Php 尝试使用$#u SESSION[';bandname';]将bandname附加到mp3上载;
正在尝试附加$_会话['bandname'];一个mp3文件上传的概念 当有人上传歌曲时,会将乐队名称附加到mp3 bandname_songname.mp3(如果有意义的话)。这是到目前为止我的代码。 这行代码的问题在于我认为$aditionalnewFileName=$bandname.=“200;”。$aditionofileName;这个奇怪的部分是当我使用var_dump($bandname)时;这首歌不是乐队名,而是我正在用字符串(88)测试的歌曲“\u police.ogg_police.ogg_police.ogg_police.ogg_police.mp3_police.wav”。也许mysqli会更简单Php 尝试使用$#u SESSION[';bandname';]将bandname附加到mp3上载;,php,html,session,Php,Html,Session,正在尝试附加$_会话['bandname'];一个mp3文件上传的概念 当有人上传歌曲时,会将乐队名称附加到mp3 bandname_songname.mp3(如果有意义的话)。这是到目前为止我的代码。 这行代码的问题在于我认为$aditionalnewFileName=$bandname.=“200;”。$aditionofileName;这个奇怪的部分是当我使用var_dump($bandname)时;这首歌不是乐队名,而是我正在用字符串(88)测试的歌曲“\u police.ogg_pol
<?php
session_start();
if (isset ($_SESSION ['band_id' ]))
{
$band_id = $_SESSION ['band_id' ];
$bandname = $_SESSION ['bandname' ];
$username = $_SESSION ['username' ];
}
var_dump($_SESSION['bandname']);
ini_set( "max_execution_time", "3600" ); // sets the maximum execution
time of this script to 1 hour.
$uploads_dir = $_SERVER['DOCUMENT_ROOT'].'/mp3';
$aditiontmp_name = $_FILES['song_name']['tmp_name']; // get client
//side file tmp_name
// '/[^A-Za-z0-9\-_\'.]/', '' //$_FILES['song_name']['name']);
$aditionofileName = preg_replace('/[^A-Za-z0-9\-_\'.]/',
'',$_FILES['song_name']['name']); // get client side file name remove
the special character with preg_replace function.
// remove time() to edit name of mp3
$aditionalnewFileName = $bandname.="_".$aditionofileName; //filename
changed with current time
if ( move_uploaded_file($aditiontmp_name,
"$uploads_dir/$aditionalnewFileName")) //Move uploadedfile
{
$uploadFile = $uploads_dir."/".$aditionalnewFileName; //Uploaded file
path
$ext = pathinfo($uploads_dir."/".$aditionalnewFileName,
PATHINFO_EXTENSION); //Get the file extesion.
$uploadFilebasename = basename($uploads_dir."/".$aditionalnewFileName,
".".$ext); //Get the basename of the file without extesion.
$exName = ".mp3";
$finalFile = $uploads_dir."/".$uploadFilebasename.$exName; //Uploaded
file name changed with extesion .mp3
$encode_cmd = "/usr/bin/ffmpeg -i $uploadFile -b:a 256000 $finalFile
2>&1"; // -i means input file -b:a means bitrate 2>&1 is use for debug
command.
exec($encode_cmd,$output); //Execute an external program.
echo "<pre>";
// will echo success , for debugging we can uncomment echo
print_r($output);
// also want to add redirect to this script to send back to profile
after upload
echo "The file was uploaded";
//echo print_r($output); // Report of command excution process.
echo "</pre>";
if($ext !== 'mp3'){ // If the uploaded file mp3 which is not remove
from uploaded directory because we need to convert in to .mp3
unlink( $uploadFile );
}
//0644 vs 0777
chmod( $finalFile, 0777 ); // Set uploaded file the permission.
}
else
{
echo "Uploading failed"; //If uploding failed.
}
?>
所以过了一段时间,我决定换一种方式。我使用了mysqli,我提取了用户名和bandname,然后使用while循环used var_dump注意到bandname。在盯着我的代码看后,我发现我编辑了错误的行,所以我更改了$aditionofileName=preg_replace('/[^A-Za-z0-9-\'.]/','',$bandname。 $_文件['song_name']['name']);并将我认为是问题所在的行更改为$aditionalnewFileName=“389;”。$aditionofileName;重新加载变量并删除了。
下面是新代码
在此$aditionalnewFileName=$bandname.=“quot.
代码中,您将把内容附加到变量$bandname
中,并将$aditionalnewFileName
设置到结果中。您需要将=
更改为一个
。只尝试了一下,但仍然无法使用var\u转储($bandname);仍然输出字符串(88)“\u police.ogg_police.ogg_police.ogg_police.mp3_police.mp3_police.wav”您是否清除了会话,因为这可能在其他地方执行。我会尝试一下,看看是否工作我现在清除了会话,它只是显示NULL。这对SQL注入是开放的;使用事先准备好的陈述。数据库就是这样被删除的。
<?php
session_start();
if (isset ($_SESSION ['band_id' ]))
{
$band_id = $_SESSION ['band_id' ];
$bandname = $_SESSION ['bandname' ];
$username = $_SESSION ['username' ];
}
if (isset ($_GET ['band_id']))
{ // Yes
$showband = $_GET ['band_id'];
}
else
{ // No
echo "ID not set"; // Just show the member
}
include 'connect.php';
$sql = "SELECT * from members WHERE band_id=$showband";
$result = mysqli_query ($dbhandle, $sql);
while ($row = mysqli_fetch_array ($result))
{
$username = $row ["username" ];
$bandname = $row ["bandname" ];
}
var_dump($bandname);
ini_set( "max_execution_time", "3600" ); // sets the maximum execution time of
this script to 1 hour.
$uploads_dir = $_SERVER['DOCUMENT_ROOT'].'/mp3';
$aditiontmp_name = $_FILES['song_name']['tmp_name']; // get client side file
tmp_name
// '/[^A-Za-z0-9\-_\'.]/', '' //$_FILES['song_name']['name']);
$aditionofileName = preg_replace('/[^A-Za-z0-9\-_\'.]/', '',$bandname .
$_FILES['song_name']['name']); // get client side file name remove the special
character with preg_replace function.
// remove time() to edit name of mp3
$aditionalnewFileName = "_".$aditionofileName; //filename changed with current
time