php文件上载到mysql数据库不使用pdf文件
我已经创建了一个文件上传,它将文件存储在mysql数据库中,除了PDF之外,所有文件类型都可以正常工作 MySQL数据库结构:php文件上载到mysql数据库不使用pdf文件,php,html,mysql,pdf,Php,Html,Mysql,Pdf,我已经创建了一个文件上传,它将文件存储在mysql数据库中,除了PDF之外,所有文件类型都可以正常工作 MySQL数据库结构: CREATE TABLE IF NOT EXISTS `pdfupload` ( `id` int(12) NOT NULL, `name` varchar(100) NOT NULL, `type` varchar(100) NOT NULL, `size` int(12) NOT NULL, `content` longblob NOT NUL
CREATE TABLE IF NOT EXISTS `pdfupload`
(
`id` int(12) NOT NULL,
`name` varchar(100) NOT NULL,
`type` varchar(100) NOT NULL,
`size` int(12) NOT NULL,
`content` longblob NOT NULL
)
这是我上传文件的代码
<!DOCTYPE html>
<body>
<form method="post" enctype="multipart/form-data">
<table width="350" border="0" cellpadding="1" cellspacing="1" class="box">
<tr>
<td width="246">
<input type="hidden" name="MAX_FILE_SIZE" value="20000000">
<input name="userfile" type="file" id="userfile">
</td>
<td width="80"><input name="upload" type="submit" class="box" id="upload"
value=" Upload "></td>
</tr>
</table>
</form>
<?php
include 'connect-db.php';
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$fp = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
}
$query = "INSERT INTO pdfupload
(name, size, type, content )
VALUES ('$fileName', '$fileSize', '$fileType', '$content')";
mysql_query($query) or die('Error, query failed');
echo "<br>File $fileName uploaded<br>";
}
?>
</body>
</html>
使用mysql\u real\u escape\u字符串
mysql\u real\u escape\u字符串(fread($instr,filesize($fileName))代码>
而不是
addslashes为通常令人不安的字符添加斜线。mysql\u real\u escape\u字符串将转义mysql需要转义的任何内容。这可能比addslashes处理的字符多或少
此外,mysql\u real\u escape\u字符串不一定会添加斜杠来转义。虽然我认为这样做是可行的,但MySQL的最新版本通过将两个转义引号放在一起而不是在前面加斜杠来转义引号
我认为您应该始终使用数据提供程序的转义函数,而不是addslashes,因为addslashes可能会为您使用它做太多或不够的工作。另一方面,mysql\u real\u escape\u string知道如何准备字符串以将其嵌入查询中。即使有关如何转义内容的规范发生了变化,并且突然不再使用反斜杠,您的代码仍然可以工作,因为mysql\u real\u escape\u字符串将知道您可以尝试使用mysqlLOAD\u FILE()
语法将PDF文件加载到表内容
列中
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
include 'connect-db.php';
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$message = '';
switch ($_FILES['userfile']['error']) {
case UPLOAD_ERR_INI_SIZE:
$message = "The uploaded file exceeds the upload_max_filesize directive in php.ini";
break;
case UPLOAD_ERR_FORM_SIZE:
$message = "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form";
break;
case UPLOAD_ERR_PARTIAL:
$message = "The uploaded file was only partially uploaded";
break;
case UPLOAD_ERR_NO_FILE:
$message = "No file was uploaded";
break;
case UPLOAD_ERR_NO_TMP_DIR:
$message = "Missing a temporary folder";
break;
case UPLOAD_ERR_CANT_WRITE:
$message = "Failed to write file to disk";
break;
case UPLOAD_ERR_EXTENSION:
$message = "File upload stopped by extension";
break;
default:
$message = "Unknown upload error";
}
}
if ( $message != '' ) {
echo $message;
exit;
}
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$query = "INSERT INTO pdfupload
(name, size, type, content )
VALUES ( '$fileName',
'$fileSize',
'$fileType',
LOAD_FILE($tmpName)
)";
$res = mysql_query($query);
if ( ! $res ) {
echo 'Query failed with error : ' . mysql_error();
exit;
}
}
您可能需要库来实现这一点,例如。看看这个问题可能会对你有所帮助
如何通过fread($fp,filesize($tmpName));读取pdf文件?你认为自己是对的吗?对不起,我不明白你想说什么。请注意:使用mysql\uu
函数删除,因为它已被弃用,并迁移到mysqli\u
对象或PDO
对象。我建议不要在数据库中存储这样的文件。如果需要使用addslashes()
来存储该文件,则该文件不再是pdf文件,当您尝试从数据库中读回并将其视为pdf文件时,它将不起作用,而且在任何人建议stripslashes()
将准确撤销addslashes
所做的操作之前。我打赌它不会与一个像PDF一样复杂的文件!尝试更改mysql_查询($query)或die('Error,query failed')
这样它就可以实际输出真正的错误,比如mysql\u query($query)或die(mysql\u error())
这可能就是诊断问题所需的全部内容,$instr
在哪里,OP问题中的“latest.img”
是什么。答案应该与问题相关,而不仅仅是你在某处找到的一些代码的复制/粘贴!还有一些关于为什么mysql\u real\u escape\u string()优于addslashes()的说明
也有助于做出完整的回答任何在@mysql.*
函数调用前面使用@
的教程都应该受到应有的完全不尊重。我已经尝试按照建议使用mysql\u real\u escape字符串,然后将其更改为:$content=mysql\u real\u escape\u字符串(fread($content,filesize(“”));现在出现错误消息“fread()期望参数1是资源,字符串给定”Make itmysql\u real\u escape\u string(fread($fp,filesize($fileName)))
他没有真正注意到仍然没有运气,与以前一样,没有输出错误消息,但文件没有上载,但是在尝试上载通常可以工作的文件时,输出以下消息:警告:filesize():stat在C:\xampp\htdocs\Intranet\upload.php的第27行中为IMG_1162.JPG失败警告:fread():第27行的C:\xampp\htdocs\Intranet\upload.php中的Length参数必须大于0您的SQL语法有错误;请查看与MySQL服务器版本对应的手册,以了解在第1行的“”附近使用的正确语法,并且文件也未上载此方法也不起作用,尽管没有必须纠正的错误越来越好…mysql_错误不再输出。请尝试将两个错误报告行添加到脚本顶部。查看是否有更多的提示。在尝试上载pdf文件时,错误报告中完全没有显示任何内容。对于任何其他文件,屏幕上显示以下错误:-查询失败,出现错误:您的SQL中有错误语法;检查与您的MySQL服务器版本对应的手册,以获得在第6Ok行的“:\xampp\tmp\php2783.tmp))”附近使用的正确语法。添加上传错误处理代码,看看这是否告诉我们任何事实,错误消息似乎是说不知何故您从文件名的前面切掉了驱动器号
????我不知道你的代码实际上是什么样子的,因为我不知道你保留了哪些建议,也不知道你放弃了哪些建议不尝试读取文件,只是尝试将其存储在数据库中
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
include 'connect-db.php';
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$message = '';
switch ($_FILES['userfile']['error']) {
case UPLOAD_ERR_INI_SIZE:
$message = "The uploaded file exceeds the upload_max_filesize directive in php.ini";
break;
case UPLOAD_ERR_FORM_SIZE:
$message = "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form";
break;
case UPLOAD_ERR_PARTIAL:
$message = "The uploaded file was only partially uploaded";
break;
case UPLOAD_ERR_NO_FILE:
$message = "No file was uploaded";
break;
case UPLOAD_ERR_NO_TMP_DIR:
$message = "Missing a temporary folder";
break;
case UPLOAD_ERR_CANT_WRITE:
$message = "Failed to write file to disk";
break;
case UPLOAD_ERR_EXTENSION:
$message = "File upload stopped by extension";
break;
default:
$message = "Unknown upload error";
}
}
if ( $message != '' ) {
echo $message;
exit;
}
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$query = "INSERT INTO pdfupload
(name, size, type, content )
VALUES ( '$fileName',
'$fileSize',
'$fileType',
LOAD_FILE($tmpName)
)";
$res = mysql_query($query);
if ( ! $res ) {
echo 'Query failed with error : ' . mysql_error();
exit;
}
}