What is the purpose of creating the folder and not uploading the image in sequence? [closed]

Question

What is the purpose of creating the folder and not uploading the image in sequence? [closed]

Navigation

#1 by (2 votes)

0

if ($_POST['salvar']) {
$titulo = $_POST['titulo'];
$conteudo = $_POST['conteudo'];
$imagem = $_POST['imagem'];
 // titulo duplicado
$sql = "SELECT * FROM noticias WHERE (titulo=:titulo)";
$stmt = DB::prepare($sql);
$stmt->bindParam("titulo", $titulo);
$stmt->execute();
$noticias = $stmt->fetch();

if ($noticias)
    $erro = setError("Esse titulo da noticia ja existe !!! Altere o titulo");
else {
     $sqlInsert = "INSERT INTO noticias (titulo,conteudo) VALUES (:titulo,:conteudo)";
    $stmt = DB::prepare($sqlInsert);
    $stmt->bindParam("titulo", $titulo);
    $stmt->bindParam("conteudo", $conteudo);
    $stmt->execute();

    $ultimoid = DB::lastInsertId();
    $dir = "../imagens/$ultimoid";
    @mkdir("$dir", 0777);
    $uploaddir = "$dir/";

   **// a parte de upload da imagem nao funciona  ** 

    @move_uploaded_file($_FILES['imagem']['tmp_name'], $uploaddir . $_FILES['imagem']['name'])) {
    $imagem = $_FILES['foto']['name'];


   **// a parte de upload da imagem nao funciona**

    $sqlInsert = "UPDATE noticias SET imagem=:imagem WHERE idnoticia=$ultimoid";
    $stmt = DB::prepare($sqlInsert);
    $stmt->bindParam("imagem", $imagem);
    $stmt->execute();
}

if (DB::lastInsertId()) {
    setMessage("Notícia cadastrado com sucesso. ");
    redirect("noticiasListar.php");
} else {
    $erro = setError("Algum erro aconteceu");
}

}

Just remembering that I already researched and tried other alternatives and none of the image go to the blessed folder

php sql pdo

asked by anonymous 04.01.2015 / 00:53

1 answer

How to download files in Cakephp? Put pointer on the second line to write?

score 2 · Answer 1

Your indentation and markup are bad (sorry sincerity) if failures do not happen is by sheer luck.

Returning to the subject, there are the following problem with your code:

@ to omit errors is lousy, do not omit errors when in development environment.

Handle errors with if and else

Close% s of% s in the same pattern, do not use IF in one place and another if (...) echo 1;

Indentation helps yourself to understand the code and avoid errors.

In production environments to omit the errors use if (...) { ... }

There is error_reporting(0); at the end of { which has no logic (I'll assume it was a typo in the question)

As I said your code does not have ERROR TREATMENT , this is simple to do, just create @move_uploaded_file($_FILES['imagem']['tmp_name'], $uploaddir . $_FILES['imagem']['name'])) { for everything that is possible.

For example else and mkdir return move_uploaded_file or boolean or TRUE , use this in your favor.

Example:

error_reporting(E_ALL|E_STRICT);//Apenas para ambiente de desenvolvimento, em ambiente de produção comente está linha
//error_reporting(0);//Em ambiente de produção remova o comentário do inicio desta linha

...

$dir = "../imagens/$ultimoid";
if (mkdir($dir, 0777) === FALSE) {
    echo 'Erro ao criar a pasta: ', $dir, '<br>';
    exit;// é apenas um exemplo
} else {

    $uploaddir = $dir . '/';

    if(FALSE === move_uploaded_file($_FILES['imagem']['tmp_name'], $uploaddir . $_FILES['imagem']['name'])) {
        echo 'Ao subir o arquivo para: ', $uploaddir , $_FILES['imagem']['name'], '<br>';
        exit;// é apenas um exemplo
    } else {
        $imagem = $_FILES['foto']['name'];
    }
...

Note that HIGH is recommended that you use FALSE of the last rollback (if you are using innoDB) to avoid having multiple records if data exists.

If you are not using INSERT (or any other engine compatible with innoDB ) you will have to use rollback for an error to occur during upload.

Example of rollback (only works on InnoDB or engines that support DELETE ):

MyISAM does not support rollback

Detail, within your class you should add something like rollback , this will stop auto-commit .

The code should look something like:

$ok = FALSE;

$sqlInsert = "INSERT INTO noticias (titulo,conteudo) VALUES (:titulo,:conteudo)";
$stmt = DB::prepare($sqlInsert);
$stmt->bindParam("titulo", $titulo);
$stmt->bindParam("conteudo", $conteudo);
$stmt->execute();

$ultimoid = DB::lastInsertId();

$dir = "../imagens/$ultimoid";
if (mkdir($dir, 0777) === FALSE) {
    echo 'Erro ao criar a pasta: ', $dir, '<br>';
    exit;//Recomendável que você use rollback neste ponto
} else {

    $uploaddir = $dir . '/';

    if(FALSE === move_uploaded_file($_FILES['imagem']['tmp_name'], $uploaddir . $_FILES['imagem']['name'])) {
        echo 'Ao subir o arquivo para: ', $uploaddir , $_FILES['imagem']['name'], '<br>';
        exit;//Recomendável que você use rollback neste ponto
    } else {
        $imagem = $_FILES['foto']['name'];
    }
...
//Após testar todas Ifs incluindo das queries executadas, você deve setar TRUE
$ok = TRUE;
...
//Isto deve ficar no final do código
if ($ok === TRUE) {
    $mysqli->commit();//Se TRUE então "commita" os dados no DB
} else {
    $mysqli->rollback();//Desfaz mudanças
}

You should also create IFs for every $mysqli->autocommit(FALSE);