php 上传文件条件不工作
php upload file condition not working
我有一个访问者可以上传文件的页面,但这不是必需的,所以在我的脚本中我设置了一个条件,如果文件输入(我将其命名为 'upload')未设置或为空不要上传任何东西,文件名将等于 'file' 已存在于数据库中;否则上传它。
问题是条件不工作;即使我将输入留空,也会执行上传脚本;我知道是因为我收到了脚本中声明的消息
这是编码,谢谢
//select exercice
$ex_query = mysqli_query($link, " SELECT * FROM exercices WHERE ID = '".$exercice_ID."' ");
$exercice = mysqli_fetch_assoc($ex_query);
// --- update script if post
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_FILES["upload"]) && !empty($_FILES["upload"])){
$target_dir = "docs/";
$date_f_n = date("Y-m-d_h-i-sa");
$file_n = basename( $_FILES["upload"]["name"]);
$file_n = $date_f_n.$file_n;
$target_file = $target_dir . $file_n;
$uploadOk = 1;
$FileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if file is a actual image or fake image
$check = filesize($_FILES["upload"]["tmp_name"]);
if($check !== false) {
$uploadOk = 1;
} else {
$filesizeer = "File is not an image.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["upload"]["size"] > 5000000) {
$filesizeer = "Sorry, your file is too large.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["upload"]["tmp_name"], $target_file)) {
$upsuccess= "The file ". $file_n. " has been uploaded.";
} else {
$upfaled = "Sorry, there was an error uploading your file.";
}
}//end else upload = 0
}else{
$file_n = $exercice['file'];
}
第一个 上传必须做的事情是检查上传是否完全执行,以及上传是否成功。 $_FILES['foo'] 存在并不意味着 foo 文件上传成功。
最低限度检查:
if ($_FILES['foo']['error'] !== UPLOAD_ERR_OK) {
die("Upload failed with error code #" . $_FILES['foo']['error']);
}
甚至
if (isset($_FILES['foo']) && etc...)
如果你想严格正确的话。
如果您想允许非上传,但仍然因实际错误而失败,请检查您希望允许的特定错误代码 "ok"。错误代码在此处定义:http://php.net/manual/en/features.file-upload.errors.php
我有一个访问者可以上传文件的页面,但这不是必需的,所以在我的脚本中我设置了一个条件,如果文件输入(我将其命名为 'upload')未设置或为空不要上传任何东西,文件名将等于 'file' 已存在于数据库中;否则上传它。 问题是条件不工作;即使我将输入留空,也会执行上传脚本;我知道是因为我收到了脚本中声明的消息 这是编码,谢谢
//select exercice
$ex_query = mysqli_query($link, " SELECT * FROM exercices WHERE ID = '".$exercice_ID."' ");
$exercice = mysqli_fetch_assoc($ex_query);
// --- update script if post
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_FILES["upload"]) && !empty($_FILES["upload"])){
$target_dir = "docs/";
$date_f_n = date("Y-m-d_h-i-sa");
$file_n = basename( $_FILES["upload"]["name"]);
$file_n = $date_f_n.$file_n;
$target_file = $target_dir . $file_n;
$uploadOk = 1;
$FileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if file is a actual image or fake image
$check = filesize($_FILES["upload"]["tmp_name"]);
if($check !== false) {
$uploadOk = 1;
} else {
$filesizeer = "File is not an image.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["upload"]["size"] > 5000000) {
$filesizeer = "Sorry, your file is too large.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["upload"]["tmp_name"], $target_file)) {
$upsuccess= "The file ". $file_n. " has been uploaded.";
} else {
$upfaled = "Sorry, there was an error uploading your file.";
}
}//end else upload = 0
}else{
$file_n = $exercice['file'];
}
第一个 上传必须做的事情是检查上传是否完全执行,以及上传是否成功。 $_FILES['foo'] 存在并不意味着 foo 文件上传成功。
最低限度检查:
if ($_FILES['foo']['error'] !== UPLOAD_ERR_OK) {
die("Upload failed with error code #" . $_FILES['foo']['error']);
}
甚至
if (isset($_FILES['foo']) && etc...)
如果你想严格正确的话。
如果您想允许非上传,但仍然因实际错误而失败,请检查您希望允许的特定错误代码 "ok"。错误代码在此处定义:http://php.net/manual/en/features.file-upload.errors.php