我正在制作个人资料图片上传器,但是存在问题,我的代码/系统未检测到变量$user['username']。
查询:
$updateprofilepicture = "UPDATE users SET profilepicture = '{$target_file}' WHERE username='{$user['username']}'";
mysqli_query($mysqli, $updateprofilepicture);
echo $updateprofilepicture; ## To Check the Query
预期输出:
UPDATE用户SET profilepicture ='pictures / profile / WIN_20160628_16_59_19_Pro.jpg'WHERE username ='virtualAnon'
我收到的查询:
UPDATE用户SET profilepicture ='pictures / profile / WIN_20160628_16_59_19_Pro.jpg'WHERERE username =''
我的代码:
<?php
# Essential files, please don't erase it!
require_once("../functions.php");
require_once("../db-const.php");
?>
<?php
$id = $_SESSION['user_id'];
## connect mysql server
$mysqli = new mysqli("---confedential---", "---confedential---", "---confedential---", "---confedential---");
# check connection
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
## query database
# fetch data from mysql database
$main = $_SESSION['user_id'];
$sql = "SELECT * FROM users WHERE id ='".$id."' LIMIT 1";
if ($result = $mysqli->query($sql)) {
$user = $result->fetch_array();
} else {
echo "<p>MySQL error no {$mysqli->errno} : {$mysqli->error}</p>";
exit();
}
// update status to online
$timestamp = time();
$sql = "UPDATE users SET status={$timestamp} WHERE id={$_SESSION['user_id']}";
$result = $mysqli->query($sql);
?>
<!DOCTYPE html>
<html>
<body>
<form method="post" enctype="multipart/form-data">
Select image to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload Image" name="submit">
</form>
</body>
</html>
<br><br>
<?php
$target_dir = "pictures/profile/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
$conn = new mysqli("mysql9.000webhost.com", "a5532550_prspkt", "kirk05230912", "a5532550_data");
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 200000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
echo "<br>";
$updateprofilepicture = "UPDATE users SET profilepicture = '{$target_file}' WHERE username='{$user['username']}'";
mysqli_query($mysqli, $updateprofilepicture);
echo "Success!";
echo $updateprofilepicture;
echo "<br>";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
?>
<p> hello <?php $user['username']; ?>