警告:implode():传递的参数无效

时间:2015-03-17 03:19:46

标签: php

我在这个论坛上经历了大量无效参数传递消息,我很抱歉,但没有找到任何有助于我的情况的例子。

正如您在Rasclatt的慷慨帮助下从下面的代码中看到的那样,我有几个字段名称,包括9个要上传到服务器的文件,而其余字段则提交到数据库。

当我尝试运行代码时,我得到,“警告:implode():传入的无效参数......”,它位于第94行 - INSERT语句的开头。< / p>

需要注意的一点是,在插入过程中,并非所有文件都可以一次上传。

用户可以选择上传所有文件,就像他们可以选择在插入迭代期间上传一个文件一样。

知道如何解决这个问题吗?

<?php
   error_reporting(E_ERROR | E_WARNING | E_PARSE);

 include("../Connections/Connect.php");

// this function is used to sanitize code against sql injection attack.
function ms_escape_string($data) {
        if ( !isset($data) or empty($data) ) return '';
        if ( is_numeric($data) ) return $data;

        $non_displayables = array(
            '/%0[0-8bcef]/',            // url encoded 00-08, 11, 12, 14, 15
            '/%1[0-9a-f]/',             // url encoded 16-31
            '/[\x00-\x08]/',            // 00-08
            '/\x0b/',                   // 11
            '/\x0c/',                   // 12
            '/[\x0e-\x1f]/'             // 14-31
        );
        foreach ( $non_displayables as $regex )
            $data = preg_replace( $regex, '', $data );
        $data = str_replace("'", "''", $data );
        return $data;
    }

    // You may want to add document root
    $target = $_SERVER['DOCUMENT_ROOT']."/uploads";
    // I am filtering the files incase there are empty uploads
    // You need to have the proper file input name (item)
    $_FILES['item']['tmp_name'] =   array_filter($_FILES['item']['tmp_name']);
    $_FILES['item']['name'] =   array_filter($_FILES['item']['name']);
    $_FILES['item']['type'] =   array_filter($_FILES['item']['type']);
    $_FILES['item']['size'] =   array_filter($_FILES['item']['size']);


    foreach($_FILES['item']['name'] as $i => $value ) {
            $file_name              =   $_FILES['item']['name'][$i];
            $file_size              =   $_FILES['item']['size'][$i];
            $file_tmp               =   $_FILES['item']['tmp_name'][$i];
            $file_type              =   $_FILES['item']['type'][$i];

            $bidDate                =   ms_escape_string($_POST['txtBidDate']);
            $dueDate                =   ms_escape_string($_POST['txtDueDate']);
            $dueTime                =   ms_escape_string($_POST['txtDueTime']);
            $bidTitle               =   ms_escape_string($_POST['BidTitle']);
            $bidId                  =   ms_escape_string($_POST['BidID']);
            $desc                   =   ms_escape_string($_POST['Description']);
            $dept                   =   ms_escape_string($_POST['Department']);
            $bidContact             =   ms_escape_string($_POST['BidContact']);
            $contactEmail           =   ms_escape_string($_POST['ContactEmail']);
            $contactPhone           =   ms_escape_string($_POST['ContactPhone']);
            $numBids                =   ms_escape_string($_POST['NumofBids']);
            $awardDate              =   ms_escape_string($_POST['txtAwardDate']);
            $awardrecip1            =   ms_escape_string($_POST['AwardRecip']);
            $bidType                =   ms_escape_string($_POST['BidType']);
            $lastUpdate             =   ms_escape_string($_POST['txtLastUpdate']);
            $notes                  =   ms_escape_string($_POST['Notes']);
            $status                 =   ms_escape_string($_POST['Status']);

            $sqlArr['values'][$i]   =   "'".ms_escape_string($_FILES['item']['name'][$i])."'";
            $sqlArr['columns'][$i]  =   "Addend".$i;
            $sqlArr['columns']  =   "SignInSheet";
            $sqlArr['columns']  =   "TabSheet";
            $sqlArr['columns']  =   "BidFile";
            // At this point you are only notifying user.
            // You have no code to prevent this limitation.
            if ($file_type!="application/pdf" || $file_type!="image/gif" || $file_type!="image/jpeg")
                 $echo =    'You can only upload PDFs, JPEGs or GIF files.<br>';
            // So far, this is just for notification, you haven't
            // actually done anything about this limitation
            if($file_size >  (8 * 1024 * 1024))
                $echo='File size must be less than 8 MB';

            // Makes the folder if not already made.
            if(!is_dir($target))
                mkdir($target,0755,true);

            //Writes the files to the server
            if(move_uploaded_file($_FILES['item']['tmp_name'][$i], $target."/".$file_name)) {
                //If all is ok
                echo "The file ". $file_name. " has been uploaded to the directory and records saved to the database";
            }
            else {

            //Gives and error if its not
            echo "Sorry, there was a problem uploading your file.";
            }
        }
if(isset($sqlArr['columns'])) {
    $sql="INSERT INTO bids (BidDate,DueDate,DueTime,BidTitle,BidID,Description,,'".implode("','",$sqlArr['columns'])."',Department,Xcontract,ContactEmail,ContactPhone,NumofBids,AwardDate,AwardRecip1,BidType,LastUpdate,Notes,BidStatus)
              VALUES ('$bidDate', '$dueDate','$dueTime',$bidTitle','$bidId','$desc',".implode(",",$sqlArr['values']).", '$dept','$bidContact','$contactEmail','$contactPhone','$numBids','$awardDate','$awardrecip1','$bidType','$lastUpdate','$notes',$status')" ;
    $objQuery = sqlsrv_query($conn, $sql);
    sqlsrv_close($conn);
} ?>

1 个答案:

答案 0 :(得分:1)

一个问题:

 $sqlArr['columns']  =   "SignInSheet";
 $sqlArr['columns']  =   "TabSheet";
 $sqlArr['columns']  =   "BidFile";

正在覆盖您想要的值,而不是创建数组:

 $sqlArr['columns'][]  =   "SignInSheet";
 $sqlArr['columns'][] =   "TabSheet";
 $sqlArr['columns'][]  =   "BidFile";
相关问题
最新问题