777, true);
}
if (isset($_FILES["FileInput"]) && $_FILES["FileInput"]["error"] == UPLOAD_ERR_OK) {
// ########### Edit settings ##############
$UploadDirectory = 'uploads/$username/'; // specify upload directory ends with / (slash)
// #########################################
/*
* Note : You will run into errors or blank page if "memory_limit" or "upload_max_filesize" is set to low in "php.ini". Open "php.ini" file, and search for "memory_limit" or "upload_max_filesize" limit and set them adequately, also check "post_max_size".
*/
// check if this is an ajax request
if (!isset($_SERVER['HTTP_X_REQUESTED_WITH'])) {
die();
}
// Is file size is less than allowed size.
if ($_FILES["FileInput"]["size"] > 5242880) {
die("File size is too big!");
}
// allowed file type Server side check
switch (strtolower($_FILES['FileInput']['type'])) {
// allowed file types
case 'image/png':
case 'image/gif':
case 'image/jpeg':
case 'image/pjpeg':
case 'text/plain':
case 'text/html': // html file
case 'application/x-zip-compressed':
case 'application/pdf':
case 'application/msword':
case 'application/vnd.ms-excel':
case 'video/mp4':
break;
default:
die('Unsupported File!'); // output error
}
$File_Name = strtolower($_FILES['FileInput']['name']);
$File_Ext = substr($File_Name, strrpos($File_Name, '.')); // get file extention
$Random_Number = uniqid(); // Random number to be added to name.
$NewFileName = $Random_Number . $File_Ext; // new file name
if (move_uploaded_file($_FILES['FileInput']['tmp_name'], $UploadDirectory . $NewFileName)) {
die('Success! File Uploaded.');
} else {
die('error uploading File!');
}
} else {
die('Something wrong with upload! Is "upload_max_filesize" set correctly?');
}
}
html:
<div id='upload-wrapper'>
<div align='center'>
<h3>Ajax File Uploader</h3>
<form action='upload.php' method='post' enctype='multipart/form-data' id='MyUploadForm'>
<input name='FileInput' id='FileInput' type='file' />
<input type='submit' id='submit-btn' value='Upload' />
<img src='images/ajax-loader.gif' id='loading-img' style='display:none;' alt='Please Wait'/>
</form>
<div id='progressbox' ><div id='progressbar'></div ><div id='statustxt'>0%</div></div>
<div id='output'></div>
</div>
</div>
答案 0 :(得分:0)
首先,您应该使用uniqid()
代替rand(0, 9999999999)
。它既快又不易重复结果。
其次,在移动上传文件之前,您应该检查目录是否存在:
if (!file_exists($UploadedDirectory)) {
// 0777 makes sure all users can write to the directory
// true makes sure that any parent directories will be created if they also do not exist
mkdir('path/to/directory', 0777, true);
}
同样在你的while循环中,你切换到使用fetch_array,而不是fetch_assoc:
while($row=mysql_fetch_assoc($sql_res)) { // fetch_array returns an indexed array
$username=$row['user_name'];
替换:
$dir = "uploads/<?php echo $username; ?>/";
使用:
$dir = "uploads/$username/";
您不需要在PHP中使用PHP标记。删除$UploadDirectory
,它是重复的。
此外,您需要修复目录检查。改变它:
if (!is_dir($dir)) {
mkdir($dir, 0777, true);
}
对此:
if (!file_exists($dir)) {
mkdir($dir, 0777, true);
}
// Will only reach this conditional if $dir exists, but is not a directory.
else if (!is_dir($dir)) {
unlink($dir);
mkdir($dir, 0777, true);
}
在100%PHP文件中,删除?>
标记,您将失去意外添加PHP空格的风险。
如果要打开MySQLi连接,则需要使用MySQLi变量,而不是mysql函数:
$mysqli = new mysqli($localhost, $username, $password, $database);
$result = $mysqli->query("SELECT user_name FROM upl_users");
// This will move the internal pointer and skip the first row, we don't want that.
//$row = mysql_fetch_assoc($result);
//echo $row['user_name'];
if (!securePage($_SERVER['PHP_SELF'])) {
die();
}
while ( $row = $result->fetch_assoc() ) {
$username = $row['user_name'];
$dir = "uploads/$username/";
// ...
}