0
我有一個表單將圖像上傳到我的服務器並在MySQL中存儲圖像的路徑,並且表單完美無缺。 我現在想做的是能夠更新存儲在MySQL中的存儲圖像和路徑,但我無法弄清楚如何將$ target變量添加到我的代碼中,以便它更新MySQL中的路徑和文件名。 我現在有代碼的方式它會上傳新的圖像,但不會更新MySQL中的路徑和名稱,我知道它與$ target有關,我只是不知道該把它放在哪裏。 是的,我很瞭解sql注入,所以請不必評論它,因爲我不關心它的這種情況。無法讓PHP寫入MySQL更新文件的路徑
<?php
//This is the directory where images will be uploaded and saved
$target = "uploads/cheer/";
$target = $target . basename($_FILES['member_photo']['name']);
//This gets all the form data//
//----------MEMBER INFO----------//
$team_name=$_POST['team_name'];
$first_name=$_POST['first_name'];
$last_name=$_POST['last_name'];
$registration=$_POST['registration'];
$pay_status=$_POST['pay_status'];
$physical=$_POST['physical'];
$photo=$_POST['photo'];
$logo_src=$_POST['logo_src'];
//----------NOTES----------//
$notes=$_POST['notes'];
//----------IMAGES----------//
$pic=($_FILES['member_photo']['name']);
//----------CONNECT TO DATABASE----------//
include 'elite_connect.php';
//----------WRITES DATA TO DATABASE----------//
mysql_query("UPDATE cheer SET team_name='$team_name', first_name='$first_name', last_name='$last_name', registration='$registration', pay_status='$pay_status', physical='$physical', photo='$photo', logo_src='$logo_src', notes='$notes', member_photo='$member_photo',
WHERE `id` = '$id'");
//----------DISPLAYS MYSQL ERRORS----------//
print_r($_POST);
echo mysql_error();
//----------WRITES PHOTO TO SERVER----------//
if(move_uploaded_file($_FILES['member_photo']['tmp_name'], $target))
{
//----------TELLS IF ALL IS OK----------//
echo "The file ". basename($_FILES['member_photo']['name']). "has been uploaded!";
}
else {
//----------GIVES AN ERROR IF IT'S NOT----------//
?><br/><?php
echo "Sorry, there was a problem uploading your image.";
}
?>
添加$目標SET從process_edit.php文件
陣列([ID] => 18 [如first_name] =>你的[姓氏] =>爸爸[TEAM_NAME產生以下錯誤] => [註冊] =>是[pay_status] =>待辦[物理] =>無[照片] => [筆記] =>我是你的爸爸[logo_src] => logos/cougars2013.jpg [提交] =>更新成員)你的SQL語法有錯誤;檢查與您的MySQL服務器版本相對應的手冊,以在''uploads/cheer/helmet1.jpg''附近使用正確的語法。WHERE
id='''在第1行上傳文件helmet1.jpg已上傳!
正如您所看到的更新正在寫入MySQL並將映像上載到服務器,但映像的路徑未更新。
所以呼應整個查詢幾乎給出了完全相同的東西如上述,
陣列([ID] => 20 [如first_name] =>脂肪[姓氏] =>艾米[TEAM_NAME] => [註冊] =>是[pay_status] =>已付費用[物理] =>是[照片] =>是[注意] =>大而且負責![logo_src] => logos/gvklogo2013.png [submit] = >更新成員)你的SQL語法有錯誤;請查看與您的MySQL服務器版本相對應的手冊,以便在第12行的'uploads/images/fatamy.png ='uploads/images/fatamy.png'WHERE
id='20''附近使用正確的語法文件fatamy.png已上傳!
如果有幫助,下面是處理輸入表單以上載文件並存儲路徑的代碼。
<?php
//This is the directory where images will be uploaded and saved
$target = "uploads/cheer/";
$target = $target . basename($_FILES['member_photo']['name']);
//This gets all the form data//
//----------MEMBER INFO----------//
$team_name=$_POST['team_name'];
$first_name=$_POST['first_name'];
$last_name=$_POST['last_name'];
$registration=$_POST['registration'];
$pay_status=$_POST['pay_status'];
$physical=$_POST['physical'];
$photo=$_POST['photo'];
$logo_src=$_POST['logo_src'];
//----------NOTES----------//
$notes=$_POST['notes'];
//----------IMAGES----------//
$pic=($_FILES['member_photo']['name']);
//----------CONNECT TO DATABASE----------//
include 'elite_connect.php';
//----------WRITES DATA TO DATABASE----------//
mysql_query("INSERT INTO cheer (team_name, first_name, last_name, registration, pay_status, physical, photo, logo_src, notes, member_photo)
VALUES ('$team_name','$first_name','$last_name','$registration','$pay_status','$physical','$photo','$logo_src','$notes','$target')");
//----------DISPLAYS MYSQL ERRORS----------//
echo mysql_error();
//----------WRITES PHOTO TO SERVER----------//
if(move_uploaded_file($_FILES['member_photo']['tmp_name'], $target))
{
//----------TELLS IF ALL IS OK----------//
echo "The file ". basename($_FILES['member_photo']['name']). "has been uploaded!";
}
else {
//----------GIVES AN ERROR IF IT'S NOT----------//
?><br/><?php
echo "Sorry, there was a problem uploading your image.";
}
?>
我不妨添加更新形式以及
<tr class="firstname">
<td class="firstname" style="width: 58px">First Name</td>
<td class="firstname" style="width: 280px">
<input type="text" name="first_name" value="<?php echo $data2['first_name']?>" style="width: 170px"></td>
</tr>
<tr class="lastname">
<td class="label" style="width: 58px">Last Name</td>
<td class="field" style="width: 280px">
<input type="text" name="last_name" id="lastname" value="<?php echo $data2['last_name']?>" style="width: 171px">
</td></tr>
<tr class="teamname">
<td class="teamname" style="width: 58px">Team Name</td>
<td class="teamname" style="width: 280px">
<input type="text" name="team_name" id="teamname" value="<?php echo $data2['team_name']?>" style="width: 170px">
<br>
</td>
</tr>
<tr class="typeName">
<td class="label" style="width: 58px">Registration</td>
<td class="field" style="width: 280px">
<input type="text" name="registration" id="jerseybrand" value="<?php echo $data2['registration']?>" style="width: 170px">
</td>
</tr>
<tr class="paystatus">
<td class="paystatus" style="width: 58px">Payment Status</td>
<td class="paystatus" style="width: 280px">
<input type="text" name="pay_status" id="paystatus" value="<?php echo $data2['pay_status']?>" style="width: 170px">
<br>
</td>
</tr>
<tr class="physical">
<td class="physical" style="width: 58px">Physical</td>
<td class="physical" style="width: 290px">
<input type="text" name="physical" id="physical" value="<?php echo $data2['physical']?>">
</tr style="width: 170px">
<tr class="photo">
<td class="photo" style="width: 58px">Photo Taken</td>
<td class="photo" style="width: 290px">
<input type="text" name="photo" id="photo" value="<?php echo $data2['photo']?>">
</tr style="width: 170px">
<tr>
<td>
Notes
</td>
<td class="notes" style="width: 280px">
<textarea name="notes" id="notes" class="auto-style1" style="height: 35px; width: 215px"><?php echo $data2['notes']?></textarea>
<br><br>
</td></tr>
<tr class="teamlogo">
<td class="teamlogo" style="width: 58px">Team Logo</td>
<td class="teamlogo" style="width: 280px">
<img name="logo_image "src="<?php echo $data2['logo_src']?>" id="logoimage" height="100" width="100">
</td width="116">
<input type="hidden" name="logo_src" value="<?php echo $data2['logo_src']?>" id="logosrc"/>
</tr>
<tr class="logosrc">
<td class="logosrc" style="width: 58px">Change Logo</td>
<td class="logosrc" style="width: 280px">
<select name="team_name" id="dd" onChange="swapImage()" style="width: 150px">
<option value="" title="logos/cheerlogoleft.jpg">SELECT</option>
<option value="COUGARS" title="logos/cougars2013.jpg" >Cougars</option>
<option value="FALCONS" title="logos/falcons2013.jpg" >Falcons</option>
<option value="GREEN VALLEY KNIGHTS" title="logos/gvklogo2013.png">Green Valley Knights</option>
<option value="LONGHORNS" title="logos/longhorns2013.jpg">Longhorns</option>
<option value="MUSTANGS" title="logos/mustangs2013.jpg">Mustangs</option>
<option value="NW NINERS" title="logos/nwniners2013.jpg">NW Niners</option>
<option value="REBELS" title="logos/rebels2013.jpg">Rebels</option>
<option value="WILDCATS" title="logos/wildcats2013.jpg">Wildcats</option>
</select>
</td>
</tr>
<tr class="photo">
<td class="photo" style="width: 58px">Change Photo</td>
<td class="photo" style="width: 290px">
<input type="file" name="member_photo" id="cheerphoto"/>
</tr style="width: 170px">
</tbody>
</table>
</div>
</fieldset>
</td><td id="righttdhw" style="width: 517px; height: 141px;">
<fieldset id="info" style="width: 260px; height: 183px">
<legend id="infoLegend">Member Photo</legend>
<div id="memberphoto">
<table style="height: 156px; width: 260px;">
<tbody>
<tr class="memberphoto">
<td class="field" style="width: 269px; height: 132px; text-align: center;">
<img name="member_photo" src="<?php echo $data2['member_photo']?>" id="memberphoto" height="150" width="250" >
</td>
</tr>
1. PLZ ,不要使用mysql_ *函數,它們已被棄用。 2.您的代碼易受SQL注入攻擊。 – user4035
@ user4035他在這種情況下SQL注入不是一個問題。 –
@肖恩是的,現在就看。一種反射。 – user4035