通过xmlhttprequest将带有userid的字符串与文件一起发送 [英] sending string with userid together with files through xmlhttprequest
问题描述
我使用以下代码上传文件而不刷新我的页面,但我需要将当前登录用户的用户ID与文件一起发送,这些文件存储在$ _SESSION ['UserID']中。
I am using the following code to upload files without refreshing my page but I need to send the userid of the currently logged in user together with the files, which is stored in $_SESSION['UserID'].
var fileSelect = document.getElementById('file');
var files = fileSelect.files;
var formData = new FormData();
var div = document.getElementById('UploadInfo');
// Loop through each of the selected files.
for (var i = 0; i < files.length; i++) {
var file = files[i];
// Check the file type.
if (!file.type.match('image.*')) {
alert("File: " + file.name + " is not an image and will not be uploaded.");
continue;
}
// Add the file to the request.
formData.append('images[]', file, file.name);
}
var xhr = new XMLHttpRequest();
xhr.open('POST', 'Php/upload_file.php', true);
xhr.send(formData);
我尝试使用以下行没有成功,这意味着我没有收到我的用户ID值phpscript,$ _POST为空,$ _FILES仅包含fileinfo。
I have tried using the following line without success, which means i am not recieveing the userid value in my phpscript, $_POST is empty and $_FILES contains only the fileinfo.
formData.append('UserID', '<%=$_SESSION["UserID"] %>');
我还有其他办法吗?
我的PHP代码:
if(isset($_FILES)) {
$numberOfFiles = count($_FILES['images']['name']);
for($id = 0; $id < $numberOfFiles; $id++)
{
if (file_exists($_FILES["images"]["tmp_name"][$id])) {
$destination = "../UploadedImages/" . $_FILES['UserID'] . $_FILES["images"]["name"][$id];
move_uploaded_file($_FILES["images"]["tmp_name"][$id], $destination);
}
}
}
exit();
推荐答案
看起来你需要在PHP脚本中使用$ _POST,你有$ _FILES ['UserID']而不是$ _POST ['UserID']。我还添加了一个检查以查看UserID是否已通过,并添加了变量$ userId,然后如果$ _POST ['UserID']未通过到php脚本,我使用die并发回错误。
It looks like you need to use $_POST in your php script, you had $_FILES['UserID'] instead of $_POST['UserID'] .I also added a check to see if the UserID was passed, and added a variable $userId, then if $_POST['UserID'] did not get passed to the php script, i use die and send back an error.
注意:您应该检查$ _POST ['UserID']以确保它不包含SQL注入脚本或可能导致问题的有害代码。
NOTE: You should be checking $_POST['UserID'] to make sure it doesn't contain SQL injection scripts, or harmful code that can cause issues.
if(isset($_FILES) || isset($_POST)) {
$numberOfFiles = count($_FILES['images']['name']);
$userId = ''; //Create userId variable
//Check if the UserID exists in the autoglobal $_POST
if(array_key_exists('UserID', $_POST) === true) {
//Now we can add UserId to our variable
$userId = $_POST['UserID'];
} else {
die('UserID was not passed');
}
for($id = 0; $id < $numberOfFiles; $id++)
{
if (file_exists($_FILES["images"]["tmp_name"][$id])) {
$destination = $userId . $_FILES["images"]["name"][$id];
move_uploaded_file($_FILES["images"]["tmp_name"][$id], $destination);
}
}
} else {
echo "$_POST and $_FILES dont exist";
}
编辑:修正了一些语法错误,请重新查看代码并制作确定你有最新版本。
Edits: Fixed up some syntax errors, please re look at the code and make sure you have the latest version.
这篇关于通过xmlhttprequest将带有userid的字符串与文件一起发送的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!