Php 正在插入名称,但未上载文件
我在表单中有一个上传输入字段。文件名插入到数据库中,但文件未上载到服务器,并且同一代码在同一服务器上的同一目录下不同文件中的不同查询中工作。表单设置为enctype=“多部分/表单数据” 这是它不起作用的代码Php 正在插入名称,但未上载文件,php,file-upload,Php,File Upload,我在表单中有一个上传输入字段。文件名插入到数据库中,但文件未上载到服务器,并且同一代码在同一服务器上的同一目录下不同文件中的不同查询中工作。表单设置为enctype=“多部分/表单数据” 这是它不起作用的代码 <!DOCTYPE html> <html lang="en"> <head> <?php require_once("includes/session.php"); ?> <?php require_once("includes/db
<!DOCTYPE html>
<html lang="en">
<head>
<?php require_once("includes/session.php"); ?>
<?php require_once("includes/dbc.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php confirm_logged_in(); ?>
<?php find_selected_post(); ?>
<?php
$target = "../upload/";
$target = $target . basename( $_FILES['post_photo']['name']);
if (intval($_GET['cat']) == 0) {
redirect_to('cat_posts.php');
}
include_once("includes/form_functions.php");
if (isset($_POST['submit'])) {
$errors = array();
$required_fields = array('post_title', 'position', 'visible', 'post_content');
$errors = array_merge($errors, check_required_fields($required_fields, $_POST));
$fields_with_lengths = array('post_title' => 30);
$errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST));
$category_id = mysql_prep($_GET['cat']);
$post_title = trim(mysql_prep($_POST['post_title']));
$post_content = mysql_prep($_POST['post_content']);
$post_description = mysql_prep($_POST['post_description']);
$post_keywords = mysql_prep($_POST['post_keywords']);
$post_tags = mysql_prep($_POST['post_tags']);
$post_photo =($_FILES['post_photo']['name']);
$position = mysql_prep($_POST['position']);
$visible = mysql_prep($_POST['visible']);
if (empty($errors)) {
$query = "INSERT INTO ss_posts (
post_title, post_content, post_description, post_keywords, post_tags, post_photo, position, visible, category_id
) VALUES (
'{$post_title}', '{$post_content}', '{$post_description}', '{$post_keywords}', '{$post_tags}', '{$post_photo}', {$position}, {$visible}, {$category_id}
)";
if ($result = mysql_query($query, $connection)) {
$message = "Successfully Created.";
$new_post_id = mysql_insert_id();
redirect_to("cat_posts.php?post={$new_post_id}");
} else {
$message = "The Post Could Not Be Created.";
$message .= "<br />" . mysql_error();
}
} else {
if (count($errors) == 1) {
$message = "There was 1 error in the form.";
} else {
$message = "There were " . count($errors) . " errors in the form.";
}
}
}
?>
<?php
error_reporting(E_ALL);
echo "<pre>";
print_r($_FILES);
echo "</pre>";
echo "<br/>target: " . $target;
if (!move_uploaded_file($_FILES['post_photo']['tmp_name'], $target)) {
echo "<br/>Upload failed.";
} else {
echo "<br/>Upload done.";
}
?>
<meta charset="utf-8"/>
<title>New Post - Administration Panel</title>
<script src="js/ckeditor/ckeditor.js" type="text/javascript"></script>
<link rel="stylesheet" href="js/ckeditor/sample.css">
<link rel="stylesheet" href="css/layout.css" type="text/css" media="screen" />
<link rel="stylesheet" href="css/form.css" type="text/css" media="screen" />
<link rel="stylesheet" href="css/button.css" type="text/css" media="screen" /> <!--[if lt IE 9]>
<link rel="stylesheet" href="css/ie.css" type="text/css" media="screen" />
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<script src="js/jquery-1.5.2.min.js" type="text/javascript"></script>
<script src="js/hideshow.js" type="text/javascript"></script>
<script src="js/jquery.tablesorter.min.js" type="text/javascript"></script>
<script type="text/javascript" src="js/jquery.equalHeight.js"></script>
<script type="text/javascript">
$(document).ready(function()
{
$(".tablesorter").tablesorter();
}
);
$(document).ready(function() {
//When page loads...
$(".tab_content").hide(); //Hide all content
$("ul.tabs li:first").addClass("active").show(); //Activate first tab
$(".tab_content:first").show(); //Show first tab content
//On Click Event
$("ul.tabs li").click(function() {
$("ul.tabs li").removeClass("active"); //Remove any "active" class
$(this).addClass("active"); //Add "active" class to selected tab
$(".tab_content").hide(); //Hide all tab content
var activeTab = $(this).find("a").attr("href"); //Find the href attribute value to identify the active tab + content
$(activeTab).fadeIn(); //Fade in the active ID content
return false;
});
});
</script>
<script type="text/javascript">
$(function(){
$('.column').equalHeight();
});
</script>
</head>
<body>
<header id="header">
<hgroup>
<h1 class="site_title"><a href="index.php">Administration Panel</a></h1>
<h2 class="section_title">New Post</h2><div class="btn_view_site">
<a href="../index.php">View Site</a></div>
</hgroup>
</header>
<!-- end of header bar -->
<section id="secondary_bar">
<div class="user">
<p>Hello, <?php echo $_SESSION['username']; ?> (<a href="logout.php">Logout</a>)</p>
</div>
<div class="breadcrumbs_container">
<article class="breadcrumbs"><a href="index.php">Administration Panel</a>
<div class="breadcrumb_divider"></div>
<a class="current">New Post</a></article>
</div>
</section>
<!-- end of secondary bar -->
<aside id="sidebar" class="column" style="height:160%;">
<hr/>
<h3>Pages</h3>
<ul class="toggle">
<li class="icn_new_article"><a href="new_page.php">Add a New Page</a></li>
<li class="icn_edit_article"><a href="edit_page.php">Edit/Delete a Page</a></li>
</ul>
<hr/>
<h3>Users</h3>
<ul class="toggle">
<li class="icn_add_user"><a href="add_user.php">Add New User</a></li>
<li class="icn_view_users"><a href="view_users.php">View Users</a></li>
</ul>
<hr/>
<h3>Blog</h3>
<ul class="toggle">
<li class="icn_categories"><a href="new_category.php">Create a Category</a></li>
<li class="icn_new_article"><a href="cat_posts.php">Create/Edit a Post</a></li>
<li class="icn_settings"><a href="blogwidgets.php">Home Blog Settings</a></li>
<li class="icn_settings"><a href="blogsettings.php">Blog Settings</a></li>
</ul>
<hr/>
<h3>Settings</h3>
<ul class="toggle">
<li class="icn_settings"><a href="settings.php">Settings</a></li>
<li class="icn_settings"><a href="logo.php">Site Logo</a></li>
<li class="icn_jump_back"><a href="logout.php">Logout</a></li>
</ul>
<footer>
<hr />
<p><strong>Copyright © 2013 Sky Define</strong></p>
<p>Powered by <a href="http://www.skydefine.com">Sky Define</a></p>
</br>
</br>
</footer>
</aside><!-- end of sidebar -->
<section id="main" class="column">
<?php
move_uploaded_file($_FILES['post_photo']['tmp_name'], $target);
// output a list of the fields that had errors
if (!empty($errors)) {
echo "<p class=\"errors\">";
echo "Please review the following fields:<br />";
foreach($errors as $error) {
echo " - " . $error . "<br />";
}
echo "</p>";
}
?>
<article class="module width_full">
<header><h3>New Post</h3></header>
<div class="module_content">
<h2>Adding New Post</h2>
<?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?>
<?php if (!empty($errors)) { display_errors($errors); } ?>
<div class="mws-panel grid_4">
<div class="mws-panel-header">
</div>
<div class="mws-panel-body">
<form class="mws-form" enctype="multipart/form-data" action="new_post.php?cat=<?php echo $sel_category['id']; ?>" method="post">
<div class="mws-form-inline">
<?php $new_post = true; ?>
<?php if (!isset($new_post)) {$new_post = false;} ?>
<div class="mws-form-row">
<label>Post Name:</label>
<div class="mws-form-item large">
<input type="text" name="post_title" id="post_title" class="mws-textinput" placeholder="Post Name Goes Here." />
</div>
</div>
<div class="mws-form-row">
<label>Post Description:</label>
<div class="mws-form-item large">
<input type="text" name="post_description" id="post_description" class="mws-textinput" placeholder="Post Description Goes Here." />
</div>
</div>
<div class="mws-form-row">
<label>Post Keywords:</label>
<div class="mws-form-item large">
<input type="text" name="post_keywords" id="post_keywords" class="mws-textinput" placeholder="Post Keywords Goes Here, Separated By Commas!" />
</div>
</div>
<div class="mws-form-row">
<label>Post Content:</label>
<div class="mws-form-item large">
<textarea name="post_content" id="post_content" class="ckeditor" > </textarea>
</div>
</div>
<div class="mws-form-row">
<label>Post Tags:</label>
<div class="mws-form-item large">
<input type="text" name="post_tags" id="post_tags" class="mws-textinput" placeholder="Post Tags Goes Here, Separated By Commas!" />
</div>
</div>
<div class="mws-form-row">
<label>Edit Post Photo:</label>
<div class="mws-form-item large">
<input type="file" name="post_photo" id="post_photo" />
</div>
</div>
<div class="mws-form-row">
<label>Position:</label>
<div class="mws-form-item large">
<select name="position">
<?php
if (!$new_post) {
$post_set = get_posts_for_category($sel_post['category_id']);
$post_count = mysql_num_rows($post_set);
} else {
$post_set = get_posts_for_category($sel_category['id']);
$post_count = mysql_num_rows($post_set) + 1;
}
for ($count=1; $count <= $post_count; $count++) {
echo "<option value=\"{$count}\"";
if ($sel_post['position'] == $count) { echo " selected"; }
echo ">{$count}</option>";
}
?>
</select>
</div>
</div>
<div class="mws-form-row">
<label>Visible:</label>
<div class="mws-form-item large">
<input type="radio" name="visible" value="0"<?php
if ($sel_post['visible'] == 0) { echo " checked"; }
?> /> No
<input type="radio" name="visible" value="1"<?php
if ($sel_post['visible'] == 1) { echo " checked"; }
?> /> Yes
</div>
</div>
</form>
<div class="mws-button-row">
<input type="submit" name="submit" value="Add Post" class="mws-button green" />
<a class="mws-button red" href="index.php">Cancel</a>
</div>
</div>
</div>
</div>
</article>
<div class="clear"></div>
</div>
</article><!-- end of stats article -->
<div class="spacer"></div>
</section>
</body>
</html>
$target
应该包含根路径
<?php error_reporting(E_ALL); ?>
我将尝试查找错误的方法:
使您的错误可见:
<form enctype="multipart/form-data" method="POST" action="script.php">
$target应为完整路径
检查您的HTML表单。是否添加了enctype属性
<input type="file" name="post_photo"/>
您的输入是否正确
<?php echo print_r($_FILES); ?>
$\u文件的数组内容是什么
<?php
error_reporting(E_ALL);
echo "<pre>";
print_r($_FILES);
echo "</pre>";
echo "<br/>target: " . $target;
if (!move_uploaded_file($_FILES['post_photo']['tmp_name'], $target)) {
echo "<br/>Upload failed.";
} else {
echo "<br/>Upload done."
}
?>
编辑
请让我们知道这些行返回的数据:
<form>
<input type="submit" name="submit" value="Add Post" class="mws-button green" />
</form>
编辑2(解决方案):
“提交”按钮位于表单标记之外。这就是为什么。像这样修复它:
它也不工作。您得到的错误是什么?无,顺便说一句,文件名正在插入表中,但未上载。但它使用的是更新查询而不是插入。这很奇怪。打开error\u reporting(E\u ALL)
并输入if(移动上传的文件($\u FILES['post\u photo']['tmp\u name',$target))
1。完整路径太长时不工作2。是的,我在问题中提到过。3.输入正确。我有一个新的帖子页面和编辑帖子页面。它可以在编辑文章页面上正常工作,但不能在新文章页面上正常工作。4.您所说的$\u文件数组是什么意思contents@AhmadAbuAssab如果文件已发送到脚本,它将位于$\u FILES数组中。您应该使用print_r()查看它的值。如果它不存在,您可以确定,错误在此行之前。否则错误将出现在以下行中。这只是为了检测错误位置/行。是的,如果你是这个意思,它被插入到数据库中,但没有上载。现在看一下我的答案,然后发布我添加的行所得到的结果。在我插入任何内容或提交之前,我得到这个`Array()目标:../upload/upload失败`您的脚本易受SQL注入和任意文件上载的攻击。您正在使用Wordpress?不,我正在生成脚本
<form>
<input type="submit" name="submit" value="Add Post" class="mws-button green" />
</form>