Question

我正在开发一种库，用户可以在其中上传不同的文件，然后只发布所需的文件。

当用户上传一个或多个文件时，这些文件将存储在临时文件夹中。稍后，通过填写表单，用户可以发布所选文件。一旦用户按下提交按钮，我想将文件从临时文件夹移动到用户建议的另一个文件夹。

目前，我可以创建建议的文件夹。不过，我收到“拒绝访问（代码5）”错误，文件没有出现在新文件夹中。我已经阅读了其他问题，并为htdocs（XAMPP文件夹）中的所有文件夹的所有用户添加了“读写”权限。不过，错误仍在继续出现。

我在AJAX文件中运行此脚本（如下面的JS代码所示）。

这是我的代码。希望你能帮助我，这可以帮助别人！比你

// When the form is submitted we want for the temp file to be moved to the directory chosen by the user
		$( "form" ).submit(function( event ) {
			$directory = $('#directory').val();
			$file = $('#fileid').val();
			$.ajax({

					url:'ajax/rename.php',
					type:"POST",
					data:({	directory:$directory,
							file:$file 
						}),
					success:function(data){
					//window.location.href = 'home';//redirect to the homepage
					alert(data);
				},
					error: function(xhr, status, error) {
					  var err = eval("(" + xhr.responseText + ")");
					  alert(err.Message);
					}
			});event.preventDefault();
		});

AJAX CODE

<?php

	require_once '../../app/models/DB.php';
	require_once '../../app/models/Files.php';
	require_once '../../app/init.php';
		$db= DB::getInstance();
		$files= new Files();
		$directory = $_POST['directory'];
		$file = $_POST['file'];
		if (!file_exists('../' . $directory)) {
			mkdir('../' . $directory, 0744, true);
			chmod('../'. $directory, 0777);
		}
		$currentdirectory = $db->query("SELECT path FROM file WHERE id = '$file'")->first()->path;
		rename('../' . $currentdirectory,'../' . $directory);
		$data = $db->query("UPDATE file SET path = '$directory' WHERE id = '$file'");
		

		echo('../' . $currentdirectory);
		?>

.secondaryContainer{
		margin:0 auto; width:86%;
		height:58px;
		background: linear-gradient(to bottom,#FBFBFB,#A7A6A6) #f3f3f3;
		border-radius: 5px 5px 5px 5px;
	}
	#HomesearchBar{
		float:right;
	}

	.boxHeader{
		padding:15px 15px 0px 15px ;
	}

	#headerTab{
		border-bottom:0px;
	}
	.filesBoxContent{
		background-color: #aeaeae !important;
    	border-color: #818181 !important;
    	border-radius: 5px 5px 5px 5px;
	}

	#MainPageThumbnails{
		margin-top: 15px;
	}

	#MainPageThumbnails{
		text-align:justify;
	}


	.clicked {
    border: 3px solid blue;
}
		#mainPage{
			max-width: 900px;
		}
		#mainPage h1, #mainPage h2 {
		    font-size: 28px;
		    color: #25A7DE;
		    font-weight: lighter;
		    text-align: left;
		}
		.postPage legend {
		    text-align: center;
		    background: #25A7DE;
		    color: #fff;
		    font-size: 18px;
		    padding: 4px;
		    -webkit-border-radius: 34px;
		    -moz-border-radius: 34px;
		    border-radius: 34px;
		    width: 34px;
		    height: 34px;
		}
		fieldset{
		    border-top: 1px solid #ccc;
		}

		.fileUpload {
		    position: relative;
		    overflow: hidden;
		    margin: 10px;
		}
		.fileUpload input.upload {
		    position: absolute;
		    top: 0;
		    right: 0;
		    margin: 0;
		    padding: 0;
		    font-size: 20px;
		    cursor: pointer;
		    opacity: 0;
		    filter: alpha(opacity=0);
		}

		#banner_warning{
			float:left;
		}

		.form-actions {
		    margin: 0;
		    background-color: transparent;
		    text-align: center;
		}
		/*---------Category CSS-------*/
		.subcategoryList,.categoryList {
		    border-radius: 15px;
		    background-color: white;
		    border: 1px solid #ccc;
		    padding: 5px;
		    min-height:150px;
		    max-height:150px;
		    overflow-y: auto;
		    overflow-x:hidden;
		    margin-bottom:20px !important;
		}
		.categoryList{
			float: left;
			width:49%;

		}
		.subcategoryList{
			float: right;
			width:49%;
			visibility: hidden;
		}
		.subcategoryList ul,.categoryList ul {
		  list-style-type: none;
		  margin: 0;
		  padding: 0;
		}
		.subcategory,.category {
		  text-decoration: none;
		  color: #000;
		  -webkit-transition: font-size 0.3s ease, background-color 0.3s ease;
		  -moz-transition: font-size 0.3s ease, background-color 0.3s ease;
		  -o-transition: font-size 0.3s ease, background-color 0.3s ease;
		  -ms-transition: font-size 0.3s ease, background-color 0.3s ease;
		  transition: font-size 0.3s ease, background-color 0.3s ease;
		  display: block;
		}
		.subcategory:hover,.category:hover {
		  font-size: 15px;
		  background: #f6f6f6;
		}

		.input-group{
			z-index: 0;
		}

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<!-- Form Container -->
<div id="mainPage" class="container">
	<h1>Add New Post</h1>
	<div class = "postPage">
		<form action="" method="post">
		  	<fieldset class="form-group">
		  		<legend>1</legend>
		  		<div class="input-group">
				    <span class="input-group-addon" id="basic-addon1">Title*</span>
				    <input type="text" class="form-control" name="title" id="title" aria-describedby="basic-addon1" placeholder="Enter the post title">
				</div>

				<div class="fileUpload btn btn-primary">
				    <span>Choose Banner</span>
				    <input type="file" name="banner" id="uploadBtn" class="upload" />
				</div>
				<span id="thumbnail" ></span>
				<div id="banner_warning">
					<small class="banner">Choose a banner for your post.</small>
			    </div>
				<div class="input-group">
			    	<span class="input-group-addon" id="basic-addon1">Description*</span>
			    	<textarea class="form-control" name="description" id="description" rows="10" placeholder="Type a short description for this file"></textarea>
		    	</div>
		  	</fieldset>

		  	<fieldset class="form-group">
		  		<legend>2</legend>
		  		<div class="categoryList">
				  <ul>
				  	<?php foreach($category as $item):?>
				    	<li class="category" id="<?php echo $item->id;?>"><?php echo $item->name; ?></li>
				    <?php endforeach; ?>
				  </ul>
				  <input type="hidden" name="category" id="category"/>
				</div>
				<div class="subcategoryList">
				  <ul>
				  </ul>
				  <input type="hidden" name="subcategory" id="subcategory"/>
				</div>
							  		
		  		<!-- Trigger/Open The Modal -->
		  		<div class="form-actions">
				  	<button type="button" id="myBtn" class="btn btn-default btn-lg">
					  <span class="glyphicon glyphicon-paperclip" aria-hidden="true"></span> Add Media
					</button>
				</div>
				<div class="input-group">
				    <span class="input-group-addon" id="basic-addon1">Directory</span>
				    <input type="text" class="form-control" name="directory" id="directory" aria-describedby="basic-addon1">
				    <input type="hidden" name="filename" id="filename"/>
				    <input type="hidden" name="fileid" id="fileid"/>
				</div>
			</fieldset>

			<fieldset class="form-group">
		  		<legend>3</legend>
		  		<label for="keywords"><h3>Keywords</h3></label>
		    	<textarea class="form-control" name="keywords" id="keywords" rows="3"></textarea>
		    	<small class="text-muted">Separate words by either '/' or ';'</small>
		  	</fieldset>
		  	
		  
			<!--Token will be generated here. Model Token will be called for this-->
			<input type="hidden" name = "token" value="<?php echo Token::generate(); ?>">
			<input type="submit" value="Post">	
		</form>
	</div>
</div>
<!-- End of Form Container -->

Answer 1

首先，我建议您清理用户输入：

$directory = $_POST['directory'];
$file = $_POST['file'];

后来你在SQL查询中使用$ directory，可能会给出SQL注入问题。

其次检查mkdir命令创建其新文件夹的父文件夹的所有文件/文件夹权限。

重命名文件位置AJAX PHP

1 个答案: