当从数据库中提取时,我在生成的链接中收到错误 image of error
这里是获取图片的代码
echo "<img src='uploads/$row[img].jpg' height='150px' width='300px'>";
下面是上传图片到数据库的文件代码
<?php
$servername = "localhost";
$dbUsername = "root";
$dbname = "property";
$dbPassword = "";
$location = $_POST["location"];
$street = $_POST["street"];
$city = $_POST["city"];
$province = $_POST["province"];
$type = $_POST["type"];
$price = $_POST["price"];
$beds = $_POST["beds"];
$isforsale = $_POST["isforsale"];
$flag = "";
$last_id="";
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
$image=basename( $_FILES["fileToUpload"]["name"],".jpg");
$conn = new mysqli($servername, $dbUsername, $dbPassword, $dbname);
if ($isforsale=="false"){
$flag = 0;
}else{
$flag = 1;
}
$sql = "INSERT INTO Property (Location, Street, City, Province, PStatus, PType,isForSale,Price,Beds, img)VALUES ('$location','$street','$city','$province',0,'$type','$flag','$price','$beds',' $image')";
$retval = mysqli_query( $conn,$sql);
$last_id = mysqli_insert_id($conn);
session_start();
$userid = $_SESSION["id"];
if ($retval === TRUE){
$sql = "INSERT INTO OwnersProperty (PropertyNo,OwnerId) VALUES ('$last_id','$userid')";
$retval = mysqli_query( $conn,$sql);
if($retval === TRUE){
header("Location: dashboard.php");
exit;
}
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
} else {
echo "Sorry, there was an error uploading your file.";
}
}
?>
此文件包含上传图片并将其保存到数据库的代码。
最佳答案
这一行在单引号和变量名之间有一个空格 ' $image' 所以当它存储在数据库中时,文件名将以空格开头 %20
$sql = "INSERT INTO Property
(Location, Street, City, Province, PStatus,
PType,isForSale,Price,Beds, img)
VALUES ('$location','$street','$city','$province',0,
'$type','$flag','$price','$beds',' $image')";
^
^^^
^^^^^
去掉它,一切都会好起来的。
Your script is at risk of SQL Injection Attack Have a look at what happened to Little Bobby Tables Even if you are escaping inputs, its not safe! Use prepared statement and parameterized queries
关于php - 由于某种原因,存储在 MYSQL 上的文件名是错误的,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37486609/