<?php require("contains/connsql.php"); ?> <?php include("chku.php"); ?> <?php $sgssql="select top 1 * from grade_setting where grade=".$_SESSION['ugrade']; $rssgs=mssql_query($sgssql, $conn) or die(mssql_get_last_message ()); if ($row_rssgs=mssql_fetch_assoc($rssgs)) {
} $ctlsql="select count(filesize) as ts,sum(filesize) as ss from bbs_img where uid=".$_SESSION['uid']; $rsctl=mssql_query($ctlsql, $conn) or die(mssql_get_last_message ()); if ($row_rsctl=mssql_fetch_assoc($rsctl)) {
TO: monsterbaby(monsterbaby) $_FILES['userfile']['tmp_name']和$_FILES['userfile']['name']有什么区别啊??......................................................... $_FILES['userfile']['name']客户端机器文件的原名称 $_FILES['userfile']['tmp_name']文件被上传后在服务端储存的临时文件名
<?php include("chku.php"); ?>
<?php
$sgssql="select top 1 * from grade_setting where grade=".$_SESSION['ugrade'];
$rssgs=mssql_query($sgssql, $conn) or die(mssql_get_last_message ());
if ($row_rssgs=mssql_fetch_assoc($rssgs))
{
}
$ctlsql="select count(filesize) as ts,sum(filesize) as ss from bbs_img where uid=".$_SESSION['uid'];
$rsctl=mssql_query($ctlsql, $conn) or die(mssql_get_last_message ());
if ($row_rsctl=mssql_fetch_assoc($rsctl))
{
}
if (isset($_FILES['imgfile']))
{
$msg="";
$ct=0;
$ufile="";
if (is_array($_FILES['imgfile']['name'])){
for ($i=0;$i<count($_FILES['imgfile']['name']);$i++)
{
$ct++;
$ft=$_FILES['imgfile']['type'][$i];
$fn=$_FILES['imgfile']['name'][$i];
$fs=$_FILES['imgfile']['size'][$i];
$flag=true;
if ($ft!="image/gif"&&$ft!="image/jpg"&&$ft!="image/png"&&$ft!="image/pjpeg")
{
$msg.=$i."上传的文件类型不被支持!Mime类型:".$ft."。源文件名:".$fn."。\\n ";
$flag=false;
}
$fxt=strtolower(substr($fn,strrpos($fn,".")+1));
if ($fxt!="gif"&&$fxt!="jpg"&&$fxt!="png")
{
$msg.=$i."上传的文件类型不被支持!扩展名:".$fxt."。源文件名:".$fn."。\\n ";
$flag=false;
}
switch ($_FILES['imgfile']['type'][$i])
{
case "image/gif":
$fxt="gif";
break;
case "image/png":
$fxt="png";
break;
case "image/pjpeg":
$fxt="jpg";
break;
default:
$fxt="jpg";
}
if ($flag)
{
$fns="u_upload/".date("Ymdhis")."_".$ct."_".$_SESSION['uid'].".".$fxt;
#error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
#echo $_FILES['imgfile']['name'][$i]."-->".$_FILES['imgfile']['tmp_name'][$i]."-->".$_FILES['imgfile']['type'][$i]."-->".$fn."<br>";
if (move_uploaded_file($_FILES['imgfile']['tmp_name'][$i],$fns))
{
$usql="insert into bbs_img(filefp,uid,filesize,ip) values('".$fns."',".$_SESSION['uid'].",".$fs.",'".$HTTP_SERVER_VARS['REMOTE_ADDR']."')";
mssql_query($usql, $conn) or die(mssql_get_last_message ().$usql);
$msg.=$fn."上传成功!大小:".$fs."字节。\\n ";
$ufile.="\\n";
}else
{
$msg.=$fn."上传失败!大小:".$fs."字节。\\n ";
}
}
}
}else
{
$ft=$_FILES['imgfile']['type'];
$fn=$_FILES['imgfile']['name'];
$fs=$_FILES['imgfile']['size'];
$flag=true;
if ($ft!="image/gif"&&$ft!="image/jpg"&&$ft!="image/png"&&$ft!="image/pjpeg")
{
$msg.=$i."上传的文件类型不被支持!Mime类型:".$ft."。源文件名:".$fn."。\\n ";
$flag=false;
}
$fxt=strtolower(substr($fn,strrpos($fn,".")+1));
if ($fxt!="gif"&&$fxt!="jpg"&&$fxt!="png")
{
$msg.=$i."上传的文件类型不被支持!扩展名:".$fxt."。源文件名:".$fn."。\\n ";
$flag=false;
}
switch ($_FILES['imgfile']['type'])
{
case "image/gif":
$fxt="gif";
break;
case "image/png":
$fxt="png";
break;
case "image/pjpeg":
$fxt="jpg";
break;
default:
$fxt="jpg";
}
if ($flag)
{
$fns="u_upload/".date("Ymdhis")."_".$ct."_".$_SESSION['uid'].".".$fxt;
#error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
#echo $_FILES['imgfile']['name'][$i]."-->".$_FILES['imgfile']['tmp_name'][$i]."-->".$_FILES['imgfile']['type'][$i]."-->".$fn."<br>";
if (move_uploaded_file($_FILES['imgfile']['tmp_name'],$fns))
{
$usql="insert into bbs_img(filefp,uid,filesize,ip) values('".$fns."',".$_SESSION['uid'].",".$fs.",'".$HTTP_SERVER_VARS['REMOTE_ADDR']."')";
mssql_query($usql, $conn) or die(mssql_get_last_message ().$usql);
$msg.=$fn."上传成功!大小:".$fs."字节。\\n ";
$ufile.="\\n";
}else
{
$msg.=$fn."上传失败!大小:".$fs."字节。\\n ";
}
}
}
?>
<script language="javascript">
alert("上传操作完毕!\n <?php echo $msg ?>")
opener.form1.cont.value+="<?php echo $ufile ?>"
window.close();
</script>
<?php
}elseif(isset($_POST['imgurl']))
{
$iurl="";
?>
<script language="javascript">
opener.form1.cont.value+="<?php echo $iurl ?>"
window.close();
</script>
<?php
}else{
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>西南汽车网交流论坛--车型搜索二手车车闻快递拌靓爱车维修常识汽车租赁驾校报名</title>
<link href="man/man.css" rel="stylesheet" type="text/css">
</head>
<script language="javascript">
var f
f="<input type=\"file\" name=\"imgfile[]\"><br>"
function chgn(n)
{
fs.innerHTML=""
for (i=0;i<n;i++)
{
fs.innerHTML+=f
}
}
function chgfs()
{
if (form1.scfs[0].checked==true)
{
form1.imgurl.disabled=true
form1.img_num.disabled=false
f="<input type=\"file\" name=\"imgfile[]\">"
fs.innerHTML=f
}else
{
form1.imgurl.disabled=false
form1.img_num.disabled=true
f="<input type=\"file\" name=\"imgfile[]\" disabled>"
fs.innerHTML=f
}
}
function chkl()
{
if (form1.scfs[1].checked==true)
{
if (form1.imgurl.value.length<15)
{
alert("请输入正确的地址!")
return false
}
sle=form1.imgurl.value.substr(0,7)
sle=sle.toLowerCase()
if (sle!="http://")
{
alert("请以输入以\"http://\"开头的图片地址!\n \""+sle+"\"不正确!")
return false
}
fxt=form1.imgurl.value
fxt=fxt.substr(fxt.length-3,3)
fxt=fxt.toLowerCase()
if (fxt!="gif"&&fxt!="jpg"&&fxt!="bmp"&&fxt!="png")
{
alert("请以输入以\"gif、jpg、bmp、png\"结尾的图片地址!\n \""+fxt+"\"不正确!")
return false
}
}
}
</script>
<body onLoad="chgfs()">
<?php echo $_SERVER['HTTP_REFERER'] ?>
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post" enctype="multipart/form-data" name="form1" onSubmit="return chkl()">
<table width="407" border="0" cellspacing="0" cellpadding="0">
<tr>
<td height="18" align="center">方 式:</td>
<td><input name="scfs" type="radio" onClick="chgfs()" value="radiobutton" checked>
上传
<input type="radio" name="scfs" value="radiobutton" onClick="chgfs()">
链接 </td>
</tr>
<tr>
<td width="89" height="18" align="center">上 传:</td>
<td width="318">
<span id=fs><input type="file" name="imgfile"></span>
<select name="img_num" id="img_num" onChange="chgn(this.value)">
<script language="javascript">
for (i=1;i<<?php echo $_SESSION['ugrade']+1 ?>;i++)
{
document.write("<option value=\""+i+"\">"+i+"</option>")
}
</script>
</select></td>
</tr>
<tr>
<td height="18" align="center">链 接:</td>
<td><input name="imgurl" type="text" id="imgurl"></td>
</tr>
<tr>
<td height="18" align="center">提 交:</td>
<td><input type="submit" name="Submit" value="完成"></td>
</tr>
</table>
</form>
</body>
</html>
<?php }
?>自己改一改,我的数据库是sql server
先详细研究一下这个地址里的内容。
http://php.liukang.com/manual/zh/features.file-upload.php再就是研究一下数据操作,MYSQL的插入语句。
echo "<script language=javascript>alert('".$str."');history.back()</script>";
}function DoSave($allowext,$allowsize){
//' 建立上传对象
//' 取得上传数据,限制最大上传
if($_FILES['attach']['size'] > $allowsize){
OutScript("文件大小超过系统设定,支持的文件大小为" .$allowsize."B");
exit;
}
if($_FILES['attach']['error'] > 0){
switch((int)$_FILES['attach']['error']){
case UPLOAD_ERR_NO_FILE:
OutScript("请选择有效的上传文件!");break;
case UPLOAD_ERR_FORM_SIZE:
OutScript("文件大小超过系统设定,支持的文件大小为" .$allowsize."B");break;
}
return;
}
preg_match("/\.([a-zA-Z]{2,4})$/",$_FILES['attach']['name'],$exts);
//Hack by Gzuu.Com 四维工作室 Start
$namecnum = strlen($_FILES['attach']['name']);
$namenum = strrpos($_FILES['attach']['name'], ".");
$filename = substr($_FILES['attach']['name'], $namenum, $namecnum);
mt_srand((double)microtime()*1000000);
$strname = mt_rand(100000, 999999);
$strname = $strname.time();
$filename = $sNewFileName = $strname.$filename;
CheckValidExt($exts[1],$allowext);
//$filename = $sNewFileName = date('Y.m.d.H.i.s').$_FILES['uploadfile']['name'];
//Hack by Gzuu.Com 四维工作室 End
$sFileName = str_replace('\\','\\\\',realpath("upload"))."\\";
$sFileName .= $sNewFileName; if(!@move_uploaded_file($_FILES['attach']['tmp_name'],$sFileName)):
OutScript("Error: ".$GLOBALS['sUploadDir']."/".$sNewFileName."");
exit;
endif;
return $filename;//返回文件名
}调用:
if($_GET['action']=="up"):
if($_FILES['attach']['name']):
$attach = DoSave($row['affixtype'],$row['affixsize']);
if(!$attach):
OutScript("文件上传错误!");
exit;
endif;
endif;
$_FILES['userfile']['name']客户端机器文件的原名称
$_FILES['userfile']['tmp_name']文件被上传后在服务端储存的临时文件名
(
[userfile] => Array
(
[name] => nhl05_naslund_wall_1024_768.jpg
[type] =>
[tmp_name] =>
[error] => 2
[size] => 0
))
我到底错在哪里啊??
$uploaddir = './uploads/';
$uploadfile = $uploaddir.$_POST["query_id"].'_'.$_FILES['userfile']['name'];print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'],$uploaddir.$_POST["query_id"].'_'.$_FILES['userfile']['name'])) {
print "File is valid, and was successfully uploaded.";
} else {
print "Possible file upload attack! Here's some debugging info:\n";
print_r($_FILES);
}
print "</pre>";
他还是老的图片的名字,这是为什么啊??
看我的代码有错吗?
还是服务起的问题???
高手请进!!