PHP图像上传不起作用 - 没有错误

时间:2015-08-03 23:14:20

标签: php mysqli upload

运行此脚本时,我没有收到任何错误。它正在创建所需的目录,但图像未被移动或上传。它不是世界上最好的代码,但我觉得我正在走上正确的道路,满足我的需求。我知道我仍然需要转义用户输入并将文件类型限制为仅在服务器端的图像。

有人能告诉我/告诉我如何改进这段代码吗?

require ($_SERVER['DOCUMENT_ROOT'].'/settings/global.php');
 session_start();
 $fName = $_POST['first_name'];
 $lName = $_POST['last_name'];
 $dob = $_POST['dob'];
 $dod = $_POST['dod'];
 $born = $_POST['born'];
 $image = $_FILES['image'];
 $about = $_POST['about'];
 $started = $_POST['started'];
 $company = $_POST['company'];

 $name = $lName.$fName;
 $name1 = substr($name, 0, 1); 
 $name2 = substr($name, 0, 2); 
 $name3 = substr($name, 0, 3); 
 $name4 = substr($name, 0, 4); 

  $imagePath = $_SERVER['DOCUMENT_ROOT']."/images/fallenIcons/".$name1."/".$name2."/".$name3."/".$name4."/".$name."/";

  $imageStorePath = "http://example.com/images/fallenIcons/".$name1."/".$name2."/".$name3."/".$name4."/".$name."/";


 if (!file_exists($imagePath)) {
    mkdir($imagePath, 0777, true);
}

 $filename = $_FILES["image"]["name"];
 $extension = end(explode(".", $filename));
 $newfilename = $name .".".$extension;

 $image = $imageStorePath.$newfilename;

 move_uploaded_file($_FILES[ 'image' ][ 'tmp_name' ], $imageStorePath.$newfilename);

 $mysqli=mysqli_connect(HOST,USERNAME,PASSWORD,'fallenPEVORecords');
 $query = "INSERT INTO fallenPEVOEntries (first_name,last_name,date_of_birth,date_of_death,born_in,main_image,pevo_details,year_started,worked_for,approved) 
                              VALUES 
                             ('$fName','$lName','$dob','$dod','$born','$image','$about','$started','$company','pending')";
 $result = mysqli_query($mysqli,$query)or die(mysqli_error());

 if($result) {
  header('Location: http://example.com/fallen/addFallen.php');
  echo 'true';
 }
 else{
 echo 'false';
 }

HTML:

<form action="http://example.com/scripts/php/addFallen.php" method="post">
        <ul>
              <li> 
               <label for="first_name">First Name</label>
           <input type="text" size="30"  name="first_name"/>
          </li>
          <li> 
               <label for="last_name">Last Name</label>
           <input type="text" size="30"  name="last_name"/>
          </li>
          <li> 
               <label for="dob">Date of Birth</label>
           <input type="text" size="30"  name="dob" class="datepicker">
          </li>
          <li> 
               <label for="dod">Date of Passing</label>
           <input type="text" size="30"  name="dod" class="datepicker">
          </li>
          <li> 
               <label for="born">Born In [City, State]</label>
           <input type="text" size="30"  name="born"/>
          </li>
          <li> 
               <label for="image">Image</label>
           <input type="file" name="image" enctype="multipart/form-data" accept="image/x-png, image/gif, image/jpeg"/>
          </li>
          <li> 
               <label for="about">About The PEVO</label>
           <textarea name="about" rows="8" cols="45"></textarea>
          </li>
          <li> 
               <label for="started">When did this PEVO start piloting? [Year]</label>
           <input type="text" name="started"  class="date-picker-year">
          </li>
          <li> 
               <label for="company">Company Worked For</label>
           <input type="text" name="company" size="30">
          </li>
                  <li> 
                   <label></label>
           <input type="submit" name="addFallen" value="Submit">
          </li>
          <li>
           <b>ALL SUBMISSIONS MUST BE APPROVED BY AN ADMIT BEFORE THEY APPEAR!</b>
          </li>
        </ul>
         </form>

修改 刚刚修改了扩展程序的方式

<?php 
require ($_SERVER['DOCUMENT_ROOT'].'/settings/global.php');
 session_start();
 $fName = $_POST['first_name'];
 $lName = $_POST['last_name'];
 $dob = $_POST['dob'];
 $dod = $_POST['dod'];
 $born = $_POST['born'];
 $image = $_FILES['image'];
 $about = $_POST['about'];
 $started = $_POST['started'];
 $company = $_POST['company'];

 $name = $lName.$fName;
 $name1 = substr($name, 0, 1); 
 $name2 = substr($name, 0, 2); 
 $name3 = substr($name, 0, 3); 
 $name4 = substr($name, 0, 4); 

  $imagePath = $_SERVER['DOCUMENT_ROOT']."/images/fallenIcons/".$name1."/".$name2."/".$name3."/".$name4."/".$name."/";

  $imageStorePath = "http://example.com/images/fallenIcons/".$name1."/".$name2."/".$name3."/".$name4."/".$name."/";


 if (!file_exists($imagePath)) {
    mkdir($imagePath, 0777, true);
}

 $filename = $_FILES["image"]["name"];
 $extension = pathinfo( $filename );
 $extension = ( isset( $extension[ 'extension' ] ) && trim( $extension[ 'extension' ] ) ? $extension[ 'extension' ] : '' );
 $newfilename = $name .".".$extension;

 $image = $imageStorePath.$newfilename;

 move_uploaded_file($_FILES[ 'image' ][ 'tmp_name' ], $image );

 $mysqli=mysqli_connect(HOST,USERNAME,PASSWORD,'fallenPEVORecords');
 $query = "INSERT INTO fallenPEVOEntries (first_name,last_name,date_of_birth,date_of_death,born_in,main_image,pevo_details,year_started,worked_for,approved) 
                              VALUES 
                             ('$fName','$lName','$dob','$dod','$born','$image','$about','$started','$company','pending')";
 $result = mysqli_query($mysqli,$query)or die(mysqli_error());

 if($result) {
  header('Location: http://example.com/fallen/addFallen.php');
  echo 'true';
 }
 else{
 echo 'false';
 }

1 个答案:

答案 0 :(得分:1)

move_uploaded_file()中的第一个参数是上传文件的临时文件,在这里你要给它另一个东西

move_uploaded_file($image, $imagePath.$newfilename);

应该是

move_uploaded_file($_FILES[ 'image' ][ 'tmp_name' ], $imagePath.$newfilename);
相关问题
最新问题