Fatal编程技术网
  • php/
  • Php 尝试使用$#u SESSION[';bandname';]将bandname附加到mp3上载;

Php 尝试使用$#u SESSION[';bandname';]将bandname附加到mp3上载;

php html session

Php 尝试使用$#u SESSION[';bandname';]将bandname附加到mp3上载;,php,html,session,Php,Html,Session,正在尝试附加$_会话['bandname'];一个mp3文件上传的概念 当有人上传歌曲时,会将乐队名称附加到mp3 bandname_songname.mp3(如果有意义的话)。这是到目前为止我的代码。 这行代码的问题在于我认为$aditionalnewFileName=$bandname.=“200;”。$aditionofileName;这个奇怪的部分是当我使用var_dump($bandname)时;这首歌不是乐队名,而是我正在用字符串(88)测试的歌曲“\u police.ogg_pol

正在尝试附加$_会话['bandname'];一个mp3文件上传的概念 当有人上传歌曲时,会将乐队名称附加到mp3 bandname_songname.mp3(如果有意义的话)。这是到目前为止我的代码。 这行代码的问题在于我认为$aditionalnewFileName=$bandname.=“200;”。$aditionofileName;这个奇怪的部分是当我使用var_dump($bandname)时;这首歌不是乐队名,而是我正在用字符串(88)测试的歌曲“\u police.ogg_police.ogg_police.ogg_police.ogg_police.mp3_police.wav”。也许mysqli会更简单

<?php
session_start();
if (isset      ($_SESSION ['band_id'  ]))
{
$band_id  = $_SESSION ['band_id'  ];
$bandname = $_SESSION ['bandname' ];
$username = $_SESSION ['username' ];
}
var_dump($_SESSION['bandname']);

ini_set( "max_execution_time", "3600" ); // sets the maximum execution 
time of this script to 1 hour.

$uploads_dir     = $_SERVER['DOCUMENT_ROOT'].'/mp3';

$aditiontmp_name = $_FILES['song_name']['tmp_name']; // get client 
//side file tmp_name 
// '/[^A-Za-z0-9\-_\'.]/', ''   //$_FILES['song_name']['name']);
$aditionofileName  = preg_replace('/[^A-Za-z0-9\-_\'.]/', 
'',$_FILES['song_name']['name']); // get client side file name remove 
the special character with preg_replace function.

// remove time() to edit name of mp3
$aditionalnewFileName = $bandname.="_".$aditionofileName; //filename 
changed with current time

if ( move_uploaded_file($aditiontmp_name, 
"$uploads_dir/$aditionalnewFileName")) //Move uploadedfile
{

$uploadFile = $uploads_dir."/".$aditionalnewFileName; //Uploaded file 
path

 $ext = pathinfo($uploads_dir."/".$aditionalnewFileName, 
 PATHINFO_EXTENSION); //Get the file extesion.

$uploadFilebasename = basename($uploads_dir."/".$aditionalnewFileName, 
".".$ext); //Get the basename of the file without extesion.

$exName = ".mp3";

$finalFile = $uploads_dir."/".$uploadFilebasename.$exName; //Uploaded 
file name changed with extesion .mp3

$encode_cmd = "/usr/bin/ffmpeg -i $uploadFile -b:a 256000 $finalFile 
2>&1"; // -i means input file -b:a means bitrate 2>&1 is use for debug 
command.

exec($encode_cmd,$output); //Execute an external program.

echo "<pre>";
// will echo success , for debugging we can uncomment echo 
print_r($output);

// also want to add redirect to this script to send back to profile 
after upload

echo "The file was uploaded";

//echo print_r($output); //  Report of command excution process.

            echo "</pre>";

if($ext !== 'mp3'){ // If the uploaded file mp3 which is not remove 
from uploaded directory because we need to convert in to .mp3
unlink( $uploadFile );
}

 //0644 vs 0777
chmod( $finalFile, 0777 ); // Set uploaded file the permission.


 }
 else
{
echo "Uploading failed"; //If uploding failed.
}

?>
所以过了一段时间,我决定换一种方式。我使用了mysqli,我提取了用户名和bandname,然后使用while循环used var_dump注意到bandname。在盯着我的代码看后,我发现我编辑了错误的行,所以我更改了$aditionofileName=preg_replace('/[^A-Za-z0-9-\'.]/','',$bandname。 $_文件['song_name']['name']);并将我认为是问题所在的行更改为$aditionalnewFileName=“389;”。$aditionofileName;重新加载变量并删除了。
下面是新代码

在此
$aditionalnewFileName=$bandname.=“quot.
代码中,您将把内容附加到变量
$bandname
中,并将
$aditionalnewFileName
设置到结果中。您需要将
=
更改为一个
。只尝试了一下,但仍然无法使用var\u转储($bandname);仍然输出字符串(88)“\u police.ogg_police.ogg_police.ogg_police.mp3_police.mp3_police.wav”您是否清除了会话,因为这可能在其他地方执行。我会尝试一下,看看是否工作我现在清除了会话,它只是显示NULL。这对SQL注入是开放的;使用事先准备好的陈述。数据库就是这样被删除的。

<?php
session_start();

if (isset      ($_SESSION ['band_id'  ]))
{
$band_id  = $_SESSION ['band_id'  ];
$bandname = $_SESSION ['bandname' ];
$username = $_SESSION ['username' ];
}

if (isset      ($_GET ['band_id']))
{                               // Yes
$showband = $_GET ['band_id'];
}
else
{                               // No
  echo "ID not set";       // Just show the member 
}

include 'connect.php';

$sql     = "SELECT * from members WHERE band_id=$showband";

$result  = mysqli_query ($dbhandle, $sql);

while ($row = mysqli_fetch_array ($result))
{
$username = $row ["username"    ];
$bandname = $row ["bandname"    ];
}

var_dump($bandname);

ini_set( "max_execution_time", "3600" ); // sets the maximum execution time of 
this script to 1 hour.

$uploads_dir     = $_SERVER['DOCUMENT_ROOT'].'/mp3';

$aditiontmp_name = $_FILES['song_name']['tmp_name']; // get client side file 
tmp_name 
// '/[^A-Za-z0-9\-_\'.]/', ''   //$_FILES['song_name']['name']);
$aditionofileName  = preg_replace('/[^A-Za-z0-9\-_\'.]/', '',$bandname . 
$_FILES['song_name']['name']); // get client side file name remove the special 
character with preg_replace function.

// remove time() to edit name of mp3
$aditionalnewFileName = "_".$aditionofileName; //filename changed with current 
time