Php 在数据库目录中上载图像
我在数据库目录中的图像上载有点问题。图像上载我的头像文件夹,不能显示我的页面,因为问题是在数据库id中,用户名表显示我的数据,但imagelocation表不能显示我的目录。请任何人告诉我,我的代码中有什么问题,请更正它指定行 upload.phpPhp 在数据库目录中上载图像,php,Php,我在数据库目录中的图像上载有点问题。图像上载我的头像文件夹,不能显示我的页面,因为问题是在数据库id中,用户名表显示我的数据,但imagelocation表不能显示我的目录。请任何人告诉我,我的代码中有什么问题,请更正它指定行 upload.php <?php include("connecton.php"); $_SESSION['username']="kyle"; $username = $_SESSION['username']; if($_POST['su
<?php
include("connecton.php");
$_SESSION['username']="kyle";
$username = $_SESSION['username'];
if($_POST['submit'])
{
//get file attribute
$name = $_FILES['myfile']['name'];
$tmp_name = $_FILES['myfile']['tmp_name'];
if($name)
{
//start upload process
$location = "avatars/$name";
move_uploaded_file($tmp_name,$location);
$query = mysql_query("UPDATE users SET imagelocation='$location' WHERE username='$username'");
die("Your avatar has been uploaded! <a href='view.php'>HOme</a>");
}
else
die("Please select a file");
}
echo "Welcome, ".$username."!<p>";
echo "Upload Your Image:
<form action='upload.php' method='POST' enctype='multipart/form-data'>
File: <input type='file' name='myfile'> <input type='submit' name='submit' value='upload!'>
</form>
";
?>
<?php
include("connecton.php");
$username = $_SESSION['username'];
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
if (mysql_num_rows($query)==0)
die ("User not found");
else
{
$row = mysql_fetch_assoc($query);
$location = $row['imagelocation'];
echo "<img src='$location' width='100' height='100'>";
}
?>
upload.php和view.php的第一个php语句应该是:
session_start();
if ($_FILES['myfile']['error'] === UPLOAD_ERR_OK) {
... upload went ok
}
。/../../../../../../../../../../../../some/critical/system/file移动上传的文件()if (!move_uploaded_file(...)) {
die("Move failed!")
}
$stmt = mysql_query(...)
if ($stmt === FALSE) {
die("MySQL query failed: " . mysql_error());
}
if (!move_uploaded_file(...)) {
die("Move failed!")
}
$stmt = mysql_query(...)
if ($stmt === FALSE) {
die("MySQL query failed: " . mysql_error());
}
$filenamef) 您正在执行
选择*FROM…