我试图在某个目录上传文件。该目录记录在数据库中。但是,代码无法读取$_FILES我每次尝试上传文件时都会获得空值。但是其他输入数据被记录到数据库中。发生的事情是我无法在数据库中记录文件的名称,只是空白。
if(isset($_POST['btn-upload'])){
$record_title = $_POST['record_title'];
$record_recieved_date_time = $_POST['record_recieved_date_time'];
$record_checked_date_time = $_POST['record_checked_date_time'];
$record_approved_date_time = $_POST['record_approved_date_time'];
$record_status = $_POST['record_status'];
$record_remarks = $_POST['record_remarks'];
$record_type = $_POST['record_type'];
$file = $_FILES['file']['name'];
$sql = "INSERT INTO records (record_id , record_title , record_recieved_date_time , record_checked_date_time , record_approved_date_time , record_status ,record_remarks , file , record_type)
VALUES (NULL, '$record_title' , '$record_recieved_date_time','$record_checked_date_time','$record_approved_date_time' , '$record_status ' , '$record_remarks' , '$file' , '1')";
if (mysqli_query($dbconfig, $sql)) {
header('Location:memberAWP.php');
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($dbconfig);
}
}
这是Form,我在bootstrap的帮助下使用modal
<form method="post" action="" enctype="multipart/form-data name="loginform" class="form-horizontal">
<div class="form-group">
<label class="control-label col-sm-2" for="record_title"> TITLE </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_title" name = "record_title" placeholder="Enter Title">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_recieved_date_time"> RECIEVED DATE / TIME </label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_recieved_date_time" name = "record_recieved_date_time" placeholder="Enter RECIEVED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_checked_date_time"> CHECKED DATE / TIME </label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_checked_date_time" name = "record_checked_date_time" placeholder="Enter CHECKED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_approved_date_time"> APPROVED DATE / TIME</label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_approved_date_time" name = "record_approved_date_time" placeholder="Enter APPROVED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_status"> STATUS </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_status" name = "record_status" placeholder="Enter STATUS">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_remarks"> REMARKS </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_remarks" name = "record_remarks" placeholder="Enter REMARKS">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="file"> ATTACHMENTS </label>
<div class="col-sm-10">
<input type="file" class="form-control" id="file" name="file" placeholder="Enter ATTACHMENTS">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" name="submit" value="submit" class="btn btn-default">Submit</button>
</div>
</div>
</form>
答案 0 :(得分:0)
if( isset( $_POST['btn-upload'], $_FILES['file'] ) ){
/*
The sql is vulnerable to sql injection as you directly embed variables within the sql
rather than using `prepared statements` so some extra care ought to be taken with the supplied
data, perhaps use:
filter_input( INPUT_POST, 'record_title', FILTER_SANITIZE_STRING );
*/
$record_title = $_POST['record_title'];
$record_recieved_date_time = $_POST['record_recieved_date_time'];
$record_checked_date_time = $_POST['record_checked_date_time'];
$record_approved_date_time = $_POST['record_approved_date_time'];
$record_status = $_POST['record_status'];
$record_remarks = $_POST['record_remarks'];
$record_type = $_POST['record_type'];
/*
Access the uploaded file as an object for simplicity
and use the values for saving the file etc
*/
$obj=(object)$_FILES['file'];
$file = $obj->name;
$size = $obj->size;
$tmp = $obj->tmp_name;
$type = $obj->type;
$error= $obj->error;
if( is_uploaded_file( $tmp ) && $error == UPLOAD_ERR_OK ){
/* determine the location the file should be saved to */
$destination = '/path/to/folder/' . $file;
/* Save the file */
$result = move_uploaded_file( $tmp, $destination );
/* Proceed with the sql command if the file was saved OK */
if( $result ){
$sql = "INSERT INTO records ( `record_title`, `record_recieved_date_time`, `record_checked_date_time`, `record_approved_date_time`, `record_status`, `record_remarks`, `file`, `record_type`)
VALUES ( '$record_title', '$record_recieved_date_time', '$record_checked_date_time', '$record_approved_date_time', '$record_status', '$record_remarks', '$file', '1' )";
$result = mysqli_query( $dbconfig, $sql );
if( $result )header('Location:memberAWP.php');
else echo "Error: " . $sql . "<br>" . mysqli_error($dbconfig);
}
}
}
正如评论中指出的那样,确保表单具有正确的enctype属性集 - 对于文件上传,它应该是enctype='multipart/form-data'
除非您使用move_uploaded_file()函数,否则文件将在垃圾收集删除之前在tmp目录中保留一段有限时间,并且对文件的引用(在db中)将不再有效
答案 1 :(得分:0)
在处理文件上传时,您应该了解一些基本知识。
1)您应该在表单中定义加密类型,例如
<form action="demo_post_enctype.asp" method="post" enctype="multipart/form-data">
2)接下来,您必须使用move_uploaded_file(源,目标)功能才能上传文件。
答案 2 :(得分:0)
document.getElementById('#top1').style.width = '100px';
document.getElementById('#top2').style.width = '200px';
document.getElementById('#top3').style.width = '300px';
document.getElementById('#top4').style.width = '100px';
尝试此代码后更改html代码
<form method="post" enctype="multipart/form-data" name="loginform" class="form-horizontal">
<div class="form-group">
<label class="control-label col-sm-2" for="record_title"> TITLE </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_title" name = "record_title" placeholder="Enter Title">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_recieved_date_time"> RECIEVED DATE / TIME </label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_recieved_date_time" name = "record_recieved_date_time" placeholder="Enter RECIEVED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_checked_date_time"> CHECKED DATE / TIME </label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_checked_date_time" name = "record_checked_date_time" placeholder="Enter CHECKED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_approved_date_time"> APPROVED DATE / TIME</label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_approved_date_time" name = "record_approved_date_time" placeholder="Enter APPROVED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_status"> STATUS </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_status" name = "record_status" placeholder="Enter STATUS">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_remarks"> REMARKS </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_remarks" name = "record_remarks" placeholder="Enter REMARKS">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="file"> ATTACHMENTS </label>
<div class="col-sm-10">
<input type="file" class="form-control" id="file" name="file" placeholder="Enter ATTACHMENTS">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" name="btn-upload" value="submit" class="btn btn-default">Submit</button>
</div>
</div>
</form>
试试这段代码
答案 3 :(得分:0)
首先转到项目文件夹并创建一个名为“uploads”的新文件夹。尝试以下代码。如果文件上传成功完成,您可以在我们使用echo成功的IF块中编写查询。但首先试试这个。我希望这个对你有用。
<?php
if(isset($_POST['submit'])){
$record_title = $_POST['record_title'];
$record_recieved_date_time = $_POST['record_recieved_date_time'];
$record_checked_date_time = $_POST['record_checked_date_time'];
$record_approved_date_time = $_POST['record_approved_date_time'];
$record_status = $_POST['record_status'];
$record_remarks = $_POST['record_remarks'];
$record_type = $_POST['record_type'];
$file = $_FILES['file']['name'];
$target_dir = "uploads/";
$path = $target_dir.$file;
$tmp = $_FILES['file']['tmp_name'];
if(move_uploaded_file($tmp,$path))
{
echo "File successfully uploaded";
}
else
echo "file did not upload";
}
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<form method="post" action="" enctype="multipart/form-data" name="loginform" class="form-horizontal">
<div class="form-group">
<label class="control-label col-sm-2" for="record_title"> TITLE </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_title" name = "record_title" placeholder="Enter Title">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_recieved_date_time"> RECIEVED DATE / TIME </label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_recieved_date_time" name = "record_recieved_date_time" placeholder="Enter RECIEVED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_checked_date_time"> CHECKED DATE / TIME </label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_checked_date_time" name = "record_checked_date_time" placeholder="Enter CHECKED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_approved_date_time"> APPROVED DATE / TIME</label>
<div class="col-sm-10">
<input type="datetime-local" class="form-control" id="record_approved_date_time" name = "record_approved_date_time" placeholder="Enter APPROVED DATE / TIME">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_status"> STATUS </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_status" name = "record_status" placeholder="Enter STATUS">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="record_remarks"> REMARKS </label>
<div class="col-sm-10">
<input type="text" class="form-control" id="record_remarks" name = "record_remarks" placeholder="Enter REMARKS">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="file"> ATTACHMENTS </label>
<div class="col-sm-10">
<input type="file" class="form-control" id="file" name="file" placeholder="Enter ATTACHMENTS">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" name="submit" value="submit" class="btn btn-default">Submit</button>
</div>
</div>
</form>
</body>
</html>