我不知道为什么这不起作用。请帮助我摆脱困境
<form action="login.php" method="post" enctype="multipart/form-data">
<br><br><br>
Select image: <input type="file" name="image" size="40" id="image">
<br><small> must be less than 512kb </small>
<br><br>
<input type="submit" name="submit" value="submit">
</form>
<?php
// Script Error Reporting
error_reporting(E_ALL);
ini_set('display_errors', '1');
?>
数据库中有 3 列,例如 id 、 name 、 image 作为 long blob 类型
<?php
if(isset($_POST['submit']))
{
$con=@mysqli_connect("localhost","root","","work");
$imagedata=mysqli_real_escape_string($con,file_get_contents($_FILES['image'] ['tmp_name']));
$imagename=mysqli_real_escape_string($con,$_FILES['image'] ['name']);
$imagetype=mysqli_real_escape_string($con,$_FILES['image'] ['type']);
if(substr($imagetype,0,5) =="image")
{
$con=@mysqli_connect("localhost","root","","work");
mysqli_query($con,"INSERT INTO pics VALUES('$imagename','$imagedata')" or die (mysqli_error($con)));
}
else
{
echo"only images are allowed";
}
}
?>
<img src="showimage.php" />
showimage.php
<?php
$con=@mysqli_connect("localhost","root","","work");
$query = mysqli_query($con,"select* from pics" or die (mysqli_error($con)));
$row=mysqli_fetch_assoc($query);
$imagedata= $row["image"];
header("content-type: image/jpeg");
echo $imagedata;
?>
请大家帮帮我。我不知道我在这里做错了什么。
最佳答案
注意:
- 您为何反复声明您的
$con
? - 使用
mysqli_real_escape_string()
对于清理变量的值很有用,但最好也是必须使用 mysqli_prepared statement . - 您执行上传操作的代码在哪里?
- 在根文件夹中创建一个名为
images
的文件夹 - 您可以使用
accept
输入文件的标签。添加此accept=".jpg, .jpeg, .png"
给您<input type="file"..
。并在您的 PHP 提交页面中添加检查,以检查它是否确实是图像。 - 您要插入文件名的表/列的名称是什么?
- 我对下面的代码进行了一些解释。
您可以将您的login.php更改为:
<?php
if(isset($_POST['submit']))
{
$con = new mysqli("localhost","root","","work"); /* ESTABLISH CONNECTION */
$uploadedfile = $_FILES["image"]["tmp_name"];
$allowedExts = array("png","jpg","jpeg"); /* ACCEPTED FILE FORMAT */
$filename = $_FILES["image"]["name"]; /* NAME OF THE FILE */
$extension = pathinfo($filename, PATHINFO_EXTENSION); /* GET THE FILE EXTENSION */
$extension = strtolower($extension); /* LOWER THE STRINGS OF THE EXTENSION */
if(in_array($extension,$allowedExts)){ /* IF FILE IS INDEED AN IMAGE */
$path = "images/".$filename; /* DIRECTORY WHERE YOU WANT TO STORE THE IMAGE ALONG WITH THE FILE NAME */
move_uploaded_file($uploadedfile,$path); /* MOVE THE FILE TO YOUR IMAGES FOLDER */
/* PLEASE CHANGE THE NECESSARY TABLE NAME AND COLUMN NAME IN THE QUERY BELOW*/
if($stmt = $con->prepare("INSERT INTO pics (name) VALUES (?)")){
$stmt->bind_param("s",$filename); /* BIND THE FILE NAME TO THE QUERY */
$stmt->execute(); /* EXECUTE THE QUERY */
$stmt->close();
} /* END OF PREPARED STATEMENT */
echo '<img src="images/'.$filename.'">'; /* OUTPUT THE UPLOADED IMAGE */
} /* END OF IF; CHECKING THE ALLOWED EXTENSIONS */
else { /* IF FILE FORMAT IS NOT SUPPORTED */
echo "You did not upload an image.";
} /* END OF ELSE */
} /* END OF ISSET POST SUBMIT */
?>
注意:我没有重命名文件名,因此如果用户上传的文件与之前的文件同名,就会导致冲突。在继续 renaming of files 之前,请先了解此代码.
关于php - 图像插入数据库并显示使用 php 和 mysql 不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31824702/