一点背景:
我的教会网站上有Godaddy的共享窗口托管计划。虽然我讨厌Windows并将网站移动到基于Linux的服务器,但这不是我的托管帐户,所以我不能这样做。我目前正在尝试实现一个用于将布道上传到网站的GUI。我知道如何在linux服务器上执行此操作,因此我认为Windows代码类似。我遇到的一个地方是上传路径。 Godaddy服务器上的绝对路径是
D:\Hosting\5402716\html\WFBC\wacofamily.com\sermons\2014\
但是,反斜杠会转义特殊字符,所以我想我需要两个。
D:\\Hosting\\5402716\\html\\WFBC\\wacofamily.com\\sermons\\2014\\
问题:
然后我测试了上传,但是我收到了这个错误:
收到以下系统级消息:权限或相关错误将文件移至 D:托管,02716htmlWFBCwacofamily.comsermons4WFBC20130106AM.mp3
似乎PHP正在消除除\ 54和\ 201之外的所有反斜杠。根据{{3}},\ 54是逗号,\ 201未使用(或空白)。这就解释了为什么我得到了逗号,2014年的201正在消失。但它并不能解释为什么双反斜杠不会成为一个反斜杠。以下是应该上传图像的PHP脚本:
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'on');
require_once 'authorize.php';
if(!(strtolower($this_user_type) == 'admin') && !(strtolower($this_user_type) == 'administrator') && !(strtolower($this_user_type) == 'elder')) {
header('Location: /login.php?message=You%20do%20not%20have%20permission%20to%20view%20this%20page.%20%20You%20are%20a(n)%20'.$this_user_type.'.');
exit;
}
ini_set('upload_max_filesize', '20971520');
ini_set('post_max_size', '20971520');
ini_set('memory_limit', '20971520');
ini_set('max_input_time', 360);
ini_set('max_execution_time', 360);
require_once 'appConfig.php';
require_once 'databaseConnection.php';
$php_errors = array(1 => 'Maximum file size in php.ini exceeded', 2 => 'Maximum file size in HTML form exceeded', 3 => 'Only part of the file was uploaded', 4 => 'No file was selected to upload.');
$article_id = htmlentities(trim($_REQUEST['sermon_id']));
$date = htmlentities(trim($_REQUEST['date']));
$pastor = htmlentities(trim($_REQUEST['pastor']));
$title = htmlentities(trim($_REQUEST['title']));
$passage = htmlentities(trim($_REQUEST['passage']));
$folder_name = date('Y', strtotime($date));
if (!is_dir('../../sermons/'.$folder_name."/")) {
mkdir('../../sermons/'.$folder_name, 0777) or handle_error("the server couldn't upload the image you selected.", 'could not create directory');
}
$upload_dir = HOST_WWW_ROOT.'sermons\\'.$folder_name.'\\';
$image_fieldname = "sermon_mp3";
($_FILES[$image_fieldname]['error'] == 0) or handle_error("the server couldn't upload the image you selected.", $php_errors[$_FILES[$image_fieldname]['error']]);
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name']) or handle_error("you were trying to do something naughty. Shame on you!", "Uploaded request: file named '{$_FILES[$image_fieldname]['tmp_name']}'");
$upload_filename = $upload_dir.$_FILES[$image_fieldname]['name'];
@move_uploaded_file($_FILES[$image_fieldname]['tmp_name'], $upload_filename) or handle_error("we had a problem saving your image to its permanent location.", "permissions or related error moving file to {$upload_filename}");
if ($article_id) {
$stmt = $mysqli->prepare("UPDATE `wfbcsermons`.`sermons` SET `date`=?, `pastor`=?, `sermon`=?, `book`=?, `chapter`=?, `end_chapter`=?, `start_verse`=?, `end_verse`=?, `path`=? WHERE `id`=?;") or handle_error("There was a problem updating the database.", "prepare failed :".htmlspecialchars($mysqli->error));
$stmt->bind_param('sssssssssi', $sermon_date, $sermon_pastor, $sermon_title, $book, $chapter, $end_chapter, $start_verse, $end_verse, $sermon_path, $id) or handle_error("There was a problem updating the database.", "bind_param failed :".htmlspecialchars($stmt->error));
$sermon_date = $date;
$sermon_pastor = $pastor;
$sermon_title = $title;
$passage_pieces = explode(" ", $passage);
$book = $passage_pieces[0];
$number_pieces = explode("-", $passage_pieces[1]);
$start_pieces = explode(":", $number_pieces[0]);
$chapter = $start_pieces[0];
$start_verse = $start_pieces[1];
$end_pieces = explode(":", $number_pieces[1]);
$end_chapter = $start_pieces[0];
$end_verse = $start_pieces[1];
$sermon_path = 'http://www.wacofamily.com/sermons/'.$folder_name.'/'.$_FILES[$image_fieldname]['name'];
$id = $sermon_id;
$stmt->execute() or handle_error("There was a problem updating the database.", "execute failed :".htmlspecialchars($stmt->error));
}
else {
$stmt = $mysqli->prepare("INSERT INTO `wfbcsermons`.`sermons` (`date`, `pastor`, `sermon`, `book`, `chapter`, `end_chapter`, `start_verse`, `end_verse`, `path`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);") or handle_error("There was a problem updating the database.", "prepare failed :".htmlspecialchars($mysqli->error));
$stmt->bind_param('sssssssssi', $sermon_date, $sermon_pastor, $sermon_title, $book, $chapter, $end_chapter, $start_verse, $end_verse, $sermon_path) or handle_error("There was a problem updating the database.", "bind_param failed :".htmlspecialchars($stmt->error));
$sermon_date = $date;
$sermon_pastor = $pastor;
$sermon_title = $title;
$passage_pieces = explode(" ", $passage);
$book = $passage_pieces[0];
$number_pieces = explode("-", $passage_pieces[1]);
$start_pieces = explode(":", $number_pieces[0]);
$chapter = $start_pieces[0];
$start_verse = $start_pieces[1];
$end_pieces = explode(":", $number_pieces[1]);
$end_chapter = $start_pieces[0];
$end_verse = $start_pieces[1];
$sermon_path = 'http://www.wacofamily.com/sermons/'.$folder_name.'/'.$_FILES[$image_fieldname]['name'];
$stmt->execute() or handle_error("There was a problem updating the database.", "execute failed :".htmlspecialchars($stmt->error));
}
$stmt->close();
$mysqli->close();
header("Location: ../../admin.php");
exit();
?>
这是定义HOST_WWW_ROOT的app_config.php:
<?php
define("DEBUG_MODE", true);
define("SITE_ROOT", "http://www.wacofamily.com/");
define("DATABASE_HOST", "wfbcsermons.db.5402716.hostedresource.com");
define("DATABASE_USERNAME", "**********");
define("DATABASE_PASSWORD", "**********");
define("DATABASE_NAME", "wfbcsermons");
define("HOST_WWW_ROOT", "D:\\Hosting\\5402716\\html\\WFBC\\wacofamily.com\\");
function js_redirect($url, $seconds=0) {
echo "<script language=\"JavaScript\">\n";
echo "<!-- hide from old browser\n\n";
echo "function redirect() {\n";
echo "window.location = \"" . $url . "\";\n";
echo "}\n\n";
echo "timer = setTimeout('redirect()', '" . ($seconds*1000) . "');\n\n";
echo "-->\n";
echo "</script>\n";
return true;
}
function handle_error($user_error_message, $system_error_message) {
js_redirect('http://www.wacofamily.com/error.php?error_message='.$user_error_message.'&system_error_message='.$system_error_message, 0);
exit();
}
function debug_print($message) {
if (DEBUG_MODE) {
echo $message;
}
}
?>
我尝试了什么:
我尝试过以下字符串:
四个反斜杠(如正则表达式):
define("HOST_WWW_ROOT", "D:\\\\Hosting\\\\5402716\\\\html\\\\WFBC\\\\wacofamily.com\\\\");
单引号内的单反斜杠:
define("HOST_WWW_ROOT", 'D:\Hosting\5402716\html\WFBC\wacofamily.com\\');
使用\,这是反斜杠的HTML字符代码:
define("HOST_WWW_ROOT", "D:\Hosting\5402716\html\WFBC\wacofamily.com\");
使用\134,它应该是反斜杠的八进制序列
define("HOST_WWW_ROOT", "D:\134Hosting\1345402716\134html\134WFBC\134wacofamily.com\134");
使用正斜杠this site说:
define("HOST_WWW_ROOT", "D:/Hosting/402716/html/WFBC/wacofamily.com/");
使用DIRECTORY_SEPARATOR作为Machavity建议:
define("HOST_WWW_ROOT", "D:".DIRECTORY_SEPARATOR."Hosting".DIRECTORY_SEPARATOR ."402716".DIRECTORY_SEPARATOR ."html".DIRECTORY_SEPARATOR ."WFBC".DIRECTORY_SEPARATOR ."wacofamily.com".DIRECTORY_SEPARATOR );
当然还有双反斜杠
define("HOST_WWW_ROOT", "D:\\Hosting\\5402716\\html\\WFBC\\wacofamily.com\\");
我对创建上传路径所涉及的所有字符串进行了这些更改。我只包含HOST_WWW_ROOT定义以节省空间。
正如SirNarsh提醒我的那样,如果我回应我正在使用的路径,那么反斜杠看起来就好了。但是,当我将路径传递给move_uploaded_file函数时,就会出现问题。
答案 0 :(得分:0)
你应该使用stripslashes()来读取数据
答案 1 :(得分:0)
好的,我明白了,现在我感到愚蠢。我最终使用了正斜杠。之前没有工作的原因是权限(我认为我检查过)没有设置让我写。所以,对于有此问题的其他人: