嗨,我遇到了麻烦。用户在page1.php中上传图像。它的文件名插入到数据库中,并且图像转到名为“ uploads”的文件夹中。如何获取这些图像并将其显示在page2.php中?

第1页

if(isset($_FILES['filename'])){
  $errors = array();
  $file_name = $_FILES['filename']['name'];
  $file_size =$_FILES['filename']['size'];
  $file_tmp =$_FILES['filename']['tmp_name'];
  $file_type=$_FILES['filename']['type'];
  $file_ext=strtolower(end(explode('.',$_FILES['filename']['name'])));


  $expensions= array("jpeg","jpg","png");
  if(in_array($file_ext,$expensions)=== false){
    $errors[]="extension not allowed, please choose a JPEG or PNG file.";
   }
    if($file_size > 2097152){
    $errors[]='File size must be excately 2 MB';
   }

   //if no error...
   if (empty($errors)==true) {

    // upload the file...
    move_uploaded_file($file_tmp,"uploads/".$file_name);

    $servername = "localhost";
    $username = "root";
    $password = " ";
    $dbname = "admin";

    // create new record in the database
   include ("dbinfo.php");

    mysql_query("INSERT INTO payment_form (Tracking, date, ContactNo, totalsent, datesent, filename) VALUES ('$transactionNo', NOW(), '$contactNo', '$totalSent', '$dateSent', '$file_name')") ;

    header('Location: paymentform_success.php');
     }else{
      print_r($errors);
     }
 }


第2页上有一个更新记录表。我只希望图像显示在该单元格上。 T__T我尚未研究对我有用的任何东西。请帮助

最佳答案

您可以尝试如下操作:

<?php
$query = "SELECT * FROM payment_form";
$result = mysql_query($query);
if (!$result) {
    die('SQL error');
}
echo "<table>";
while ($row = mysql_fetch_assoc($result)) {
    echo "<tr>";
    echo "<td>{$row['Tracking']}</td>";
    echo "<td>{$row['date']}</td>";
    echo "<td>{$row['ContactNo']}</td>";
    echo "<td>{$row['totalsent']}</td>";
    echo "<td>{$row['datesent']}</td>";
    echo "<td><img src='/uploads/{$row['filename']}'/></td>";
    echo "</tr>";
}
echo "</table>";
?>


首先,您需要使用“ SELECT”查询运行mysql_query,然后运行类似mysql_fetch_assoc的函数来获取每一行,然后输出信息。

另外,您的原始代码有一个SQL注入漏洞,您必须对用户提交的所有值使用mysql_real_escape_string,例如

$transactionNo=mysql_real_escape_string($transactionNo);
$contactNo=mysql_real_escape_string($contactNo);
$totalSent=mysql_real_escape_string($totalSent);
$dateSent=mysql_real_escape_string($dateSent);
$file_name=mysql_real_escape_string($file_name);


UPD要通过跟踪ID获取特定文件,您可以使用以下方法:

<?php
$Tracking = mysql_real_escape_string($_GET['Tracking']);
$query = "SELECT Tracking,filename FROM payment_form WHERE Tracking = '$Tracking'";
$result = mysql_query($query);
if (!$result) {
    die('SQL error');
}
echo "<table>";
while ($row = mysql_fetch_assoc($result)) {
    echo "<tr>";
    echo "<td>{$row['Tracking']}</td>";
    echo "<td><img src='/uploads/{$row['filename']}'/></td>";
    echo "</tr>";
}
echo "</table>";
?>

10-05 20:45
查看更多