我初始化变量,使用move_uploaded_file函数然后我写一个基本表单用户将用于上传他们的照片。我试图打印一个error_msg或sucess_msg,显示他们在加载文件时是否成功。没有什么东西出现了。救命!
$error_msg = "";
$success_msg = "";
$name2 = "";
if ($_POST['parse_var'] == "pic"){
if (!$_FILES['fileField']['tmp_name']) {
$error_msg = '<font color="#FF0000">ERROR: Please browse for an image before you press submit.</font>';
} else {
$maxfilesize = 51200; // 51200 bytes equals 50kb
if($_FILES['fileField']['size'] > $maxfilesize ) {
$error_msg = '<font color="#FF0000">ERROR: Your image was too large, please try again.</font>';
unlink($_FILES['fileField']['tmp_name']);
} else if (!preg_match("/\.(gif|jpg|png)$/i", $_FILES['fileField']['name'] ) ) {
$error_msg = '<font color="#FF0000">ERROR: Your image was not one of the accepted formats, please try again.</font>';
unlink($_FILES['fileField']['tmp_name']);
} else {
$newname = $id'.jpg';
$place_file = move_uploaded_file( $_FILES['fileField']['tmp_name'], "images/$id/".$newname);
$success_msg = '<font color="#009900">Your image has been updated, it may take a few minutes for the changes to show... please be patient.</font>';
}
} // close else that checks file exists
}
<table width="709" align="center" cellpadding="5">
<form action="edit_profile.php" enctype="multipart/form-data" method="post" name="pic1_form" id="pic1_form">
<!-- <tr>
<td width="125" class="style7"><div align="center"><strong>Please Do First →</strong></div></td>
</tr>-->
<tr>
<td width="16%"><?php print "$user_pic"; ?></td>
<td width="74%">
<input name="fileField" type="file" class="formFields" id="fileField" size="42" />
50 kb max
</td>
<td width="10%">
<input name="parse_var" type="hidden" value="pic" />
<input type="submit" name="button" id="button" value="Submit" />
</td>
</tr>
</form></table>
答案 0 :(得分:1)
您正在检查上传是否以错误的方式执行:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
... we're in a post situation, so check if a file was uploaded ...
if ($_FILES['fileField']['error'] !== UPLOAD_ERR_OK) {
$error_msg = "File upload failed with error code " . $_FILES['fileField']['error'];
} else {
... a file was successfully uploaded ...
... process it ...
if (!move_uploaded_file( ... )) {
$error_msg = "Failed to move file";
}
}
}
检查是否存在表单字段是检查POST是否执行的一种不好的方法。您可能忘记将该字段放入表单,名称可能会更改等等...检查REQUEST_METHOD
保证可以正常工作,因为无论正在执行何种请求,都会设置,并且始终是请求的类型(get,post,head等)。
同样,请勿使用用户提供的文件名来验证他们是否上传了图片。只需将其他类型的文件重命名为&#34; whatever.jpg&#34;即可简单地伪造这个名称。使用服务器端方法检查它是否是图像,例如FileInfo
或getimagesize()
答案 1 :(得分:1)
我认为您正在寻找的错误就是这个错误:
$newname = $id'.jpg';
你忘记了一个点,整个剧本崩溃了:
$newname = $id.'.jpg';
答案 2 :(得分:0)
我没有在该代码中看到您回显错误或成功消息的任何地方。