Php 将图像上载到MySQL数据库时出现问题,它赢得了';不创建条目,但将映像上载到服务器
所以我已经在这方面工作了一段时间,我不知道如何将它插入数据库。映像上载并存储在servers imgs目录中,但在数据库中找不到任何跟踪。根本没有错误。我很清楚SQL注入的弱点,但这是一个用于原型的私有项目,所以我现在只针对功能。 这到底为什么不起作用?我觉得它可能会跳过sql查询,但我不明白为什么Php 将图像上载到MySQL数据库时出现问题,它赢得了';不创建条目,但将映像上载到服务器,php,mysql,Php,Mysql,所以我已经在这方面工作了一段时间,我不知道如何将它插入数据库。映像上载并存储在servers imgs目录中,但在数据库中找不到任何跟踪。根本没有错误。我很清楚SQL注入的弱点,但这是一个用于原型的私有项目,所以我现在只针对功能。 这到底为什么不起作用?我觉得它可能会跳过sql查询,但我不明白为什么 <?php error_reporting(E_ALL); ini_set('display_errors', 1); $conn = new PDO ("mysql:host
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
$conn = new PDO ("mysql:host=localhost;dbname=project", "root", "0612733771Aa");
try {
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
if(!isset($_FILES['upload']) || $_FILES['upload']['error'] == UPLOAD_ERR_NO_FILE) {
echo "Error no file selected";
}
else {
$filename = $_FILES['upload']['name']; //yes
$filetype = $_FILES['upload']["type"]; //yes
$title = $_POST['title'];
$description = $_POST['description'];
$category = $_POST['category'];
$dir = "imgs/";
$filetarget = $dir . basename($_FILES['upload']['name']);
$allowed = array("jpg" => "image/jpg", "jpeg" => "image/jpeg", "gif" => "image/gif", "png" => "image/png");
$ext = pathinfo($filetarget, PATHINFO_EXTENSION);
if(!array_key_exists($ext, $allowed)) {
echo "Please select a valid file.";
exit;
}
$conn->query = ("INSERT INTO images (title, image, description, category) VALUES ('$title', '$filename', '$description', '$category')");
if (move_uploaded_file($_FILES['upload']['tmp_name'], $filetarget)) {
echo "The file ". basename( $_FILES['upload']['name']). " has been uploaded.";
}
else {
print "File was not uploaded.";
exit;
}
}
?>
多亏@Fred ii的帮助,我找到了解决方案-问题是我没有使用预先准备好的语句,更新的代码。我必须将整个代码切换到一个准备好的语句,并利用PDO::PARAM_LOB将一个大blob提交到数据库中
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
$fp = fopen($_FILES['upload']['tmp_name'], 'rb');
$filetype = $_FILES['upload']["type"]; //yes
$title = $_POST['title'];
$description = $_POST['description'];
$category = $_POST['category'];
$dir = "imgs/";
$filetarget = $dir . basename($_FILES['upload']['name']);
$allowed = array("jpg" => "image/jpg", "jpeg" => "image/jpeg", "gif" => "image/gif", "png" => "image/png");
$ext = pathinfo($filetarget, PATHINFO_EXTENSION);
$conn = new PDO ("mysql:host=localhost;dbname=project", "root", "0612733771Aa");
$stmt = $conn->prepare("INSERT INTO images (title, image, description, category) VALUES ('$title', '$fp', '$description', '$category')");
try {
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
if(!isset($_FILES['upload']) || $_FILES['upload']['error'] == UPLOAD_ERR_NO_FILE) {
echo "Error no file selected";
}
else {
if(!array_key_exists($ext, $allowed)) {
echo "Please select a valid file.";
exit;
}
$stmt->bindParam(1, $title);
$stmt->bindParam(2, $fp, PDO::PARAM_LOB);
$stmt->bindParam(3, $description);
$stmt->bindParam(4, $category);
$conn->beginTransaction();
$stmt->execute();
$conn->commit();
if (move_uploaded_file($_FILES['upload']['tmp_name'], $filetarget)) {
echo "The file ". basename( $_FILES['upload']['name']). " has been uploaded.";
}
else {
print "File was not uploaded.";
exit;
}
}
?>
数据库中是否添加了任何内容?或者只是一个字段?顺便说一句,不知道为什么这里有括号$conn->query=(“插入…”)没有向数据库添加任何内容,只有servers imgs文件夹。就像我在大学里被教的那样,为我所做的其他脚本工作,是否值得删除它们?确保所有列都足够长并且类型正确;这可能是无声的失败。这是一个链接到我的数据库的屏幕截图,一切都应该是好的,但我是新的,有点超出我的深度。很好,但是。。。有人会认为我被邀请发布答案;-)对不起,我不想在这里偷走你的荣耀!,我只是觉得这对未来的用户很有用。“不要在这里偷走你的荣誉”-相信我,这与荣誉无关。有人可能会认为弗雷德会知道“of”和“have”之间的区别-这只是生活中的另一个小小失望。;-)