这是我的编辑文件,
这是我的$\
<?php
if(isset($_POST['submit']) ){
$id = $connect->real_escape_string($_POST['id']);
$name = $connect->real_escape_string($_POST['name']);
$description =$connect->real_escape_string($_POST['description']);
$image = $_FILES['image'];
$tmp_file = $_FILES['image']['tmp_name'];
$file_size= $_FILES['image']['size'];
$type_file= $_FILES['image'] ['type'];
if(edit_portfolio($id, $name, $description, $image)) {#1
$type = "msg-scs";
$location = "mp_showdata.php";
$message = "portfolio successfully edited";
redirect($type,$location, $message);
}else{#1
$type = "msg-fail";
$location = "mp_showdata.php";
$message = "portfolio failed to edit";
redirect($type,$location, $message);
}
}
?>这是我的职责
function edit_portfolio($id, $name, $description, $image, $type_file){
global $connect;
$filePath = "images/portfolios/".basename($image["name"]);
move_uploaded_file($image["tmp_name"], $filePath);
if(!empty($image['name'])){
$sql = "UPDATE ms_portfolios SET name='$name', description='$description', image='$filePath' WHERE id='$id'";
if($connect->query($sql) === TRUE)
return true; else
return false;
}else{
$sql = "UPDATE ms_portfolios SET name='$name', description='$description' WHERE id='$id'";
if($connect->query($sql) === TRUE)
return true; else
return false;
}
}
?>这是我的html
<div class="form-group">
<label><?php echo "old image <span style=color:red>$row->image</span>" ?></label>
<input type="file" name="image">
<input type="hidden" name="temp_img" value="<?php echo $row->image ?>">
<input type="hidden" name="id" value="<?php echo $row->id ?>">
</div>我在这里的问题是,我必须把php的代码只允许文件jpg,png,jpeg。我在函数和$\u post中做了很多实验
感谢您的帮助:)
1条答案
按热度按时间svujldwt1#
你可以做两件事。第一个(客户端)是网页上的文件输入元素。请使用accept属性,以便浏览器将用户限制为指定的文件类型(https://developer.mozilla.org/en-us/docs/web/html/element/input#attr-接受)。服务器端需要检查实际的文件,而不是扩展名。您可以使用pathinfo()(上传形式的php check文件扩展名)