Question

<?php

if(isset($_POST["submit-post"])){
    $desc = $_POST['description'];
    if (strpos($desc, "'") !== false) {
        $desc = str_replace("'", "_", $desc);
    }
    $sql_home = "INSERT INTO home (description) VALUES ('$desc');";
    if($conn->query($sql_home) === TRUE){ echo "<br>Great!<br>"; }
    else{ echo("<br>Nope!<br> "); }
    $uploaddir = $_SERVER['DOCUMENT_ROOT']. '/imgs/home/';
    $uploadfile = $uploaddir . basename($_FILES['image']['name']);
    if (move_uploaded_file($_FILES['image']['tmp_name'], $uploadfile)) {
        echo "File is valid, and was successfully uploaded. <br>";
    } else {
        echo "Possible file upload attack! <br>";
        echo "$uploadfile <br>";
    }
    echo '<br>Here is some more debugging info: ';
    print_r($_FILES);
    echo "<br>";
    error_reporting(-1); ini_set("display_errors", true); //?
}

?>

每当我尝试上传图片（.jpg）时，都会显示＆＃34; 可能的文件上传攻击！＆＃34;。救命。给我两个警告：

Warning: move_uploaded_file(/var/www/html/imgs/home/calcetto.jpg): failed to open stream: Permission denied in /var/www/html/admin/db/manage.php on line 199
Warning: move_uploaded_file(): Unable to move '/tmp/phpGvLsAC' to '/var/www/html/imgs/home/calcetto.jpg' in /var/www/html/admin/db/manage.php on line 199

请注意：

我尝试了绝对路径和相对路径;
php.ini：file_uploads = On
我复制并粘贴了来自php.net的代码
此文件为/var/www/html/admin/db/manage.php
要上传的图片位于：/var/www/html/imgs/home

这是html：

<form action="" method="post" enctype="multipart/form-data">
    <textarea name='description' placeholder='Image description'></textarea><br>
    <input type="file" name="image"><br><br>
    <input type='submit' name='submit-post' value='Upload'></input>
</form>

Answer 1

我正在写评论中的答案。

请通过PHP错误报告检查错误

写一下

error_reporting(-1);
ini_set("display_errors", true);

您需要检查上传目录的权限，如果你有子目录，那么你需要对两个目录都有写权限

您可以通过以下命令更改权限-R也将更新子目录的权限

chmod -R 777 uploaddirectory

PHP：没有上传图片

1 个答案: