用户无法在PHP中发布或上载图片
当用户发布图片时,用户无法发布该图片,因为它显示 抱歉,只允许使用JPG、JPEG、PNG和GIF文件。抱歉,您的文件未上载 当用户上载有效图片或有效文件时 代码:用户无法在PHP中发布或上载图片,php,mysqli,image-uploading,Php,Mysqli,Image Uploading,当用户发布图片时,用户无法发布该图片,因为它显示 抱歉,只允许使用JPG、JPEG、PNG和GIF文件。抱歉,您的文件未上载 当用户上载有效图片或有效文件时 代码: <?php # Essential files, please don't erase it! require_once("../functions.php"); require_once("../db-const.php"); session_start(); $id = $_SESSION['user_
<?php
# Essential files, please don't erase it!
require_once("../functions.php");
require_once("../db-const.php");
session_start();
$id = $_SESSION['user_id'];
## connect mysql server
$mysqli = new mysqli(localhost, root, "", loginsecure);
# check connection
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
## query database
# fetch data from mysql database
$main = $_SESSION['user_id'];
$sql = "SELECT * FROM users WHERE id ='".$id."' LIMIT 1";
if ($result = $mysqli->query($sql)) {
$user = $result->fetch_array();
} else {
echo "<p>MySQL error no {$mysqli->errno} : {$mysqli->error}</p>";
exit();
}
?>
<?php
$conn = new mysqli(localhost, root, "", loginsecure);
$fname = $_POST['first_name'];
$lname = $_POST['last_name'];
$email = $_POST['email'];
$usrdescription = $_POST['user_description'];
$usrlgusrnm = $_POST['user_league-username'];
$usrgrnusrm = $_POST['user_garena-username'];
$profilepicture = $_POST['user_profile-picture'];
$fnamesql = "UPDATE users SET first_name = '$fname' WHERE username='{$user['username']}'";
$lnamesql = "UPDATE users SET last_name = '$lname' WHERE username='{$user['username']}'";
$emailsql = "UPDATE users SET email = '$email' WHERE username='{$user['username']}'";
$usrdescriptionsql = "UPDATE users SET user_description = '{$usrdescription}' WHERE username='{$user['username']}'";
$usrlgusrnmsql = "UPDATE users SET leagueusername = '{$usrlgusrnm}' WHERE username='{$user['username']}'";
$usrgrnusrmsql = "UPDATE users SET garenausername = '{$usrgrnusrm}' WHERE username='{$user['username']}'";
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Update Information | Prospekt | Under Construction</title>
</head>
<body>
<h1> Update Your Personal Information </h1>
<form method="post" name="first_name">
<input type="text" name="first_name" placeholder="First Name to Modify"><br>
<input type="submit" value="Submit">
</form>
<form method="post" name="last_name">
<input type="text" name="last_name" placeholder="Last Name to Modify"><br>
<input type="submit" value="Submit">
</form>
<form method="post" name="email">
<input type="text" name="email" placeholder="Email to Modify"><br>
<input type="submit" value="Submit">
</form>
<form method="post" name="user_description">
<input type="text" name="user_description" placeholder="Description to Modify"><br>
<input type="submit" value="Submit">
</form>
<form method="post" name="user_league-username">
<input type="text" name="user_league-username" placeholder="League of Legends Summoner Name to Modify" maxlength="16"><br>
<input type="submit" value="Submit">
</form>
<form method="post" name="user_garena-username">
<input type="text" name="user_garena-username" placeholder="Garena Username to Modify" maxlength="16"><br>
<input type="submit" value="Submit">
</form>
<form method="post" enctype="multipart/form-data" name="profilepicturex">
Select image to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload Image">
</form>
<br>
<?php
if(isset($_POST["first_name"])){
echo "{$user['username']} First Name is Changed! <br>";
mysqli_query($conn, $fnamesql);
}
?>
<?php
if(isset($_POST["last_name"])){
echo "{$user['username']} Last Name is Changed! <br>";
mysqli_query($conn, $lnamesql);
}
?>
<?php
if(isset($_POST["email"])){
echo "{$user['username']} Email is Changed! <br>";
mysqli_query($conn, $emailsql);
}
?>
<?php
if(isset($_POST["user_description"])){
echo "{$user['username']} Description is Changed! <br>";
mysqli_query($conn, $usrdescriptionsql);
}
?>
<?php
if(isset($_POST["user_league-username"])){
echo "{$user['username']} League of Legends Summoner Name is Changed! <br>";
mysqli_query($conn, $usrlgusrnmsql);
}
?>
<?php
if(isset($_POST["user_garena-username"])){
echo "{$user['username']} Garena Username is Changed! <br>";
mysqli_query($conn, $usrgrnusrmsql);
}
?>
<?php
if(isset($_POST["profilepicture"])){
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
$conn = new mysqli(localhost, root, "", loginsecure);
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 200000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
echo $imageFileType;
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
echo "<br>";
$updateprofilepicture = "UPDATE users SET profilepicture = '{$target_file}' WHERE username='{$user['username']}'";
mysqli_query($mysqli, $updateprofilepicture);
echo $updateprofilepicture;
echo "<br>";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
?>
</body>
</html>
看起来似乎在尝试在if()
块中使用它之前,$imageFileType
尚未设置
您可以使用类似的方式找到文件扩展名(这是air代码,请先检查)
在if()
块中使用它之前,您似乎没有设置$imageFileType
。是的,我没有设置该变量,这是我的错。谢谢您的帮助:-)将此作为答案发布,我会检查它。PS-您应该过滤您的帖子输入$variable=filter\u input(input\u POST,'variable',filter\u SANITIZE\u STRING)
等等。是的,我会给它添加一些卫生设施,比如strip\u标签等等。。。这只是“测试版”,所以我正在测试它。
$fileToUploadName = $_FILES['fileToUpload']['name'];
$imageFile = pathinfo($fileToUploadName);
$imageFileType = $imageFile['extension'];