PHP PDO 文件上传并保存到 MySQL 数据库导致模糊的文件损坏
PHP PDO file upload and save to MySQL database results in obscure file breakage
经过大量测试后,我意识到我的文件上传过程出了点问题,尽管显示了正确的文件详细信息(大小、名称、MIME 类型等),但生成的文件还是被损坏了。经过很多次测试和尝试不同的选项后,我意识到这个问题并不是我最初认为的 extraction/display 错误。在 upload/DB 插入过程中,它肯定会在某处微妙地中断。该文件被保存到具有 BINARY 属性的中型 blob MySQL 字段中。谁能告诉我处理 upload/storage 过程的代码哪里出错了?我完全没有错误。
<form action="./app.fileUpload.php?lnk=<?=$lnk?>" method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="5632000">
<label for='file'>Filename:</label> <input type="file" name="file" id="file" style="cursor: pointer;">
<input class="button" style="margin-top: 12px;" type="submit" name="submit" value="Upload" title="Upload">
</form>
<?php
if (isset($_POST['submit'])) {
$temp = explode('.', $_FILES['file']['name']);
$extn = strtolower(end($temp));
if(($extn == "doc") || ($extn == "docx") || ($extn == "pdf")) {
// Filetype is correct. Check size
if($_FILES['file']['size'] < 5632000) {
// Filesize is below maximum permitted. Add to the DB.
$mime = $_FILES['file']['type'];
$size = $_FILES['file']['size'];
$name = $_FILES['file']['name'];
$tmpf = $_FILES['file']['tmp_name'];
$file = fopen($_FILES['file']['tmp_name'], "rb");
try {
$stmt = $conn->prepare("INSERT INTO $database.appFiles (`appID`, `uaID`, `uID`, `dateUploaded`, `applicationKey`, `fileName`, `fileMime`, `fileSize`, `file`)
VALUES
(?,?,?,?,?,?,?,?,?)");
// Bind Values
$stmt->bindParam(1, $appID, PDO::PARAM_INT, 11);
$stmt->bindParam(2, $uaID, PDO::PARAM_INT, 11);
$stmt->bindParam(3, $uID, PDO::PARAM_INT, 11);
$stmt->bindParam(4, time(), PDO::PARAM_INT, 11);
$stmt->bindParam(5, $applicationKey, PDO::PARAM_STR, 8);
$stmt->bindParam(6, $name, PDO::PARAM_STR, 256);
$stmt->bindParam(7, $mime, PDO::PARAM_STR, 128);
$stmt->bindParam(8, $size, PDO::PARAM_INT, 20);
$stmt->bindParam(9, $file, PDO::PARAM_LOB);
// Execute the query
$stmt->execute();
} catch(PDOException $e) { catchMySQLerror($e->getMessage()); }
} else {
// Filesize is over our limit. Send error message
$error = "Your file is too large. Please read the instructions about file type and size, above.";
}
} else {
$error = "Your file was the incorrect type. Please read the instructions about file type and size, above.";
}
}
?>
EDIT 通过在页面顶部包含一个文件来调用数据库信息。该文件如下所示:
<?php
// DATABASE SETTINGS
$hostname = "127.0.0.1";
$username = "nameinhere";
$password = "passwordinhere";
$database = "dbnamehere";
try {
$conn = new PDO("mysql:host=$hostname; dbname=$database", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->exec("SET CHARACTER SET utf8"); // Sets encoding UTF-8
// close the database connection
//$conn = null;
} catch(PDOException $e) {
echo $e->getMessage();
}
?>
结果,我的PHP其实一点问题都没有。它被开发服务器上的设置阻止工作,并且在隐藏子域下测试时在生产服务器上没有任何代码更改的情况下完美运行。
感谢所有试图提供帮助的人。
C
经过大量测试后,我意识到我的文件上传过程出了点问题,尽管显示了正确的文件详细信息(大小、名称、MIME 类型等),但生成的文件还是被损坏了。经过很多次测试和尝试不同的选项后,我意识到这个问题并不是我最初认为的 extraction/display 错误。在 upload/DB 插入过程中,它肯定会在某处微妙地中断。该文件被保存到具有 BINARY 属性的中型 blob MySQL 字段中。谁能告诉我处理 upload/storage 过程的代码哪里出错了?我完全没有错误。
<form action="./app.fileUpload.php?lnk=<?=$lnk?>" method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="5632000">
<label for='file'>Filename:</label> <input type="file" name="file" id="file" style="cursor: pointer;">
<input class="button" style="margin-top: 12px;" type="submit" name="submit" value="Upload" title="Upload">
</form>
<?php
if (isset($_POST['submit'])) {
$temp = explode('.', $_FILES['file']['name']);
$extn = strtolower(end($temp));
if(($extn == "doc") || ($extn == "docx") || ($extn == "pdf")) {
// Filetype is correct. Check size
if($_FILES['file']['size'] < 5632000) {
// Filesize is below maximum permitted. Add to the DB.
$mime = $_FILES['file']['type'];
$size = $_FILES['file']['size'];
$name = $_FILES['file']['name'];
$tmpf = $_FILES['file']['tmp_name'];
$file = fopen($_FILES['file']['tmp_name'], "rb");
try {
$stmt = $conn->prepare("INSERT INTO $database.appFiles (`appID`, `uaID`, `uID`, `dateUploaded`, `applicationKey`, `fileName`, `fileMime`, `fileSize`, `file`)
VALUES
(?,?,?,?,?,?,?,?,?)");
// Bind Values
$stmt->bindParam(1, $appID, PDO::PARAM_INT, 11);
$stmt->bindParam(2, $uaID, PDO::PARAM_INT, 11);
$stmt->bindParam(3, $uID, PDO::PARAM_INT, 11);
$stmt->bindParam(4, time(), PDO::PARAM_INT, 11);
$stmt->bindParam(5, $applicationKey, PDO::PARAM_STR, 8);
$stmt->bindParam(6, $name, PDO::PARAM_STR, 256);
$stmt->bindParam(7, $mime, PDO::PARAM_STR, 128);
$stmt->bindParam(8, $size, PDO::PARAM_INT, 20);
$stmt->bindParam(9, $file, PDO::PARAM_LOB);
// Execute the query
$stmt->execute();
} catch(PDOException $e) { catchMySQLerror($e->getMessage()); }
} else {
// Filesize is over our limit. Send error message
$error = "Your file is too large. Please read the instructions about file type and size, above.";
}
} else {
$error = "Your file was the incorrect type. Please read the instructions about file type and size, above.";
}
}
?>
EDIT 通过在页面顶部包含一个文件来调用数据库信息。该文件如下所示:
<?php
// DATABASE SETTINGS
$hostname = "127.0.0.1";
$username = "nameinhere";
$password = "passwordinhere";
$database = "dbnamehere";
try {
$conn = new PDO("mysql:host=$hostname; dbname=$database", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->exec("SET CHARACTER SET utf8"); // Sets encoding UTF-8
// close the database connection
//$conn = null;
} catch(PDOException $e) {
echo $e->getMessage();
}
?>
结果,我的PHP其实一点问题都没有。它被开发服务器上的设置阻止工作,并且在隐藏子域下测试时在生产服务器上没有任何代码更改的情况下完美运行。
感谢所有试图提供帮助的人。
C