Php 如何将图像文件名内爆到mysql数据库中
我正在将多个图像上载到我的sql数据库,但我的内爆方法不起作用Php 如何将图像文件名内爆到mysql数据库中,php,mysql,Php,Mysql,我正在将多个图像上载到我的sql数据库,但我的内爆方法不起作用 if(isset($_POST['submit'])) { $id = $_POST['id']; for($i = 0; $i < count($_FILES['file_upload']['name']); $i++){ $filetmp = $_FILES['file_upload']['tmp_name'][$i]; $filename = basename($_FIL
if(isset($_POST['submit'])) {
$id = $_POST['id'];
for($i = 0; $i < count($_FILES['file_upload']['name']); $i++){
$filetmp = $_FILES['file_upload']['tmp_name'][$i];
$filename = basename($_FILES['file_upload']['name'][$i]);
$filetype = $_FILES['file_upload']['type'][$i];
$filepath = "../images/".$filename;
move_uploaded_file($filetmp,$filepath);
}
$mainfiles = implode(", ", $filename);
$sql = "INSERT INTO pictures2 (";
$sql .= "image, photograph_id";
$sql .= ") VALUES ('";
$sql .= $database->escape_character($mainfiles) ."', '";
$sql .= $id ."')";
$result = $database->query($sql);
if($result){
$session->message('<div class="success-msg">Pictures uploaded sucessfully.</div>');
}
}
if(isset($\u POST['submit'])){
$id=$_POST['id'];
对于($i=0;$i<计数($\u文件['file\u upload']['name']);$i++){
$filetmp=$\u文件['file\u upload']['tmp\u name'][$i];
$filename=basename($\u FILES['file\u upload']['name'][$i]);
$filetype=$\u文件['file\u upload']['type'][$i];
$filepath=“../images/”$filename;
移动上传的文件($filetmp,$filepath);
}
$mainfiles=内爆(“,”,$filename);
$sql=“插入图片2(”;
$sql.=“图像、照片和id”;
$sql.=”)值(“”;
$sql.=$database->escape_字符($mainfiles)。“,”;
$sql.=$id.“)”;
$result=$database->query($sql);
如果($结果){
$session->message('图片上传成功');
}
}
$filename
应该是一个数组。您正在将字符串传递给内爆函数。像这样做
if(isset($_POST['submit'])) {
$id = $_POST['id'];
$filename= [];
for($i = 0; $i < count($_FILES['file_upload']['name']); $i++){
$filetmp = $_FILES['file_upload']['tmp_name'][$i];
$filename[] = basename($_FILES['file_upload']['name'][$i]);
$filetype = $_FILES['file_upload']['type'][$i];
$filepath = "../images/".$filename[$i];
move_uploaded_file($filetmp,$filepath);
}
$mainfiles = implode(", ", $filename);
$sql = "INSERT INTO pictures2 (";
$sql .= "image, photograph_id";
$sql .= ") VALUES ('";
$sql .= $database->escape_character($mainfiles) ."', '";
$sql .= $id ."')";
$result = $database->query($sql);
if($result){
$session->message('<div class="success-msg">Pictures uploaded sucessfully.</div>');
}
}
if(isset($\u POST['submit'])){
$id=$_POST['id'];
$filename=[];
对于($i=0;$i<计数($\u文件['file\u upload']['name']);$i++){
$filetmp=$\u文件['file\u upload']['tmp\u name'][$i];
$filename[]=basename($_FILES['file\u upload']['name'][$i]);
$filetype=$\u文件['file\u upload']['type'][$i];
$filepath=“../images/”$filename[$i];
移动上传的文件($filetmp,$filepath);
}
$mainfiles=内爆(“,”,$filename);
$sql=“插入图片2(”;
$sql.=“图像、照片和id”;
$sql.=”)值(“”;
$sql.=$database->escape_字符($mainfiles)。“,”;
$sql.=$id.“)”;
$result=$database->query($sql);
如果($结果){
$session->message('图片上传成功');
}
}
希望这有帮助。
$filename
应该是一个数组。您正在将字符串传递给内爆函数。像这样做
if(isset($_POST['submit'])) {
$id = $_POST['id'];
$filename= [];
for($i = 0; $i < count($_FILES['file_upload']['name']); $i++){
$filetmp = $_FILES['file_upload']['tmp_name'][$i];
$filename[] = basename($_FILES['file_upload']['name'][$i]);
$filetype = $_FILES['file_upload']['type'][$i];
$filepath = "../images/".$filename[$i];
move_uploaded_file($filetmp,$filepath);
}
$mainfiles = implode(", ", $filename);
$sql = "INSERT INTO pictures2 (";
$sql .= "image, photograph_id";
$sql .= ") VALUES ('";
$sql .= $database->escape_character($mainfiles) ."', '";
$sql .= $id ."')";
$result = $database->query($sql);
if($result){
$session->message('<div class="success-msg">Pictures uploaded sucessfully.</div>');
}
}
if(isset($\u POST['submit'])){
$id=$_POST['id'];
$filename=[];
对于($i=0;$i<计数($\u文件['file\u upload']['name']);$i++){
$filetmp=$\u文件['file\u upload']['tmp\u name'][$i];
$filename[]=basename($_FILES['file\u upload']['name'][$i]);
$filetype=$\u文件['file\u upload']['type'][$i];
$filepath=“../images/”$filename[$i];
移动上传的文件($filetmp,$filepath);
}
$mainfiles=内爆(“,”,$filename);
$sql=“插入图片2(”;
$sql.=“图像、照片和id”;
$sql.=”)值(“”;
$sql.=$database->escape_字符($mainfiles)。“,”;
$sql.=$id.“)”;
$result=$database->query($sql);
如果($结果){
$session->message('图片上传成功');
}
}
希望这有帮助。做了这样的更改,我正在考虑
$id
是你的照片\u id
if (isset($_POST['submit'])) {
$id = $_POST['id'];
for ($i = 0; $i < count($_FILES['file_upload']['name']); $i++) {
$filetmp = $_FILES['file_upload']['tmp_name'][$i];
$filename[] = [$id, basename($_FILES['file_upload']['name'][$i])]; // here changes
$filetype = $_FILES['file_upload']['type'][$i];
$filepath = "../images/" . $filename;
move_uploaded_file($filetmp, $filepath);
}
// I made changes at below code
$valueStr = array_map(function ($item) {
return "('" . implode("','", $item) . "'),"; // to convert into `,` separated values
}, $filename);
$mainfiles = rtrim(implode("", $valueStr), ','); // removing right training `,`
$sql = "INSERT INTO pictures2 (";
$sql .= "image, photograph_id";
$sql .= ") VALUES ('";
$sql .= $database->escape_character($mainfiles) . "', '";
$sql .= $id . "')";
$result = $database->query($sql);
if ($result) {
$session->message('<div class="success-msg">Pictures uploaded sucessfully.</div>');
}
}
if(isset($\u POST['submit'])){
$id=$_POST['id'];
对于($i=0;$i<计数($\u文件['file\u upload']['name']);$i++){
$filetmp=$\u文件['file\u upload']['tmp\u name'][$i];
$filename[]=[$id,basename($\u FILES['file\u upload']['name'][$i]);//此处更改
$filetype=$\u文件['file\u upload']['type'][$i];
$filepath=“../images/”$filename;
移动上传的文件($filetmp,$filepath);
}
//我在下面的代码中进行了更改
$valueStr=数组映射(函数($item){
返回“(”。内爆(“,”,$item)。“),;//要转换为“,”分隔值
},$filename);
$mainfiles=rtrim(内爆(“,$valueStr),',”);//删除正确的训练``
$sql=“插入图片2(”;
$sql.=“图像、照片和id”;
$sql.=”)值(“”;
$sql.=$database->escape_字符($mainfiles)。“,”;
$sql.=$id.“)”;
$result=$database->query($sql);
如果($结果){
$session->message('图片上传成功');
}
}
做了这样的更改,我在考虑$id
是你的照片\u id
if (isset($_POST['submit'])) {
$id = $_POST['id'];
for ($i = 0; $i < count($_FILES['file_upload']['name']); $i++) {
$filetmp = $_FILES['file_upload']['tmp_name'][$i];
$filename[] = [$id, basename($_FILES['file_upload']['name'][$i])]; // here changes
$filetype = $_FILES['file_upload']['type'][$i];
$filepath = "../images/" . $filename;
move_uploaded_file($filetmp, $filepath);
}
// I made changes at below code
$valueStr = array_map(function ($item) {
return "('" . implode("','", $item) . "'),"; // to convert into `,` separated values
}, $filename);
$mainfiles = rtrim(implode("", $valueStr), ','); // removing right training `,`
$sql = "INSERT INTO pictures2 (";
$sql .= "image, photograph_id";
$sql .= ") VALUES ('";
$sql .= $database->escape_character($mainfiles) . "', '";
$sql .= $id . "')";
$result = $database->query($sql);
if ($result) {
$session->message('<div class="success-msg">Pictures uploaded sucessfully.</div>');
}
}
if(isset($\u POST['submit'])){
$id=$_POST['id'];
对于($i=0;$i<计数($\u文件['file\u upload']['name']);$i++){
$filetmp=$\u文件['file\u upload']['tmp\u name'][$i];
$filename[]=[$id,basename($\u FILES['file\u upload']['name'][$i]);//此处更改
$filetype=$\u文件['file\u upload']['type'][$i];
$filepath=“../images/”$filename;
移动上传的文件($filetmp,$filepath);
}
//我在下面的代码中进行了更改
$valueStr=数组映射(函数($item){
返回“(”。内爆(“,”,$item)。“),;//要转换为“,”分隔值
},$filename);
$mainfiles=rtrim(内爆(“,$valueStr),',”);//删除正确的训练``
$sql=“插入图片2(”;
$sql.=“图像、照片和id”;
$sql.=”)值(“”;
$sql.=$database->escape_字符($mainfiles)。“,”;
$sql.=$id.“)”;
$result=$database->query($sql);
如果($结果){
$session->message('图片上传成功');
}
}
从何处获取照片\u id
以保存到表中?$filename
必须是数组才能与内爆
一起使用。您的代码易受SQL注入攻击。你应该使用预先准备好的语句。@Dharman我在其他地方有我的转义函数。。。这不是我要问的,这是我担心的。你不应该逃跑;您根本不应该将数据放入SQL。这很可能是你的问题的原因。我看不到该函数内部发生了什么。您将从何处获取照片\u id
以保存到表中?$filename
必须是数组才能与内爆
一起使用。您的代码易受SQL注入攻击。你应该使用预先准备好的语句。@Dharman我在其他地方有我的转义函数。。。这不是我要问的,这是我担心的。你不应该逃跑;