Fatal编程技术网
  • php/
  • Php 网页上的破绽照片

Php 网页上的破绽照片

php mysql

Php 网页上的破绽照片,php,mysql,Php,Mysql,我可以使用form_upload.php将项目添加到mysql服务器并将照片上载到服务器文件夹中,但照片无法显示在view_data.php上。我已经将文件权限设置为777,但仍然不工作 这是我的表单_uploadphp和view _data.php: <!DOCTYPE html> <html> <link href="style.css" rel="stylesheet" type="text/css"> <style type="text/css"

我可以使用form_upload.php将项目添加到mysql服务器并将照片上载到服务器文件夹中,但照片无法显示在view_data.php上。我已经将文件权限设置为777,但仍然不工作

这是我的表单_uploadphp和view _data.php:

<!DOCTYPE html>
<html>
<link href="style.css" rel="stylesheet" type="text/css">
<style type="text/css">
</style>
<title>Image Upload</title>
<body>
<div id="container">
    <div class="content">
        <form action="form_upload.php" method="post" enctype="multipart/form-data">
        <fieldset>
        <table width="350" border="0" align="center">
        <legend>Image Information Entry

          <tr><td><label>Title<span class="required">*</span></label></td>
          <td align="center"><input type="text" name="title" placeholder="title"></br></td></tr>

          <tr><td><label>Description<span class="required">*</span></label></td>
          <td align="center"><input type="text" name="description" placeholder="description"></br></td></tr>

          <tr><td><label>Username<span class="required">*</span></label></td>
          <td align="center"><input type="text" name="username" placeholder="username"></br></td></td>

          <tr><td><label>Mobile Number<span class="required">*</span></label></td>
          <td align="center"><input type="text" name="mobilenumber" class="input-small" placeholder="mobilenumber"></br></td></tr>

          <tr><td><label>Address<span class="required">*</span></label></td>
          <td align="center"><input type="text" name="address" class="input-xlarge" placeholder="address"></br></td></tr>

          <tr><td><label for="file">Upload Image:</label></td>
          <td align="right"><input type="file" name="file" id="file"><br></td></tr>  
          <tr><td>&nbsp;  </td></tr>
        <tr><td colspan="2" align="center"><button type="submit" name="submit" class="btn">Submit</button>
        <a href="view_data.php?o=0" class="btn btn-primary">View Gallery</a></td></tr>

<tr><td colspan="2"> &nbsp </td></tr>      
<tr><td colspan="2" align="center">        
<?php
if(isset($_REQUEST['submit']))
{
$con=mysqli_connect("local","user","pass","table");

        // Check connection
        if (mysqli_connect_errno())
          {
          echo "Failed to connect to MySQL: " . mysqli_connect_error();
          }
        $allowedExts = array("gif", "jpeg", "jpg", "png");
        $temp = explode(".", $_FILES["file"]["name"]);
        $extension = end($temp);
        $title=$_POST['title'];
        $description=$_POST['description'];
        $username=$_POST['username'];
        $mobilenumber=$_POST['mobilenumber'];
        $address=$_POST['address'];
        $file=$_FILES["file"]["name"];
        $size= $_FILES["file"]["size"];

if( empty($title) || empty($description) || empty($mobilenumber) || empty($address) || empty($file))
{
    echo "<label class='err'>All field is required</label>";
}
    elseif(!is_numeric($mobilenumber))
    {
    echo "<label class='err'>Mobile number must be numeric</label>";
    }
    elseif($size >40000)
    {
        echo "<label class='err'> Image size must not greater than 40kb </label>";
    }
        if ((($_FILES["file"]["type"] == "image/gif")
        || ($_FILES["file"]["type"] == "image/jpeg")
        || ($_FILES["file"]["type"] == "image/jpg")
        || ($_FILES["file"]["type"] == "image/pjpeg")
        || ($_FILES["file"]["type"] == "image/x-png")
        || ($_FILES["file"]["type"] == "image/png"))
        && ($_FILES["file"]["size"] < 40000)
        && in_array($extension, $allowedExts)) 
        {
          if ($_FILES["file"]["error"] > 0) 
          {
            echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
          } 

                if (file_exists("/test/upload" . $_FILES["file"]["name"])) 
                {
                  echo $_FILES["file"]["name"] . "Image upload already exist. ";
                } 
                else
                {
                  move_uploaded_file($_FILES["file"]["tmp_name"],
                  "/home/tz005/public_html/test/upload/" . $_FILES["file"]["name"]);
                  mysqli_query($con,"INSERT INTO item_image (title, description, username, mobilenumber, address, filename)
                    VALUES ('$title', '$description', '$username', '$mobilenumber', '$address', '$file')");
                echo "Image Information Successfully Saved!";
                }

        }
    mysqli_close($con);
}
?>
</td></tr>
        </legend>
        </table>
        </fieldset>
        </form>
    </div>
  <div class="footer"></div>
</div>
</body>
</html>

<!DOCTYPE html>
<html>
<link href="style.css" rel="stylesheet" type="text/css">
<style type="text/css">
</style>
<title>view image information</title>
<body>
<div id="container">
    <div class="con2">
    <?php
        $con=mysqli_connect("server","user","pass","table");

        if (is_numeric($_GET['o']))
        {
            $o=$_GET['o'];
        }else {
            $o=0;
            }

        if ($o >=1){
            $prev=$o-1;
            } else{
                $prev=0;
            }


        $query=mysqli_query($con,"SELECT * FROM item_image LIMIT $o, 1");
        $get_pic=mysqli_fetch_assoc($query);

        $query2=mysqli_query($con,"SELECT imageid FROM item_image");
        $get_pic2=mysqli_fetch_assoc($query2);
        $total=mysqli_num_rows($query2);

        if ($o <=$total){$next=$o+1;}

    ?>
    <?php do { ?>
    <table align="center" width="300" border=".5" bordercolor="#0B615E">
        <tr> <td colspan="2" align="center"><?php echo '<img src="/home/tz005/public_html/test/upload/filename' . $get_pic['filename'] . '" width="200" height="200"> '; ?></td></tr>
        <tr><td width="60"> Details: </td> <td align="left" bordercolor="#0B615E"> <?php echo $get_pic['title']; ?>  &nbsp
        <?php echo $get_pic['description'];?>  &nbsp
      <?php echo $get_pic['username'];?> </td></tr>
        <tr><td width="60"> Mobile number:</td> <td align="left"><?php echo $get_pic['mobilenumber']; ?></td></tr>
        <tr><td width="60"> Address: </td> <td align="left"><?php echo $get_pic['address']; ?></td></tr>
    <tr><td colspan="2" align="center"> 
    <?php
    } while ($get_pic=mysqli_fetch_assoc($query));
    ?>
    <?php if ($o>0){ ?>
    <span><a href="view_data.php?o=<?php echo $prev; ?>">Previous</a></span> 
    <?php } ?>
    <?php if ($o < ($total - 1)){ ?>
    <span><a href="view_data.php?o=<?php echo $next; ?>">Next</a></span>
    <?php } ?>

    <?php
        mysqli_close($con);
    ?>
    </td><tr>
    <tr><td colspan="2"> &nbsp </td></tr>
    <tr>
      <td colspan="2" align="center"><a href="form_upload.php"> Back to Image Information Entry</td></tr>
    </table>
    </div>

</div>
</body>
</html>


图像上传
图像信息输入
头衔*


描述*


用户名*


手机号码*


地址*


上载图像:


提交
 

您的图像标记指向您的文件系统,它需要指向URL:


<img src="/home/tz005/public_html/test/upload/filename' . $get_pic['filename'] . '"




您可能应该将其更改为:


<img src="/test/upload/'.$get_pic['filename'].'"



“破解照片”?什么。。。是在旧阁楼里发现的东西吗?更具体一点。将错误报告添加到文件顶部
错误报告(E_ALL);ini设置(“显示错误”,1)
并使用
var_dump()
对此进行故障排除。“我已经将文件权限设置为777,但仍然不起作用。”这是每一个网站被无聊的人入侵并对您的服务器运行攻击脚本的人的著名遗言。请不要这样做,因为这永远不是解决方案。抱歉,无法在网页中显示图片。此
/home/tz005/public\u html/test/upload/
可能不是绝对路径。根据文件夹的位置,使用相对路径
test/upload/
。/test/upload/
。甚至
/test/upload/
3分钟。之前。甚至没有对我的评论投赞成票,也没有@Dagon boohoo——一些人的神经。