【发布时间】:2012-12-29 16:31:02
【问题描述】:
我想知道如何根据名为“UserID”的会话变量使用 PHP 创建一个目录(点击 HTML 上传按钮)。
这是我尝试做的:
<?php
include("login.php");
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>FileStore - Upload Files</title>
<link rel="stylesheet" href="./CSS/style.css" type="text/css" media="screen, projection" />
</head>
<body>
<div id="wrapper">
<header id="header">
<div id="header-content">
<strong><h1>FileStore</h1></strong> Upload multiple files at once!
</div>
<div class="login-info" >
<?php
if ($isLoggedin === false) {
echo ' <form action="" method="POST">
Username: <input name="username" >
Password: <input type="password" name="password" size="8">
<input type="submit" name="submit" value="Login">
</form>';
echo "<p align='right'>You are not logged in.</p>";
echo "<b><a href='registration.php'>Register</a></b>";
}else{
echo $welcomeMsg;
}
?>
</div>
</header><!-- #header-->
<section id="middle" align="center">
<div id="container">
<br><br>
<div id="content">
<strong><h1>Upload files</h1></strong><br><br>
<div id="upload-file" >
<?php
include("dbConfig.php");
$Username = $_SESSION["username"];
//$Password = $_SESSION["password"];
$Password = md5($Password);
$sql = "SELECT UserID FROM users WHERE Username = '".$Username."' AND Password = '".$Password."'";
$result = mysql_query($sql) or die(mysql_error());
while($row = mysql_fetch_assoc($result)) {
$userid = $row['UserID'];
}
echo $userid;
$dirname = $userid;
$filename = ("/folder/" . "$dirname" . "/");
if (!file_exists($filename))
{
mkdir("files/'$userid'", 0777);
} else {
if (isset($_FILES['files'])) {
echo "<div id='files_table'><table class='center'.><tr><td>";
foreach($_FILES['files']['tmp_name'] as $key => $tmp_name){
move_uploaded_file($tmp_name, "files/'".$userid."'{$_FILES['files']['name'][$key]}");
echo $_FILES['files']['name'][$key], " uploaded.", "<br>";
}
echo "</td></tr></table></div><br><br>";
}
}
if (isset($_FILES['files'])) {
echo "<div id='files_table'><table class='center'.><tr><td>";
foreach($_FILES['files']['tmp_name'] as $key => $tmp_name){
move_uploaded_file($tmp_name, "files/'".$userid."'{$_FILES['files']['name'][$key]}");
echo $_FILES['files']['name'][$key], " uploaded.", "<br>";
}
echo "</td></tr></table></div><br><br>";
}
?>
<form action="" method="post" enctype="multipart/form-data">
<h1> Select files to upload:</h1>
<br>
<p>
<input type="file" name ="files[]" multiple min="1" />
<input type="submit" value="Upload" />
</p>
<br>
<h2> You can select multiple files for upload. </h2>
</form>
</div>
</div><!-- #content-->
</div><!-- #container-->
<aside id="sideLeft">
<div id="menu-x" align="center"><br>
<strong>Menu</strong><br><br>
<div class="menu">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="upload.php">Upload</a></li>
<li><a href="files.php">Files</a></li>
<li><a href="about.php">About</a></li>
<li><a href="help.php">Help</a></li>
<li><a href="#">Logout</a></li>
</ul>
<br style="clear:left"/>
</div>
</div>
</aside><!-- #sideLeft -->
</section><!-- #middle-->
<footer id="footer">
<strong>FileStore:</strong> A CMT 3315 Project by Brian Livori
</footer><!-- #footer -->
</div><!-- #wrapper -->
</body>
</html>
这不起作用。我收到以下错误消息:
注意:未定义变量:密码输入 C:\xampp\htdocs\Task2PHP\final\upload.php 在第 70 行
注意:未定义变量:userid in C:\xampp\htdocs\Task2PHP\final\upload.php 在第 83 行
注意:未定义变量:userid in C:\xampp\htdocs\Task2PHP\final\upload.php 在第 85 行
注意:未定义变量:userid in C:\xampp\htdocs\Task2PHP\final\upload.php 在第 93 行
警告:mkdir():文件存在于 C:\xampp\htdocs\Task2PHP\final\upload.php 在第 93 行
知道我该怎么做吗?
【问题讨论】:
-
您需要阅读variable scope 并在使用前检查发布请求是否已设置,最后一个警告是文件已经存在..所以要么删除旧文件或重命名新文件
-
$sql = "SELECT UserID FROM users WHERE Username = '".$Username."' AND Password = '".$Password."'";请不要在现场制作网站上这样做。当然,如果它在你的本地主机上并且只是学习,那么你会没事的(现在) -
@NullPointer 我创建了一个全局用户标识;在 php 脚本的开头,但正在创建的文件夹被称为“。此外,如果目录已存在,则会显示错误。
-
md5 真的吗?你需要使用 sha check this awesome video by Anthony Ferrara ... 你的代码容易受到 sql 禁令的影响,不要使用
mysql_*函数 cthere are deprecated use pdo or mysqli instead -
@NullPointer 这只是一个简单的应用程序,我正在努力完成学习 PHP