0
的正確使用我道歉,如果這是一個密集的問題,但我有一點的,以上傳圖片BLOB與預處理語句一起使用MYSQL LOAD_FILE()的麻煩。其結果是,我不得不求助於使用到單獨的查詢,一來準備詳細的陳述,而另一個,它不準備插入我的BLOB的聲明。下面是我試過的查詢的例子:MySQL的LOAD_FILE()
function add_new_video() {
$image = $_FILES['thumbnail_file']['tmp_name']; // pass this file name to getimagesize() to determine the mime-type
$size_array = getimagesize($image);
$thumbnail_mimetype = $size_array['mime'];
$thumbnail_contents = file_get_contents($image);
$thumbnail_filesize = $size_array[3];
$thumbnail_filename = $_FILES['thumbnail_file']['name'];
$title = $_POST['title'];
$summary = $_POST['summary'];
// Checkbox...
if(!empty($_POST['demo_reel'])) {
$demo_reel = $_POST['demo_reel'];
}
else {
$demo_reel = 0;
}
$query = "INSERT INTO videos (title, summary, thumbnail_filename, thumbnail_filesize, thumbnail_mimetype, thumbnail_contents, demo_reel) VALUES(?, ?, ?, ?, ?, LOAD_FILE($image), ?)";
if($stmt = $this->conn->prepare($query)) {
$stmt->bind_param('sssssi', $title, $summary, $thumbnail_filename, $thumbnail_filesize, $thumbnail_mimetype, $thumbnail_contents, $demo_reel);
$stmt->execute();
if($stmt->affected_rows == 1) {
return true;
}
else {
return false;
}
}
}
不幸的是,這個查詢失敗,我似乎無法得到任何錯誤出來。相反,這是我當前的查詢,其工作,但不使用準備好的語句,而安全性較低:
$video_filename = $_POST['file_name'];
$video_number = $_POST['number'];
$title = $_POST['title'];
$summary = $_POST['summary'];
if(!empty($_POST['demo_reel'])) {
$demo_reel = $_POST['demo_reel'];
}
else {
$demo_reel = 0;
}
$image = $_FILES['thumbnail_file']['tmp_name']; // pass this file name to
getimagesize() to determine the mime-type
$size_array = getimagesize($image);
$thumbnail_mimetype = $size_array['mime'];
$thumbnail_filesize = $size_array[3];
$thumbnail_contents = addslashes(file_get_contents($image));
$thumbnail_filename = $_POST['number'] . '.jpg';
$query = "INSERT INTO videos (`video_filename`, `video_number`,
`thumbnail_contents`, `title`, `summary`, `demo_reel`, `thumbnail_filename`,
`thumbnail_filesize`, `thumbnail_mimetype`) VALUES ('$video_filename',
'$video_number', '$thumbnail_contents', '$title', '$summary', '$demo_reel',
'$thumbnail_filename', '$thumbnail_filesize', '$thumbnail_mimetype')";
if($result = $this->conn->query($query)) {
return true;
}
else {
return false;
}
由於所有的細節目前轉義,我寧願不通過使用過程中去nl2br(),然後再返回,我想兩個查詢:一個使用準備好的發言的$ _ POST變量,然後又使用和addslashes()和文件定期報表。我希望能夠在一個準備好的聲明中完成整個插入。任何幫助和理解,非常感謝!
LOAD_FILE()意味着你的PHP服務器和MySQL服務器在同一臺機器上,而MySQL將有機會到PHP寫文件tmp的位置。這是你的設置? – VoteyDisciple 2009-08-12 00:17:40
感謝您的評論!是的,我已經告訴我的主機是安裝我現在有。 – 2009-08-12 01:57:29