使用web服务器时,用于存储php函数中照片的文件夹的正确路径是什么?
当iOS应用程序使用afnetworking连接到基于json的php web api时,用于存储此php函数的照片的正确路径是什么使用web服务器时,用于存储php函数中照片的文件夹的正确路径是什么?,php,ios,afnetworking,lamp,Php,Ios,Afnetworking,Lamp,当iOS应用程序使用afnetworking连接到基于json的php web api时,用于存储此php函数的照片的正确路径是什么 //Entire api.php file <?php // helper function, which outputs error messages in JSON format // so that the iPhone app can read them // the function just takes in a dictionary with
//Entire api.php file
<?php
// helper function, which outputs error messages in JSON format
// so that the iPhone app can read them
// the function just takes in a dictionary with one key "error" and
// encodes it in JSON, then prints it out and then exits the program
function errorJson($msg){
print json_encode(array('error'=>$msg));
exit();
}
// register API
function register($user, $pass) {
//check if username exists in the database (inside the "login" table)
$login = query("SELECT username FROM login WHERE username='%s' limit 1", $user);
if (count($login['result'])>0) {
//the username exists, return error to the iPhone app
errorJson('Username already exists');
}
//try to insert a new row in the "login" table with the given username and password
$result = query("INSERT INTO login(username, pass) VALUES('%s','%s')", $user, $pass);
if (!$result['error']) {
//registration is susccessfull, try to also directly login the new user
login($user, $pass);
} else {
//for some database reason the registration is unsuccessfull
errorJson('Registration failed');
}
}
//login API
function login($user, $pass) {
// try to match a row in the "login" table for the given username and password
$result = query("SELECT IdUser, username FROM login WHERE username='%s' AND pass='%s' limit 1", $user, $pass);
if (count($result['result'])>0) {
// a row was found in the database for username/pass combination
// save a simple flag in the user session, so the server remembers that the user is authorized
$_SESSION['IdUser'] = $result['result'][0]['IdUser'];
// print out the JSON of the user data to the iPhone app; it looks like this:
// {IdUser:1, username: "Name"}
print json_encode($result);
} else {
// no matching username/password was found in the login table
errorJson('Authorization failed');
}
}
//upload API
function upload($id, $photoData, $title) {
// index.php passes as first parameter to this function $_SESSION['IdUser']
// $_SESSION['IdUser'] should contain the user id, if the user has already been authorized
// remember? you store the user id there in the login function
if (!$id) errorJson('Authorization required');
// check if there was no error during the file upload
if ($photoData['error']==0) {
// insert the details about the photo to the "photos" table
//1. change ok
$result = query("INSERT INTO photos(IdUser,title) VALUES('%d','%s')", $id, $title);
if (!$result['error']) {
// fetch the active connection to the database (it's initialized automatically in lib.php)
global $link;
// get the last automatically generated ID in the photos table
$IdPhoto = mysqli_insert_id($link);
// move the temporarily stored file to a convenient location
// your photo is automatically saved by PHP in a temp folder
// you need to move it over yourself to your own "upload" folder
if (move_uploaded_file($photoData['tmp_name'], "upload/".$IdPhoto.".jpg")) {
// file moved, all good, generate thumbnail
thumb("upload/".$IdPhoto.".jpg", 180);
//just print out confirmation to the iPhone app
print json_encode(array('successful'=>1));
} else {
//print out an error message to the iPhone app
errorJson('Upload on server problem');
};
} else {
errorJson('Hmm...Upload database problem.'.$result['error']);
}
} else {
errorJson('Upload malfunction');
}
}
//logout API
function logout() {
// by saving an empty array to $_SESSION you are
// effectively destroying all the user session data
// ie. the server won't "remember" anymore anything about
// the current user
$_SESSION = array();
// and to make double-sure, there's also a built-in function
// which wipes out the user session
session_destroy();
}
//stream API
//
// there are 2 ways to use the function:
// 1) don't pass any parameters - then the function will fetch all photos from the database
// 2) pass a photo id as a parameter - then the function will fetch the data of the requested photo
//
// Q: what "$IdPhoto=0" means? A: It's the PHP way to say "first param of the function is $IdPhoto,
// if there's no param sent to the function - initialize $IdPhoto with a default value of 0"
function stream($IdPhoto=0) {
if ($IdPhoto==0) {
// load the last 50 photos from the "photos" table, also join the "login" so that you can fetch the
// usernames of the photos' authors
$result = query("SELECT IdPhoto, title, l.IdUser, username FROM photos p JOIN login l ON (l.IdUser = p.IdUser) ORDER BY IdPhoto DESC LIMIT 50");
} else {
//do the same as above, but just for the photo with the given id
$result = query("SELECT IdPhoto, title, l.IdUser, username FROM photos p JOIN login l ON (l.IdUser = p.IdUser) WHERE p.IdPhoto='%d' LIMIT 1", $IdPhoto);
}
if (!$result['error']) {
// if no error occured, print out the JSON data of the
// fetched photo data
print json_encode($result);
} else {
//there was an error, print out to the iPhone app
errorJson('Photo stream is broken');
}
}
当尝试从api.php
调用upload
php函数时,应用程序通过uialert视图显示json错误
//upload API
function upload($id, $photoData, $title) {
// index.php passes as first parameter to this function $_SESSION['IdUser']
// $_SESSION['IdUser'] should contain the user id, if the user has already been authorized
// remember? you store the user id there in the login function
if (!$id) errorJson('Authorization required');
// check if there was no error during the file upload
if ($photoData['error']==0) {
// insert the details about the photo to the "photos" table
$result = query("INSERT INTO photos(IdUser,title) VALUES('%d','%s')", $id, $title, $token);
if (!$result['error']) {
// fetch the active connection to the database (it's initialized automatically in lib.php)
global $link;
// get the last automatically generated ID in the photos table
$IdPhoto = mysqli_insert_id($link);
// move the temporarily stored file to a convenient location
// your photo is automatically saved by PHP in a temp folder
// you need to move it over yourself to your own "upload" folder
if (move_uploaded_file($photoData['tmp_name'], "upload/".$IdPhoto.".jpg")) {
// file moved, all good, generate thumbnail
thumb("upload/".$IdPhoto.".jpg", 180);
//just print out confirmation to the iPhone app
print json_encode(array('successful'=>1));
} else {
//print out an error message to the iPhone app
errorJson('Upload on server problem');
};
} else {
errorJson('Hmm...Upload database problem.'.$result['error']);
}
} else {
errorJson('Upload malfunction');
}
}
api的原始作者引用了
If you set up a custom domain for this tutorial, and the API files are in the root of the
domain instead of being inside a sub-folder, set the path to an empty string.
api文件已放置在lamp服务器上的以下路径中,使用公司linode作为主机var/www/html/
。到目前为止,注册和登录功能在从应用程序调用时可以正常工作
#定义kAPIHost@“http://104.237.123.187/"
#定义kAPIPath@“”
在本地Mamp服务器上进行测试时,kAPIHost
和kAPIPath
的路径为
#define kAPIHost @"http://localhost:8888"
#define kAPIPath @"iReporter/"
.jpg
文件存储在名为upload
的文件夹中,该文件夹位于iReporter
文件夹中,该文件夹位于htdocs
中的localhost:888
上
当托管web api时,连接工作的唯一方式是将应用程序连接到的主文件放入var/www/html/
中。我尝试将上载文件夹放在同一路径中,但在运行时收到相应的UIAlert,表示存在上载故障的json错误
主持此功能的正确方式是什么
//Entire api.php file
<?php
// helper function, which outputs error messages in JSON format
// so that the iPhone app can read them
// the function just takes in a dictionary with one key "error" and
// encodes it in JSON, then prints it out and then exits the program
function errorJson($msg){
print json_encode(array('error'=>$msg));
exit();
}
// register API
function register($user, $pass) {
//check if username exists in the database (inside the "login" table)
$login = query("SELECT username FROM login WHERE username='%s' limit 1", $user);
if (count($login['result'])>0) {
//the username exists, return error to the iPhone app
errorJson('Username already exists');
}
//try to insert a new row in the "login" table with the given username and password
$result = query("INSERT INTO login(username, pass) VALUES('%s','%s')", $user, $pass);
if (!$result['error']) {
//registration is susccessfull, try to also directly login the new user
login($user, $pass);
} else {
//for some database reason the registration is unsuccessfull
errorJson('Registration failed');
}
}
//login API
function login($user, $pass) {
// try to match a row in the "login" table for the given username and password
$result = query("SELECT IdUser, username FROM login WHERE username='%s' AND pass='%s' limit 1", $user, $pass);
if (count($result['result'])>0) {
// a row was found in the database for username/pass combination
// save a simple flag in the user session, so the server remembers that the user is authorized
$_SESSION['IdUser'] = $result['result'][0]['IdUser'];
// print out the JSON of the user data to the iPhone app; it looks like this:
// {IdUser:1, username: "Name"}
print json_encode($result);
} else {
// no matching username/password was found in the login table
errorJson('Authorization failed');
}
}
//upload API
function upload($id, $photoData, $title) {
// index.php passes as first parameter to this function $_SESSION['IdUser']
// $_SESSION['IdUser'] should contain the user id, if the user has already been authorized
// remember? you store the user id there in the login function
if (!$id) errorJson('Authorization required');
// check if there was no error during the file upload
if ($photoData['error']==0) {
// insert the details about the photo to the "photos" table
//1. change ok
$result = query("INSERT INTO photos(IdUser,title) VALUES('%d','%s')", $id, $title);
if (!$result['error']) {
// fetch the active connection to the database (it's initialized automatically in lib.php)
global $link;
// get the last automatically generated ID in the photos table
$IdPhoto = mysqli_insert_id($link);
// move the temporarily stored file to a convenient location
// your photo is automatically saved by PHP in a temp folder
// you need to move it over yourself to your own "upload" folder
if (move_uploaded_file($photoData['tmp_name'], "upload/".$IdPhoto.".jpg")) {
// file moved, all good, generate thumbnail
thumb("upload/".$IdPhoto.".jpg", 180);
//just print out confirmation to the iPhone app
print json_encode(array('successful'=>1));
} else {
//print out an error message to the iPhone app
errorJson('Upload on server problem');
};
} else {
errorJson('Hmm...Upload database problem.'.$result['error']);
}
} else {
errorJson('Upload malfunction');
}
}
//logout API
function logout() {
// by saving an empty array to $_SESSION you are
// effectively destroying all the user session data
// ie. the server won't "remember" anymore anything about
// the current user
$_SESSION = array();
// and to make double-sure, there's also a built-in function
// which wipes out the user session
session_destroy();
}
//stream API
//
// there are 2 ways to use the function:
// 1) don't pass any parameters - then the function will fetch all photos from the database
// 2) pass a photo id as a parameter - then the function will fetch the data of the requested photo
//
// Q: what "$IdPhoto=0" means? A: It's the PHP way to say "first param of the function is $IdPhoto,
// if there's no param sent to the function - initialize $IdPhoto with a default value of 0"
function stream($IdPhoto=0) {
if ($IdPhoto==0) {
// load the last 50 photos from the "photos" table, also join the "login" so that you can fetch the
// usernames of the photos' authors
$result = query("SELECT IdPhoto, title, l.IdUser, username FROM photos p JOIN login l ON (l.IdUser = p.IdUser) ORDER BY IdPhoto DESC LIMIT 50");
} else {
//do the same as above, but just for the photo with the given id
$result = query("SELECT IdPhoto, title, l.IdUser, username FROM photos p JOIN login l ON (l.IdUser = p.IdUser) WHERE p.IdPhoto='%d' LIMIT 1", $IdPhoto);
}
if (!$result['error']) {
// if no error occured, print out the JSON data of the
// fetched photo data
print json_encode($result);
} else {
//there was an error, print out to the iPhone app
errorJson('Photo stream is broken');
}
}
警告:您的代码容易受到SQL注入攻击。您应该使用参数化查询和准备好的语句来帮助防止攻击者使用恶意输入值破坏您的数据库。给出了风险的解释,以及如何使用PHP/mysqli安全地编写查询的一些示例。切勿将未初始化的数据直接插入SQL。按照现在编写代码的方式,有人很容易窃取、错误地更改甚至删除您的数据。还包含使用mysqli编写安全SQL的好例子。参数化查询还将大大降低由于未转义的输入值而导致意外语法错误的风险。不管怎样,您到底看到了哪个错误?就是这个:
errorJson('Upload on server problem')代码>?请具体说明。如果你看到了这一点,你有没有试过调查为什么会发生这种情况?e、 您是否已将PHP设置为记录错误和警告,以便检查是否存在权限问题?理论上,你可以使用任何你喜欢的文件夹来存储图像。您只需确保路径正确,并且PHP具有写入权限。我们无法从代码中看到这两种情况,并且您没有提供任何调试信息。是的,它显示了errorJson('Upload on server problem')代码>错误。感谢您的回复。今天我将尝试查看错误日志。