亥 我有一个包含像这样的文件类型的表单
<tr><td> <input name="ufile[]" type="file" id="ufile[]" size="50" /></td></tr>
提交我正在调用脚本
function addRowToTable()
{
var tbl = document.getElementById('uploadTab');
var lastrow = tbl.rows.length;
var iteration = lastrow;
var row = tbl.insertRow(lastrow);
var cell2 = row.insertCell(0);
var e2 = document.createElement('input');
e2.type = 'file';
e2.name = 'ufile[]';
e2.id = 'ufile[]';
e2.size='50';
cell2.appendChild(e2);
}
此脚本在按钮上单击生成Tr ...在我的视图中生成的源工具我得到“”这样的
<tr><td><input size="50" id="ufile[]" name="ufile[]" type="file"></td></tr>
当我提交表单时,我没有在我的视图页面中获取生成的文件类型的文件名 但我得到的文件名是foe默认的那个 可能是什么问题?
我将表单发布到此页面,
<?php
//set where you want to store files
//in this example we keep file in folder upload
//$HTTP_POST_FILES['ufile']['name']; = upload file name
//for example upload file name cartoon.gif . $path will be upload/cartoon.gif
$path1= "upload/".$HTTP_POST_FILES['ufile']['name'][0];
$path2= "upload/".$HTTP_POST_FILES['ufile']['name'][1];
$path3= "upload/".$HTTP_POST_FILES['ufile']['name'][2];
$path4= "upload/".$HTTP_POST_FILES['ufile']['name'][3];
//copy file to where you want to store file
copy($HTTP_POST_FILES['ufile']['tmp_name'][0], $path1);
copy($HTTP_POST_FILES['ufile']['tmp_name'][1], $path2);
echo copy($HTTP_POST_FILES['ufile']['tmp_name'][2], $path3);
//$HTTP_POST_FILES['ufile']['name'] = file name
//$HTTP_POST_FILES['ufile']['size'] = file size
//$HTTP_POST_FILES['ufile']['type'] = type of file
echo "File Name :".$HTTP_POST_FILES['ufile']['name'][0]."<BR/>";
echo "File Size :".$HTTP_POST_FILES['ufile']['size'][0]."<BR/>";
echo "File Type :".$HTTP_POST_FILES['ufile']['type'][0]."<BR/>";
echo "<img src=\"$path1\" width=\"150\" height=\"150\">";
echo "<P>";
echo "File Name :".$HTTP_POST_FILES['ufile']['name'][1]."<BR/>";
echo "File Size :".$HTTP_POST_FILES['ufile']['size'][1]."<BR/>";
echo "File Type :".$HTTP_POST_FILES['ufile']['type'][1]."<BR/>";
echo "<img src=\"$path2\" width=\"150\" height=\"150\">";
echo "<P>";
echo "File Name :".$HTTP_POST_FILES['ufile']['name'][2]."<BR/>";
echo "File Size :".$HTTP_POST_FILES['ufile']['size'][2]."<BR/>";
echo "File Type :".$HTTP_POST_FILES['ufile']['type'][2]."<BR/>";
echo "<img src=\"$path3\" width=\"150\" height=\"150\">";
///////////////////////////////////////////////////////
// Use this code to display the error or success.
$filesize1=$HTTP_POST_FILES['ufile']['size'][0];
$filesize2=$HTTP_POST_FILES['ufile']['size'][1];
$filesize3=$HTTP_POST_FILES['ufile']['size'][2];
if($filesize1 && $filesize2 && $filesize3 != 0)
{
echo "We have recieved your files";
}
else {
echo "ERROR.....";
}
//////////////////////////////////////////////
// What files that have a problem? (if found)
if($filesize1==0) {
echo "There're something error in your first file";
echo "<BR />";
}
if($filesize2==0) {
echo "There're something error in your second file";
echo "<BR />";
}
if($filesize3==0) {
echo "There're something error in your third file";
echo "<BR />";
}
?>
编辑 这是我的数组
Array ( [ufile] => Array ( [name] => Array ( [0] => stripe.jpg [1] => stripe.jpg ) [type] => Array ( [0] => image/jpeg [1] => image/jpeg ) [tmp_name] => Array ( [0] => D:\xampp\tmp\php29A9.tmp [1] => D:\xampp\tmp\php29AA.tmp ) [error] => Array ( [0] => 0 [1] => 0 ) [size] => Array ( [0] => 8717 [1] => 8717 ) ) )
答案 0 :(得分:2)
讨厌陈述显而易见的内容,但你还记得包含enctype属性吗?
<form method="post" enctype="multipart/form-data" action="...php">
如果没有这个,你将永远不会上传文件;你只能看到文件名作为提交的值。
<input name="ufile[]" type="file" id="ufile[]" size="50" />
在id中包含方括号是无效的。选择仅包含字母数字加id的{{1}},并以字母开头。如果您需要为每个生成的元素添加.-_,请确保每次都有不同的元素。虽然据我所知你实际上没有使用任何这些ID,所以你可以很容易地省略它们。
id极度危险。用户可以在文件名中放置任何内容,包括$path1= "upload/".$HTTP_POST_FILES['ufile']['name'][0];
(上一个目录)和活动文件类型,如..。永远不要相信服务器文件系统上用户提交的文件名!要么强烈消毒它们(这比你想象的要难),或者更好的是,使用一个完全不相关的名称来存储它。
允许用户上传文件会带来很大的风险。有关进一步的讨论,请参阅this question。
.php这次以及每次将文本字符串放入HTML时,都需要在其上调用echo "File Name :".$HTTP_POST_FILES['ufile']['name'][0]."<BR/>";
。否则,字符串中的htmlspecialchars()和<字符可以包含标记,包括脚本,并且您有一个跨站点脚本的安全漏洞。
答案 1 :(得分:1)
使用Firebug的右键单击&gt; “检查元素”以确保新输入实际上是您表单的子项。否则,它将不会被发送。