用户在 PHP 中将广告上传到汽车网站
User uploading an advert to car site in PHP
我被逼疯了,试图找出如何允许用户将广告上传到我为 Uni 项目创建的汽车网站。
用户应该能够输入汽车的详细信息和汽车的图像。经过大量搜索后,我发现建议将图像上传到目录并将路径存储在数据库中。我想为图像分配新名称,使其独一无二。
将图像上传到目录的代码工作正常并重命名。我的问题是将数据插入数据库。我收到错误 "Notice: Array to string conversion" 我猜这是来自完成重命名的数组?请帮忙。这是我的 PHP 代码(我知道它到处都是切割等,需要整理)。
<?php
if(isset($_POST['upload_car'])){
$car_make = mysqli_real_escape_string($con, $_POST['make']);
$car_model = mysqli_real_escape_string($con, $_POST['model']);
$car_price = mysqli_real_escape_string($con, $_POST['price']);
$car_year = mysqli_real_escape_string($con, $_POST['year']);
$car_mileage = mysqli_real_escape_string($con, $_POST['mileage']);
$car_engine = mysqli_real_escape_string($con, $_POST['engine']);
$car_gearbox = mysqli_real_escape_string($con, $_POST['gearbox']);
$car_area = mysqli_real_escape_string($con, $_POST['area']);
$car_colour = mysqli_real_escape_string($con, $_POST['colour']);
$car_descr = mysqli_real_escape_string($con, $_POST['description']);
$usr_id = mysqli_real_escape_string($con, $_SESSION['mem_ID']);
$sql = "SELECT * FROM users WHERE id='$usr_id'";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result) > 0){
while($row = mysqli_fetch_array($result))
{
$contact_num = $row['phone'];
$contact_email = $row['email'];
}
}
$image = $_FILES['image'];
$image_name = $_FILES['image']['name'];
$image_TmpName = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_error = $_FILES['image']['error'];
$image_type = $_FILES['image']['type'];
$imageExt = explode('.', $image_name);
$imageActualExt = strtolower(end($imageExt));
$allowed = array('jpg', 'jpeg', 'png');
if(in_array($imageActualExt, $allowed)){
if($image_error === 0){
if($image_size < 1000000){
$image_nameNew = uniqid('', true).".".$imageActualExt;
$imageDestination = 'uploads/'.$image_nameNew;
move_uploaded_file($image_TmpName, $imageDestination);
}else{
echo"Your image is too big";
}
}else{
echo"There was a problem uploading";
}
}else{
echo "You can not upload that file type.";
}
if(!preg_match("/^[a-zA-Z]+$/", $car_make, $car_model)){
$error = true;
echo'<script>alert("Name must contain only alphabets and space.")</script>';
}
if(!$error){
if(mysqli_query($con, "INSERT INTO car(make, model, price, year, milage, engine_size, gearbox, area, colour,
vehicle_descr, photo, phot_dest, contact_num, contact_email, id)
VALUES('" . $car_make ."', '" . $car_model . "', '" . $car_price . "', '" . $car_year . "', '" . $car_mileage . "',
'" . $car_engine . "', '" . $car_gearbox . "', '" . $car_area . "', '" . $car_colour . "', '" . $car_descr . "',
'" . $image_nameNew . "', '" . $imageDestination . "', '" . $contact_num . "', '" . $contact_email . "', '" . $usr_id . "' )"))
{
echo'<script>alert("Your car has been uploaded")</script>';
}
else{
echo'<script>alert("Error uploading! Please try again later")</script>';
}
}
}
?>
您的问题出在 preg_match() 或特别是这一行:
if(!preg_match("/^[a-zA-Z]+$/", $car_make, $car_model)){
第三个参数的文档明确指出:
If matches is provided, then it is filled with the results of search. $matches[0] will contain the text that matched the full pattern, $matches[1] will have the text that matched the first captured parenthesized subpattern, and so on.
因此 $car_model 在构建 INSERT 字符串之前变成了一个数组。
我没有检查过你的代码,但将其更改为:
if(!preg_match("/^[a-zA-Z]+$/", $car_make)){
可能会解决您的问题。
我被逼疯了,试图找出如何允许用户将广告上传到我为 Uni 项目创建的汽车网站。 用户应该能够输入汽车的详细信息和汽车的图像。经过大量搜索后,我发现建议将图像上传到目录并将路径存储在数据库中。我想为图像分配新名称,使其独一无二。 将图像上传到目录的代码工作正常并重命名。我的问题是将数据插入数据库。我收到错误 "Notice: Array to string conversion" 我猜这是来自完成重命名的数组?请帮忙。这是我的 PHP 代码(我知道它到处都是切割等,需要整理)。
<?php
if(isset($_POST['upload_car'])){
$car_make = mysqli_real_escape_string($con, $_POST['make']);
$car_model = mysqli_real_escape_string($con, $_POST['model']);
$car_price = mysqli_real_escape_string($con, $_POST['price']);
$car_year = mysqli_real_escape_string($con, $_POST['year']);
$car_mileage = mysqli_real_escape_string($con, $_POST['mileage']);
$car_engine = mysqli_real_escape_string($con, $_POST['engine']);
$car_gearbox = mysqli_real_escape_string($con, $_POST['gearbox']);
$car_area = mysqli_real_escape_string($con, $_POST['area']);
$car_colour = mysqli_real_escape_string($con, $_POST['colour']);
$car_descr = mysqli_real_escape_string($con, $_POST['description']);
$usr_id = mysqli_real_escape_string($con, $_SESSION['mem_ID']);
$sql = "SELECT * FROM users WHERE id='$usr_id'";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result) > 0){
while($row = mysqli_fetch_array($result))
{
$contact_num = $row['phone'];
$contact_email = $row['email'];
}
}
$image = $_FILES['image'];
$image_name = $_FILES['image']['name'];
$image_TmpName = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_error = $_FILES['image']['error'];
$image_type = $_FILES['image']['type'];
$imageExt = explode('.', $image_name);
$imageActualExt = strtolower(end($imageExt));
$allowed = array('jpg', 'jpeg', 'png');
if(in_array($imageActualExt, $allowed)){
if($image_error === 0){
if($image_size < 1000000){
$image_nameNew = uniqid('', true).".".$imageActualExt;
$imageDestination = 'uploads/'.$image_nameNew;
move_uploaded_file($image_TmpName, $imageDestination);
}else{
echo"Your image is too big";
}
}else{
echo"There was a problem uploading";
}
}else{
echo "You can not upload that file type.";
}
if(!preg_match("/^[a-zA-Z]+$/", $car_make, $car_model)){
$error = true;
echo'<script>alert("Name must contain only alphabets and space.")</script>';
}
if(!$error){
if(mysqli_query($con, "INSERT INTO car(make, model, price, year, milage, engine_size, gearbox, area, colour,
vehicle_descr, photo, phot_dest, contact_num, contact_email, id)
VALUES('" . $car_make ."', '" . $car_model . "', '" . $car_price . "', '" . $car_year . "', '" . $car_mileage . "',
'" . $car_engine . "', '" . $car_gearbox . "', '" . $car_area . "', '" . $car_colour . "', '" . $car_descr . "',
'" . $image_nameNew . "', '" . $imageDestination . "', '" . $contact_num . "', '" . $contact_email . "', '" . $usr_id . "' )"))
{
echo'<script>alert("Your car has been uploaded")</script>';
}
else{
echo'<script>alert("Error uploading! Please try again later")</script>';
}
}
}
?>
您的问题出在 preg_match() 或特别是这一行:
if(!preg_match("/^[a-zA-Z]+$/", $car_make, $car_model)){
第三个参数的文档明确指出:
If matches is provided, then it is filled with the results of search.
$matches[0]will contain the text that matched the full pattern,$matches[1]will have the text that matched the first captured parenthesized subpattern, and so on.
因此 $car_model 在构建 INSERT 字符串之前变成了一个数组。
我没有检查过你的代码,但将其更改为:
if(!preg_match("/^[a-zA-Z]+$/", $car_make)){
可能会解决您的问题。