我正在为我做一件小事,从截屏应用程序上传文件到我的网络服务器(如果重要的话,ShareX,那么安全性不是很重要,但它仍然在我的脑海中)而且我有无法让上传的文件生效。系统生成一个唯一的5个字符的字母数字字符串,用于将图像保存在(la i.imgur.com/aaaaa)下,并将其存储在SQL数据库中,以便在用户查看时进行检索。该系统还可用作链接缩短器,其链接存储在该行的value列中。
上传的图片应该存储在该5字符随机名称下,并带有原始上传文件的扩展名。移动文件的名称放在value列下,以便稍后检索。
使用测试HTML表单上传文件会将以下内容放入apache错误日志中:
PHP Warning: move_uploaded_file({webroot}/i/uploads/mS1H6.png): failed to open stream: No such file or directory in {webroot}/i/index.php on line 48
PHP Warning: move_uploaded_file(): Unable to move '/tmp/phpKAoPjZ' to '{webroot}/i/uploads/mS1H6.png' in {webroot}/i/index.php on line 48
上传者文件的代码如下(该文件夹的所有传入请求都.htaccess到此文件中):
require("./uploader_settings.inc.php");
$conn = mysqli_connect($db_url,$db_user,$db_pass,$db_database);
if (mysqli_connect_errno()) {
http_response_code(500); //server error
die();
}
//handle content
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
{sanity checks}
//actually do it
$value = $_POST['value'];
$random = random_str(5);
do {
$query = mysqli_query($conn,"SELECT COUNT(*) FROM ".$db_table." WHERE shortened = '".$random."';");
if ($query != 0) {
break;
} else {
$random = random_str(5);
}
} while (true);
switch ($_POST['type']) {
case "url":
{not applicable}
case "text":
{not applicable}
case "file":
var_dump($_FILES);
$file = $_FILES['fileToUpload'];
$newfile = realpath(dirname(__FILE__))."/uploads/".$random.".".mysqli_real_escape_string($conn,pathinfo($file['name'],PATHINFO_EXTENSION));
if (!move_uploaded_file($file['tmp_name'],$newfile)) {
http_response_code(500);
echo "File error!";
die();
}
mysqli_query($conn,"INSERT INTO ".$db_table." (shortened,type,value) VALUES ('".$random."','file','".$newfile."');");
break;
}
http_response_code(200);
echo $upload_returnURL.$random;
die();
} else { //getting a URL
$query = mysqli_query($conn,"SELECT * FROM ".$db_table." WHERE shortened = '".mysqli_real_escape_string($conn,$_GET['selector'])."';");
if (mysqli_num_rows($query) > 0) {
$array = mysqli_fetch_array($query);
$value = $array['value'];
switch ($array['type']) {
case "url":
header("Location: ".$value);
die();
case "text":
break;
case "file":
fpassthru(fopen($value,"rb"));
die();
}
} else {
header("Location: ".$upload_failRedirect);
die();
}
}
感谢任何帮助,谢谢!