stackoom
  简体   繁体   中英

PHP error at file upload

 原文  2014-02-06 08:39:21       php

Question

I am using first and sample coding for file upload. after enter the data, show the error. like

Connected successfullyUpload: bottom.png Type: image/png Size: 5.7373046875 kB Stored in: C:\\xampp\\tmp\\phpD383.tmp Notice: Undefined index: file in C:\\xampp\\htdocs\\Deen_php\\sample.php on line 53 Could not enter data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1

php 

<?php
if(isset($_POST['insert']))
{
$dbhost = 'localhost:3306';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
  die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';


$allowedExts = array("gif", "jpeg", "jpg", "png","txt");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);

if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/txt"))
&& ($_FILES["file"]["size"] < 50000)
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Error: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Stored in: " . $_FILES["file"]["tmp_name"];
    }
  }
else
  {
  echo "Invalid file";
  }

$num = $_POST['num'];
$name = $_POST['name'];
$age = $_POST['age'];
$file = $_POST['file'];



$sql = "INSERT INTO sample ".
       "(num,name,age,file1) ".
       "VALUES('$num','$name',$age, $file)";

mysql_select_db('test_db');

$retval = mysql_query( $sql, $conn );
if(! $retval )
{
  die('Could not enter data: ' . mysql_error());
}

echo "Entered data successfully\n";
move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], "C:/" . $_FILES["fileToUpload"]["name"]);

mysql_close($conn);

}
?>

html 

<form action="<?php $_PHP_SELF ?>" method="POST" enctype="multipart/form-data">
  Num: <input type="text" name="num" />
  Name: <input type="text" name="name" />
  Age: <input type="text" name="age" />
  File Upload<input name="file" type="file" /><br />
  <input type="submit" id="insert" name="insert" value="Submit" />
</form>

4 answers

solution1
 2  2014-02-06 08:42:17

You cannot access an input of type file via $_POST, it is accessed via $_FILES as in your code.

If you want to store the filename you can do 

$file = $_FILES["file"]["tmp_name"];

Also if you are passing a string to db then enclose them in quotes like you have done in your query for $name and $num .

NB: Please keep in mind that mysql_* functions are deprecated. So try to use mysqli or PDO

solution2
 0  2014-02-06 08:43:15

I think the problem is your sql syntax. change to this: 

$sql = "INSERT INTO sample (num,name,age,file1) VALUES('$num','$name', '$age', '$file')";

solution3
 0  2014-02-06 08:47:24

change fileToUpload to file

from 

move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], "C:/" . $_FILES["fileToUpload"]["name"]);

To 

move_uploaded_file($_FILES["file"]["tmp_name"], "C:/" . $_FILES["file"]["name"]);

===========================================

change sql format too. 

   $sql = "INSERT INTO sample (num,name,age,file1) VALUES('$num','$name', '$age', '$file')";

============================================================

Also change file name 

$file = $_POST['file'];

to 

$file = $_FILES["file"]["name"]

=================================================================

change storage path too by creating upload directory in your project folder. 

move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);

solution4
 0  2014-02-06 08:56:40

What do you want at all?

If you want to store file contents, you should use file_get_contents instead of move_uploaded_file . To get temporary name use $_FILES["file"]["tmp_name"] . Read directly from this file.

If you want to store save file permanently and save path to this file, use move_uploaded_file with our own name (not necessary $_FILES["file"]["name"] ) and save path (or meaningful part of path) that you passed to move_uploaded_file . $_POST['file'] is not set anyway.

You forgot quotes in your MySQL query.

Also, you wrote $_FILES["fileToUpload"]["tmp_name"] (other array key).

For content types (MIME) use array too.

File extension you should get using $ext = pathinfo($filename, PATHINFO_EXTENSION); .

Only correct and not deprecated way to work with MySQL is PDO with prepared statements. Your code allows SQL injections. Moreover, it's recommended to you framework afterwards.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question File upload error in php PHP upload file error PHP File Upload Error error in php file upload PHP File Upload Partial Upload Error PHP upload file error code 8 PHP database file upload error PHP image file upload error php file upload strange error Getting error with file upload in php
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM