2

ファイルをWebサーバーにアップロードし、接続先の電子メールアドレスとシリアルコードとともにファイルパスをSQLテーブルに保存するためのフォームがあります。問題は、誰かが以前の人またはアップロードと同じ名前のファイルをアップロードした場合はどうなるかということです。これを修正するには、ファイルに「ここにシリアル コードを挿入」.mp4 または .pdf という名前を付けたいと思います。これを行うと、次のエラーが発生します。

Warning: move_uploaded_file() [function.move-uploaded-file]: The second argument to copy() function cannot be a directory in /home/content/98/10339998/html/scripts/upload.php on line 57

Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/php7UzcdG' to '../story_files/' in /home/content/98/10339998/html/scripts/upload.php on line 57
Stored in: ../story_files/

完全なエコーの例を次に示します。

Customer's unique serial code: d0d74-ef227 


Upload: 
Type: application/pdf
Size: 14.4287109375 kB
Temp file: /tmp/php7UzcdG

Warning: move_uploaded_file() [function.move-uploaded-file]: The second argument to copy() function cannot be a directory in /home/content/98/10339998/html/scripts/upload.php on line 57

Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/php7UzcdG' to '../story_files/' in /home/content/98/10339998/html/scripts/upload.php on line 57
Stored in: ../story_files/
../story_files/

Upload: file.mp4
Type: video/mp4
Size: 374.6396484375 kB
Temp file: /tmp/phpQczVLm
file.mp4 already exists. 
Serial Code Emailed to Customer Michael

これがコードです。動画とストーリー部分の違いに注意してください。動画部分は変換していませんが、完全に機能する元のコードです。また、PHP はシリアル コードをファイルパスと見なしますが、それはなぜですか? コードは単純に 10 桁の一連の文字と数字で、読み取りを簡単にするためにダッシュを挟んだ 5 桁の 2 つのセットです。

    <title>Uploading Files and Sending Serial Code To Customer</title>

<!--Favicon Code-->
<link rel="shortcut icon" type="image/x-icon" href="../images/favicon.ico" />
<!--Favicon Code-->


<link href="/CSS/CSS.css" rel="stylesheet" type="text/css" />
<div align="center">
  <p><span class="linkText"><a href="/index.html">Home</a> <a href="/contact-us.php">Contact Us</a> <a href="/products.html">Products</a><a href="/products.html"></a><a href="/products.html"></a></span> </p>
  <p>&nbsp;</p>
  <h2 class="headingText"><img src="/images/banner.jpg" alt="legendmaker - makes legends: banner" width="297" height="473"></h2>
  <h2 class="headingText">&nbsp;</h2>
  <h2 class="headingText">Upload Story Files</h2>
</div>
<?php
// before we do anything make sure there is a correct password (we don't want unauthorized usage)
$password = trim($_POST['password']);

if ("*****" == $password)// not going to post my pass on the forums :P

{



///// generate unique serial code ///////////////////////////////////////////////////////////////
$string1 = substr(md5(uniqid(rand(), true)), -5, 5);
$string2 = substr(md5(uniqid(rand(), true)), -5, 5);
$serial  = sprintf('%s-%s', $string1, $string2);

echo "Customer's unique serial code:  ";
echo $serial;
echo "     ";
/////end of generate unique serial code ///////////////////////////////////////////////////////////////
///story file upload///////////////////////////////////////////////////////////////////////////////////

if ($_FILES["file"]["size"])
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "<br>" . "<br>" . "<br>" . "Upload: " . $_FILES["file"]["$code"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";

    if (file_exists("stories/" . $_FILES["file"]["$code"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "../story_files/" . $_FILES["file"]["code"]);
      echo "Stored in: " . "../story_files/" . $_FILES["file"]["$code"] . "<br>";
      $storyPath  = sprintf("../story_files/" . $_FILES["file"]["$code"]);
      echo $storyPath;    
      }
    }
  }
else
  {
  echo "No story file was chosen, this is not an error just a notification. Any other files selected will still upload correctly.   ";
  }




///video file upload////////////////////////////////////////////////////////////////////////////////


if ($_FILES["videoFile"]["size"])
  {
  if ($_FILES["videoFile"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["videoFile"]["error"] . "<br>";
    }
  else
    {
    echo "<br>" . "<br>" ."Upload: " . $_FILES["videoFile"]["name"] . "<br>";
    echo "Type: " . $_FILES["videoFile"]["type"] . "<br>";
    echo "Size: " . ($_FILES["videoFile"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["videoFile"]["tmp_name"] . "<br>";

    if (file_exists("../video_files/" . $_FILES["videoFile"]["name"]))
      {
      echo $_FILES["videoFile"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["videoFile"]["tmp_name"],
      "../video_files/" . $_FILES["videoFile"]["name"]);
      echo "Stored in: " . "../video_files/" . $_FILES["videoFile"]["name"] . "<br>";     
      $videoPath  = sprintf("../video_files/" . $_FILES["file"]["name"]);
      echo $videoPath;
      }
    }
  }
else
  {
  echo "No video file was chosen, this is not an error just a notification. Any other files selected will still upload correctly.   ";
  }  

  /// submit information to database/////////////////////////////////////////////////////////////////////
$username="storycodes";
$password="Legendmaker1!";
    $con = mysqli_connect("storycodes.db.10339998.hostedresource.com",$username,$password);

    if (!$con)
    {
        die('Could not connect: ' . mysqli_error());
    }
$email = $_POST['email'] ;  
$submitInformation = "INSERT INTO `storycodes`.`storycodes` (`code`, `email`, `video`, `story`) VALUES ('$serial', '$email', '$videoPath', '$storyPath');"; 
mysqli_query($con, $submitInformation); // submits information to database for later recollection
////////////////////end of submit to database///////////////////////////////////////////////////////////


/////////////////// email the code to customer//////////////////////////////////////////////////////////
require_once '../PHPMailer_5.2.2/class.phpmailer.php';

$name = $_POST['name'] ;


$body = "Thank you for using legendmaker $name! Your story has been completed and will now be accesible at www.thelegendmaker.net/stories.html  On that page you will be required to enter a serial code in order to access your files. We require a serial code in order to access files because we care about our customers and security is a concern.                                                           Your serial code is: $serial";

$mail = new PHPMailer(true); //defaults to using php "mail()"; the true param means it will throw exceptions on errors, which we need to catch

try 
{
  $mail->AddAddress($email, $name);
  $mail->SetFrom('fakeemail1@gmail.com', 'Sender Name');
  $mail->AddReplyTo('fakeperson@yahoo.com', 'Fake Name');
  $mail->Subject = "Message From Legendmaker: $name your story is now complete.";
  $mail->Body = $body;
  $mail->Send();
  echo "<br>" . "<br>" . "Serial Code Emailed to Customer $name</p>\n";
  echo "<img src='/images/knight-success.png' alt='success' width='429' height='791' />"; 
} catch (phpmailerException $e) {
  echo $e->errorMessage(); //Pretty error messages from PHPMailer
} catch (Exception $e) {
  echo $e->getMessage(); //Boring error messages from anything else!
}

/////////////////// end of email code///////////////////////////////////////////////////////////////////

}

else
{
echo "incorrect password";
}
/// end of file uploads//////////////////////////////////////////////////////////////////////////
?>
<link href="/CSS/CSS.css" rel="stylesheet" type="text/css" />


<p>
  <!--google cart code ------------------------------------>
  <script  id='googlecart-script' type='text/javascript' src='https://checkout.google.com/seller/gsc/v2_2/cart.js?mid=215313740482542' integration='jscart-wizard' post-cart-to-sandbox='false' currency='USD' productWeightUnits='LB'></script>
</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p align="center"><a href="/contact-us.php">Contact Us</a> <a href="/upload.html">Site Owner Upload</a> <a href="/service_agreement.html">Service Agreement</a></p>
4

1 に答える 1

0

存在しないファイル名の$_FILES["file"]["code"]代わりに使用 するため、2 番目の引数としてディレクトリを渡すことになります。$_FILES["file"]["name"]

move_uploaded_file($_FILES["file"]["tmp_name"],
  "../story_files/" . basename($_FILES["file"]["name"]));

生成されたシリアルコードをファイル名として使用する場合は編集して、ディレクトリ文字列に連結するだけですmove_uploaded_file

move_uploaded_file($_FILES["file"]["tmp_name"],
  "../story_files/" . $serial);
于 2013-03-26T05:40:09.790 に答える