0

嗨,我是 OOP 实践的新手,我正在尝试通过使用函数将文件上传到使用 PHP 上。我需要我的文件上传系统做的是:

文件上传规范

  1. 特定文件扩展名 - 即 jpg、jpeg、gif、png 等
  2. 上传到特定目录,但在上传时根据 SQL 数据库中条目的 id 创建一个新目录 - 即 house id 234 将创建上传目录 234。
  3. 保留已上传文件的扩展名 - 即,如果已上传 jpeg,请保留该扩展名。
  4. 将文件重命名为随机文件名

我已经创建了函数,但我不断收到以下错误

Warning: mkdir() [function.mkdir]: File exists in /Applications/XAMPP/xamppfiles/htdocs/undergradpad/classes/class.House.inc on line 52

我不明白这意味着什么,因为该目录中不存在该文件,但是将添加房屋详细信息的语句输入到数据库中。

任何帮助都会受到热烈欢迎。

我的代码如下:

类/class.House.inc

<?php
    include("connect/class.Database.inc");

    class House extends Database {
    public function insert ($field) {

         $sql = "INSERT INTO houses(bedrooms, description, roadname, postcode, price, deposit, contractlength, available, bathrooms, livingrooms, outdoorspace, furnishing, contactdetails) 
              VALUES('".$this->bedrooms."', '".$this->description."', '".$this->roadname."', '".$this->postcode."', '".$this->price."', '".$this->deposit."', '".$this->contractlength."', '".$this->available."', '".$this->bathrooms."', '".$this->livingrooms."', '".$this->outdoorspace."', '".$this->furnishing."', '".$this->contactdetails."')";
            $result = $this->mysqli->query($sql) or die("insert:".$mysqli->error());

             $allowedExtensions = array("jpg","jpeg","gif","png"); 
             $path =  "../files/uploads/houses_gallery/$mysqli->insert_id";

            if (!$this->mysqli->query($sql) && is_dir($path))
                  {
                    die('Error: ' . $mysqli->error());
                  }
                            echo "<h3>1 record added</h3>";
                            mkdir($path);
                    move_uploaded_file($_FILES['fileField']['tmp_name'], "$path");      
        }
    }
?>

插入.php

<?php 
include("classes/class.House.inc");
include("header.php"); 
?>
<?php
$obj = new House();
    if(isset($_POST['submit'])){

        $fields = array(
        'description'   => array('required' => True),
        'roadname'  => array('required' => True),
        'postcode'  => array('required' => True),
        'price'     => array('required' => True),
        'deposit'   => array('required' => True),
        'contractlength'=> array('required' => True),
        'available' => array('required' => True),
        'bedrooms'  => array('required' => True),
        'bathrooms' => array('required' => True),
        'livingrooms'   => array('required' => True),
        'outdoorspace'  => array('required' => True),
        'furnishing'    => array('required' => True),
        'contactdetails'=> array('required' => True),
    );
    // We will check ALL fields, and store here any missing ones
        $missing = array();

        foreach($fields as $field => $definition)
        {
            if (!empty($_POST[$field]))
            {   
                 $obj->bedrooms = $_POST['bedrooms'];
                 $obj->description = $_POST['description'];
                 $obj->roadname  = $_POST['roadname'];
                 $obj->postcode = $_POST['postcode'];
                 $obj->price  = $_POST['price'];
                 $obj->deposit  = $_POST['deposit'];
                 $obj->contractlength  = $_POST['contractlength'];
                 $obj->available  = $_POST['available'];
                 $obj->bathrooms  = $_POST['bathrooms'];
                 $obj->livingrooms  = $_POST['livingrooms'];
                 $obj->outdoorspace = $_POST['outdoorspace'];
                 $obj->furnishing  = $_POST['furnishing'];
                 $obj->contactdetails  = $_POST['contactdetails'];
                // We store the content in the object
                $obj->$field = $_POST[$field];

            }
            else
            {
                // Field is required? If so, its lack is an error
                if (True === $definition['required'])
                    $missing[] = $field;
                    }
                        }
                            if (!empty($missing))
                            {
                                echo "Sorry, field(s) missing: " . implode(',', $missing);
                            } else {
                                $obj->insert($field);
                            }
                 }
?>



<div id="mainContent">
<br/>
<div id="insertform"> <!-- Insert Form Div -->

<div id="formWrap">
    <h2>Add a New House</h2>
    <h3> </h3>
    <div id="form">
    <form action="insert.php" method="post" name="insert" id="comments_form">
    <div class="row">
    <div class="label">Picture</div>
    <div class="input">  
    <input type="file" name="fileField" id="fileField" class="detail" />         
                </div> <!-- end input -->
                <div class="context">e.g. Upload pictures to enable students to view your house.</div> <!-- end context -->
                </div> <!-- end .row -->   
    <div class="row">
    <div class="label">No. of Bedroms</div>
    <div class="input"> 
            <select name="bedrooms" id="bedrooms" class="detail">
                <?php 
                 $no_rooms = array("1", "2", "3", "4", "5", "6", "7", "8+");
                    foreach ($no_rooms as $number) {    
                        echo "<option value='$number'>$number</option>";
                    }
                ?>                </select> 

                </div> <!-- end input -->
                <div class="context"> e.g. John Smith </div> <!-- end context -->
                </div> <!-- end .row -->
    <div class="row">
    <div class="label">Description</div>
    <div class="input">            
            <textarea name="description" name="description" id="description" class="detail"></textarea>
                </div> <!-- end input -->
                <div class="context"> e.g. 3 Bedroom house in London close to University bus stops. </div> <!-- end context -->
                </div> <!-- end .row -->      
    <div class="row">
    <div class="label">Road Name</div>
    <div class="input">        
            <input type="input" name="roadname" id="roadname" class="detail"/>
                </div> <!-- end input -->
                <div class="context"> e.g. New Road </div> <!-- end context -->
                </div> <!-- end .row -->         
    <div class="row">
    <div class="label">Postcode</div>
    <div class="input">                             
            <input type="input" name="postcode" id="postcode" class="detail" />
                </div> <!-- end input -->
                <div class="context"> e.g. PO5 3QJ </div> <!-- end context -->
                </div> <!-- end .row -->  
    <div class="row">
    <div class="label">Price</div>
    <div class="input">                                      
            <input type="input" name="price" class="detail" id="price" />
                </div> <!-- end input -->
                <div class="context"> e.g. "300" - price will be calcuated per month plese only enter a numerical figure </div> <!-- end context -->
                </div> <!-- end .row -->        
    <div class="row">
    <div class="label">Depoist</div>
    <div class="input">                               
            <input type="input" name="deposit" id="deposit" class="detail" />
                </div> <!-- end input -->
                <div class="context"> e.g. "200" - please only enter a numerical figure </div> <!-- end context -->
                </div> <!-- end .row -->                    
    <div class="row">
    <div class="label">Length of contract</div>
    <div class="input">                     
            <input type="input" name="contractlength" id="contractlength" class="detail" />
                </div> <!-- end input -->
                <div class="context"> e.g. 10 months, please only enter a numerical figure. </div> <!-- end context -->
                </div> <!-- end .row -->      
    <div class="row">
    <div class="label">Available</div>
    <div class="input">                                    
            <select name="available" id="available" class="detail">
                <?php 
                 $months = array("January", "February", "March", "April", "May", "June", "July", "August", "Septemeber", "October", "Novemeber", "December");
                    foreach ($months as $month) {   
                        echo "<option value='$month'>$month</option>";
                    }
                ?>          
            </select>                   
                </div> <!-- end input -->
                <div class="context"> e.g. September </div> <!-- end context -->
                </div> <!-- end .row --> 
    <div class="row">
    <div class="label">Bathrooms</div>
    <div class="input">                                                 
            <select name="bathrooms" id="bathrooms" class="detail">
                <?php 
                 $no_bathrooms = array("1", "2", "3+");
                    foreach ($no_bathrooms as $number) {    
                        echo "<option value='$number'>$number</option>";
                    }
                ?>          
            </select>
                </div> <!-- end input -->
                <div class="context"> </div> <!-- end context -->
                </div> <!-- end .row -->               
    <div class="row">
    <div class="label">Living Rooms</div>
    <div class="input">                  
            <select name="livingrooms" id="livingrooms" class="detail">
                <?php 
                 $no_livingrooms = array("1", "2+");
                    foreach ($no_livingrooms as $number) {  
                        echo "<option value='$number'>$number</option>";
                    }
                ?>        
            </select>
                </div> <!-- end input -->
                <div class="context">  </div> <!-- end context -->
                </div> <!-- end .row -->                  
    <div class="row">
    <div class="label">Outdoor Space</div>
    <div class="input">                     
            <select name="outdoorspace" id="outdoorspace" class="detail">
                <?php 
                 $outdoor_space_op = array("Garden", "No Garden");
                    foreach ($outdoor_space_op as $option) {    
                        echo "<option value='$option'>$option</option>";
                    }
                ?>        
            </select>
                </div> <!-- end input -->
                <div class="context">  </div> <!-- end context -->
                </div> <!-- end .row -->                  
    <div class="row">
    <div class="label">Description</div>
    <div class="input">                    
            <select name="furnishing" id="furnishing" class="detail">
                <?php 
                 $furnishing_type = array("Fully Furnished", "Part Furnished", "Not Furnished");
                    foreach ($furnishing_type as $option) { 
                        echo "<option value='$option'>$option</option>";
                    }
                ?>        
            </select>
                </div> <!-- end input -->
                <div class="context">  </div> <!-- end context -->
                </div> <!-- end .row -->                      
    <div class="row">
    <div class="label">Contact No</div>
    <div class="input">                   
            <input type="input" name="contactdetails" id="contactdetails" class="detail"  />
                </div> <!-- end input -->
                <div class="context"> e.g. 01682 853214</div> <!-- end context -->
                </div> <!-- end .row -->         
    <div class="row">
    <div class="label">Email Address</div>
    <div class="input">                   
            <input type="input" name="email" id="email" class="detail"  />
                </div> <!-- end input -->
                <div class="context"> e.g. john.smith@gmail.com</div> <!-- end context -->
                </div> <!-- end .row -->                         
            <input type="submit" id="submit" name="submit" value="Submit Message" />
                    <div class="submit"> </div> <!-- end submit -->                
        </form>
</div> <!-- end form -->
</div> <!-- end form wrapper -->

 </div>
<?php include("footer.php");?>
4

2 回答 2

0

您也不一致地使用 mysqli。我不确定它是否应该是$mysqli$this->mysqli,但我肯定会猜到后者。

这种情况是否符合您的预期?检查查询是否失败并且目录是否已经存在?

        if (!$this->mysqli->query($sql) && is_dir($path))
              {
                die('Error: ' . $mysqli->error());
              }

该摘录也是您第二次要求mysqli->query插入相同的内容。我认为你应该在$result这里使用,而不是尝试插入两次。

实际上,我认为您此时不需要检查查询是否失败,因为您已经检查过它是否失败:

$result = $this->mysqli->query($sql) or die("insert:".$mysqli->error());

这有效地防止了该条件永远评估为真,如果写成:

if (!$result && is_dir($path))
于 2012-11-13T19:37:32.863 回答
0 
$path =  "../files/uploads/houses_gallery/$mysqli->insert_id";

应该是

$path =  "../files/uploads/houses_gallery/" . $this->mysqli->insert_id;

正如 Mark B 所指出的,小心 sql 注入。你应该准备你的查询: http: //php.net/manual/en/mysqli.prepare.php

于 2012-11-13T19:06:09.450 回答