本文介绍了在mysql数据库中插入映像时出现mysql错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在网站上工作,我的任务是从用户获取产品图像,并将该图像存储在数据库中。我使用mysql数据库。
我的代码html形式是: -
< FORM action =testimage1.phpENCTYPE = multipart / form-datamethod =post>
< div style =font:bold 10px arial,serif; >产品名称*< / div>
< input type =textname =myuserNamemaxlength =50/>< br />
< div style =font:bold 10px arial,serif; >上传照片< / div>
< input name =uploadimagetype =file/>< / br>
< div style =font:bold 10px arial,serif;>产品说明:< / div>
< input type =textname =productvalue =>< / br>
< input id =submittype =submitvalue =submit/>< br />
< / FORM>
我的testimage1.php代码如下: -
require_once(dbconnect.inc.php);
$ db_name =thinstrokes; // for localhost databasename
$ tbl_name =product;
$ db_selected = mysql_select_db($ db_name)或die(can not select DB);
$ myusername = $ _ POST ['myusername'];
$ mypassword = $ _ POST ['product'];
$ filename = $ _ FILES ['uploadimage'] ['tmp_name'];
$ imgData = file_get_contents($ filename);
$ size = getimagesize($ filename);
$ sql =INSERT INTO product
(productname,image_id,image_type,image,image_size,image_name,productdesc)VALUES
('$ myusername','11','{$ size [ 'mime']}','{$ imgData}','{$ size [3]}',
'{$ _FILES ['userfile'] ['name']}','$ productdesc') ;
$ result = mysql_query($ sql)or die(error in uploading / *);
我得到一个错误:-error在上传/ *
如何修改它?
解决方案
尝试更改:
$ sql =INSERT INTO product
(productname,image_id,image_type,image,image_size,image_name,productdesc)VALUES
('$ myusername','11' $ size ['mime']}','{$ imgData}','{$ size [3]}',
'{$ _FILES ['userfile'] ['name']}','$ productdesc');
:
$ size_mime = mysql_real_escape_string($ size ['mime']);
$ size3 = mysql_real_escape_string($ size [3]);
$ filename = mysql_real_escape_string($ _ FILES ['userfile'] ['name']);
$ sql =INSERT INTO product
(productname,image_id,image_type,image,image_size,image_name,productdesc)VALUES
('{$ myusername}','11','{$ size_mime}','{$ imgData}','{$ size3}',
'{$ filename}','$ productdesc')
并编辑:
$ myusername = $ _ POST ['myusername'];
$ mypassword = $ _ POST ['product'];
$ filename = $ _ FILES ['uploadimage'] ['tmp_name'];
:
$ myusername = mysql_real_escape_string($ _ POST ['myusername']);
$ mypassword = mysql_real_escape_string($ _ POST ['product']);
$ filedata = mysql_real_escape_string($ _ FILES ['uploadimage'] ['tmp_name']);
您应该绝对避免sql注入! b
I am working on a website and my task is to take product image from user and store that image in the database..i am using mysql database.My code for html form is as:-
<FORM action="testimage1.php" ENCTYPE="multipart/form-data" method="post">
<div style="font:bold 10px arial,serif;" >Product Name*</div>
<input type="text" name="myuserName" maxlength="50" /><br />
<div style="font:bold 10px arial,serif;" >Upload a photo</div>
<input name="uploadimage" type="file" /></br>
<div style="font:bold 10px arial,serif;">Product Description:</div>
<input type="text" name="product" value=""></br>
<input id="submit" type="submit" value="submit" /><br />
</FORM>
My code for testimage1.php is as:-
require_once("dbconnect.inc.php");
$db_name="thinstrokes"; //for localhost databasename
$tbl_name="product";
$db_selected=mysql_select_db("$db_name")or die("cannot select DB");
$myusername=$_POST['myusername'];
$mypassword=$_POST['product'];
$filename=$_FILES['uploadimage']['tmp_name'];
$imgData = file_get_contents($filename);
$size = getimagesize($filename);
$sql = "INSERT INTO product
(productname, image_id , image_type ,image, image_size, image_name, productdesc)VALUES
('$myusername','11', '{$size['mime']}', '{$imgData}', '{$size[3]}',
'{$_FILES['userfile']['name']}','$productdesc')";
$result=mysql_query($sql) or die("error in uploading/*");
and i am getting an error as:-error in uploading/*how can i correct it?
解决方案
try to change this:
$sql = "INSERT INTO product
(productname, image_id , image_type ,image, image_size, image_name, productdesc)VALUES
('$myusername','11', '{$size['mime']}', '{$imgData}', '{$size[3]}',
'{$_FILES['userfile']['name']}','$productdesc')";
with this:
$size_mime = mysql_real_escape_string($size['mime']);
$size3 = mysql_real_escape_string($size[3]);
$filename = mysql_real_escape_string($_FILES['userfile']['name']);
$sql = "INSERT INTO product
(productname, image_id , image_type ,image, image_size, image_name, productdesc) VALUES
('{$myusername}','11', '{$size_mime}', '{$imgData}', '{$size3}',
'{$filename}','$productdesc')";
and edit this:
$myusername=$_POST['myusername'];
$mypassword=$_POST['product'];
$filename=$_FILES['uploadimage']['tmp_name'];
with this:
$myusername = mysql_real_escape_string($_POST['myusername']);
$mypassword = mysql_real_escape_string($_POST['product']);
$filedata = mysql_real_escape_string($_FILES['uploadimage']['tmp_name']);
you should absolutely avoid sql injection!
这篇关于在mysql数据库中插入映像时出现mysql错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!