我是一个JavaScript的人太深入php(即使这个问题不深)。不能通过参数在PHP中
我在URL中传递两个不同的变量从文件到文件。一个横跨罚款,而另一个没有。
我有2个文件。 upload.php和uploadfiles.php。
该参数有助于构建文件上传到的目的地。
这两个参数是“memberId”和“fileType”。
这里是我将params传递给uploadfiles.php的地方,这段代码位于upload.php上。
它在两个地方。一个用于表单的隐藏输入,另一个作为var传递给Flash脚本。
在形式:
<input name="uploadscript" id="uploadscript" type="hidden" value="/flashuploader/FileProcessingScripts/PHP/uploadfiles.php?memberId=<?php echo $_REQUEST["memberId"] ?>&fileType=<?php echo $_REQUEST["fileType"] ?>" />
在JS:
uploadUrl: '/flashuploader/FileProcessingScripts/PHP/uploadfiles.php?memberId=<?php echo $_REQUEST["memberId"] ?>&fileType=<?php echo $_REQUEST["fileType"] ?>'
我已经在upload.php的是$ _REQUEST [ “文件类型”]确实有正确的值进行测试。
然后我检索PARAMS上uploadfiles.php像这样:
$uploaddir=realpath(dirname(__FILE__) . '/../../../memberimages/') . '/'.$_REQUEST["memberId"].'/My_Files/'.$_REQUEST["fileType"].'/';
帕拉姆“成员”工作正常,但“文件类型”是空的。我敢肯定,这与我在upload.php中通过php添加参数的方式有关,但我没有想法。
这里是html制作并由upload.php返回。您可以看到44和80行上的值看起来是正确的:
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script type="text/javascript">
function mysubmit(type)
{
if(document.getElementById("uploadscript").value=='')
{
window.alert('Enter upload processing script file name!');
return false;
}
if(type=='flash')
{
MultiPowUpload.uploadAll(document.getElementById("uploadscript").value);
document.getElementById("server_reply").value="";
}
else
{
var FormObj = document.getElementById("myform");
FormObj.action = document.getElementById("uploadscript").value;
return true;
}
}
function MultiPowUpload_onComplete(type, index, serverResponse)
{
var reply;
reply = document.getElementById("server_reply");
reply.value += "\nReply for file: " + MultiPowUpload.fileList()[index].name + "\r\n" + serverResponse + "\n";
}
var fileType = 'Video';
function MultiPowUpload_onCompleteAbsolute(type, uploadedBytes)
{
if (fileType == 'Video'){
parent.loadUserVideos();
} else if (fileType == 'Images') {
parent.loadUserImages();
}
}
</script>
<div style="margin-top: -20px">
<input name="uploadscript" id="uploadscript" type="hidden" value="/flashuploader/FileProcessingScripts/PHP/uploadfiles.php?memberId=43&fileType=Video" />
<table width="380" cellpadding="0" cellspacing="0">
<tr>
<td style="position: relative;">
<div id="MultiPowUpload_holder" style="margin-top: 20px">
<table width="380" cellpadding="0" cellspacing="0">
<tr>
<td>
<form id="myform" onSubmit="return mysubmit();"
enctype="multipart/form-data" action="" method="POST">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="106"><span
style="font-family: Arial, Helvetica, sans-serif; font-size: 12px">Select
file:</span></td>
<td width="294"><input name="Filedata" type="file" /></td>
</tr>
</table>
<br>
<input type="submit" value="Upload File" /></form>
</td>
</tr>
</table>
</div>
<!-- <img src="/images/ajax-loader.gif" style="position:absolute; top:40%; left:50%; margin-left:-110px;" /> -->
<!-- SWFObject home page: http://code.google.com/p/swfobject/ --> <script
type="text/javascript" src="/flashuploader/swfobject.js"></script> <script
type="text/javascript">
var params = {
BGColor: "#FFFFFF"
};
var attributes = {
id: "MultiPowUpload",
name: "MultiPowUpload"
};
var flashvars = {
uploadUrl: '/flashuploader/FileProcessingScripts/PHP/uploadfiles.php?memberId=43&fileType=Video',
uploadButtonVisible: "Yes",
useExternalInterface: "Yes",
maxFileSize: "6024000",
maxFileCount: "20",
maxFileSizeTotal: "20480000",
backgroundColor: "#FFFFFF",
buttonTextColor: "#000000",
buttonBackgroundColor: "#F1F1F1",
buttonBottomBorderColor: "#E1E1E1",
buttonTopBorderColor: "#E1E1E1",
buttonDisabledBackgroundColor: "#FFFFFF",
buttonDisabledBottomBorderColor: "#DDDDDD",
buttonDisabledTopBorderColor: "#DDDDDD",
buttonDisabledTextColor: "#DDDDDD",
buttonRollOverBottomBorderColor: "#666666",
buttonRollOverTopBorderColor: "#666666",
buttonDownBottomBorderColor: "#000000",
buttonDownTopBorderColor: "#000000",
buttonDownBottomBackgroundColor: "#FFFFFF",
buttonDownTopBackgroundColor: "#FFFFFF",
listTextSelectedColor: "#000000",
listTextRollOverColor: "#333333",
listRollOverColor: "#DDDDDD",
listDownColor: "#EEEEEE",
listSelectedUpColor: "#EEEEEE",
listSelectedRollOverColor: "#D2D2D2",
listUnuploadedColor: "#777777",
listUploadedColor: "#FFFFFF",
progressBarLeftColor: "#BBBBBB",
progressBarRightColor: "#AAAAAA",
progressBarLeftBorderColor: "#E1E1E1",
progressBarRightBorderColor: "#E1E1E1",
textColor: "#FFFFFF"
};
swfobject.embedSWF("/flashuploader/ElementITMultiPowUpload2.1.swf", "MultiPowUpload_holder", "380", "270", "9.0.0", "/flashuploader/expressInstall.swf", flashvars, params, attributes);
</script></td>
</tr>
</table>
</div>
</body>
感谢您的帮助!
你能粘贴从upload.php生成的html吗?确保变量正确放入uploadUrl JS变量中。 – Ollie 2010-09-10 22:43:36
不允许网站访问者将自己的字符串注入到您的html输出或文件路径中。放置'$ _REQUEST'变量可以导致XSS,欺骗,任意执行等更多 – webbiedave 2010-09-10 22:52:38
@Ollie:完成。 @ webbiedave:它没有用户输入。我传递memberId和fileType,以便上传到正确的位置,具体取决于我使用的上传器。例如图片或视频 – UpHelix 2010-09-10 22:56:50