我对 PHP 很陌生,我需要你的帮助。
这是插入所有记录的insert.php文件。``这里也添加了文件浏览字段。此字段浏览照片。Temp_File 存储在缩略图文件夹中。我的问题是如何将这张照片保存在 MySQL 数据库中,以及如何从 dB 中检索这张照片以在 view.php 中显示。
//这是insert.php
<?php require_once('Connections/db_sms.php'); ?>
<?php if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
$MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "regform")) {
$insertSQL = sprintf("INSERT INTO tbl_student (s_id, first_name, last_name, gender, dob, father_name, email, address, city) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['student_photo'], "text"),
GetSQLValueString($_POST['first_name'], "text"),
GetSQLValueString($_POST['last_name'], "text"),
GetSQLValueString($_POST['gender'], "text"),
GetSQLValueString($_POST['dob'], "date"),
GetSQLValueString($_POST['father_name'], "text"),
GetSQLValueString($_POST['email'], "text"),
GetSQLValueString($_POST['address'], "text"),
GetSQLValueString($_POST['city'], "text"));
mysql_select_db($database_db_sms, $db_sms);
$Result1 = mysql_query($insertSQL, $db_sms) or die(mysql_error());
$insertGoTo = "view.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
<?php require_once('Zend/Date.php'); ?>
<?php $username = "root";
$password = "";
$host = "localhost";
$database = "db_sms";
// Make the connect to MySQL or die
// and display an error.
$link = mysql_connect($host, $username, $password);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
// Select your database
mysql_select_db ($database);?>
<?php if (isset($_FILES['student_photo']) && $_FILES['student_photo']['size'] > 0) {
// Temporary file name stored on the server
$tmpName = $_FILES['student_photo']['tmp_name'];
// Create the query and insert
// into our database.
$i=rand(0,8888);
$info=pathinfo($_FILES['student_photo']['name']);
$ext=$info['extension'];
$i++;
$newname="pic_".$i.".".$ext;
$target='thumbnails/'.$newname;
move_uploaded_file($_FILES['student_photo']['tmp_name'], $target );
$query = "INSERT INTO tbl_students ";
$query .= "(student_photo) VALUES ('$data')";
$results = mysql_query($query, $link);
// Print results
print "Thank you, your file has been uploaded.";
}
else {
print "No image selected/uploaded";
}
mysql_close($link);
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
if ($theValue == "")
{
$theValue = "NULL";
}
else
{
$zendDate = new Zend_Date($theValue, "d/M/yyyy");
$theValue = "'" . $zendDate->toString("dd-MM-yyyy") . "'";
}
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
mysql_select_db($database_db_sms, $db_sms);
$query_rsStudent = "SELECT s_id, first_name, last_name, gender, dob, father_name, email, address, city, student_photo FROM tbl_student ORDER BY first_name ASC";
$rsStudent = mysql_query($query_rsStudent, $db_sms) or die(mysql_error());
$row_rsStudent = mysql_fetch_assoc($rsStudent);
$totalRows_rsStudent = mysql_num_rows($rsStudent);
$query_rsStudent = "SELECT first_name, last_name, gender, dob, father_name, email, address, city FROM tbl_student ORDER BY first_name ASC";
$rsStudent = mysql_query($query_rsStudent, $db_sms) or die(mysql_error());
$row_rsStudent = mysql_fetch_assoc($rsStudent);
$totalRows_rsStudent = mysql_num_rows($rsStudent);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Registration</title>
<script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
<script src="SpryAssets/SpryValidationRadio.js" type="text/javascript"></script>
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationRadio.css" rel="stylesheet" type="text/css" />
<style type="text/css">
body,td,th {
font-family: "Times New Roman", Times, serif;
font-size: 18px;
color: #FFFFFF;
}
body {
background-color: #636;
margin-left: 400px;
margin-top: 100px;
margin-right: 400px;
}
</style>
</head>
<body>
<?php /* include('include/header.php');*/ ?>
<form action="<?php echo $editFormAction; ?>" name="regform" id="regform" enctype="multipart/form-data" method="POST">
<table width="1495" border="0">
<tr>
<td width="115">First Name</td>
<td width="1370"><span id="spryfirstname">
<input name="first_name" type="text" maxlength="50" />
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td>
</tr>
<tr>
<td>Last Name</td>
<td><span id="sprylastname">
<input name="last_name" type="text" maxlength="50" />
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td>
</tr>
<tr>
<td>Gender</td>
<td><label>
<span id="spryrggender">
<input type="radio" name="gender" value="Male" id="male" />
Male<br />
<input type="radio" name="gender" value="Female" id="female" />
Female<br />
<span class="radioRequiredMsg">Required.</span></span></label></td>
</tr>
<tr>
<td>Date Of Birth</td>
<td><span id="sprydob">
<input name="dob" type="text" />
<span class="textfieldRequiredMsg">Date of Birth is required.</span><span class="textfieldInvalidFormatMsg">Invalid format.</span></span></td>
</tr>
<tr>
<td>Father's Name</td>
<td><span id="spryfathername">
<input name="father_name" type="text" maxlength="50" />
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td>
</tr>
<tr>
<td>E-mail Address</td>
<td><span id="spryemail">
<input name="email" type="text" />
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldInvalidFormatMsg">Invalid format.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td>
</tr>
<tr>
<td>Address</td>
<td><span id="spryaddress">
<input name="address" type="text" />
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td>
</tr>
<tr>
<td>City</td>
<td><span id="sprycity">
<input name="city" type="text" />
<span class="textfieldRequiredMsg">A value is required.</span><span class="textfieldMaxCharsMsg">Exceeded maximum number of characters.</span></span></td>
</tr>
<tr>
<td>Upload image</td>
<td>
<input type="file" name="student_photo" id="student_photo" />
</td>
</tr>
<tr>
<td></td>
<td><input name="insert" type="submit" value="Insert Record" /></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="regform" />
</form>
<p> </p>
<script type="text/javascript">
var sprytextfield1 = new Spry.Widget.ValidationTextField("spryfirstname", "none", {validateOn:["blur"], maxChars:50});
var sprytextfield2 = new Spry.Widget.ValidationTextField("sprylastname", "none", {validateOn:["blur"], maxChars:50});
var spryradio1 = new Spry.Widget.ValidationRadio("spryrggender", {validateOn:["blur"]});
var sprytextfield3 = new Spry.Widget.ValidationTextField("sprydob", "date", {format:"dd/mm/yyyy", validateOn:["blur"], hint:"dd/mm/yyyy"});
var sprytextfield4 = new Spry.Widget.ValidationTextField("spryfathername", "none", {validateOn:["blur"], maxChars:50});
var sprytextfield5 = new Spry.Widget.ValidationTextField("spryemail", "email", {maxChars:50, validateOn:["blur"]});
var sprytextfield6 = new Spry.Widget.ValidationTextField("spryaddress", "none", {maxChars:50, validateOn:["blur"]});
var sprytextfield7 = new Spry.Widget.ValidationTextField("sprycity", "none", {maxChars:50, validateOn:["blur"]});
var sprytextfield8 = new Spry.Widget.ValidationTextField("sprytextfield8");
</script>
</body>
</html>
<?php
mysql_free_result($rsStudent);
?>
-----------------------------------------------------
//Image should be displayed in view.php
<?php require_once('Connections/db_sms.php'); ?>
<?php
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
$MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php require_once('Zend/Date.php');?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$currentPage = $_SERVER["PHP_SELF"];
$maxRows_rsStudent = 3;
$pageNum_rsStudent = 0;
if (isset($_GET['pageNum_rsStudent'])) {
$pageNum_rsStudent = $_GET['pageNum_rsStudent'];
}
$startRow_rsStudent = $pageNum_rsStudent * $maxRows_rsStudent;
mysql_select_db($database_db_sms, $db_sms);
$query_rsStudent = "SELECT s_id, first_name, last_name, gender, dob, father_name, email, address, city, student_photo FROM tbl_student ORDER BY first_name ASC";
$query_limit_rsStudent = sprintf("%s LIMIT %d, %d", $query_rsStudent, $startRow_rsStudent, $maxRows_rsStudent);
$rsStudent = mysql_query($query_limit_rsStudent, $db_sms) or die(mysql_error());
$row_rsStudent = mysql_fetch_assoc($rsStudent);
if (isset($_GET['totalRows_rsStudent'])) {
$totalRows_rsStudent = $_GET['totalRows_rsStudent'];
} else {
$all_rsStudent = mysql_query($query_rsStudent);
$totalRows_rsStudent = mysql_num_rows($all_rsStudent);
}
$totalPages_rsStudent = ceil($totalRows_rsStudent/$maxRows_rsStudent)-1;
$queryString_rsStudent = "";
if (!empty($_SERVER['QUERY_STRING'])) {
$params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param) {
if (stristr($param, "pageNum_rsStudent") == false &&
stristr($param, "totalRows_rsStudent") == false) {
array_push($newParams, $param);
}
}
if (count($newParams) != 0) {
$queryString_rsStudent = "&" . htmlentities(implode("&", $newParams));
}
}
$queryString_rsStudent = sprintf("&totalRows_rsStudent=%d%s", $totalRows_rsStudent, $queryString_rsStudent);
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
if ($theValue == "")
{
$theValue = "NULL";
}
else
{
$zendDate = new Zend_Date($theValue, "M/d/yyyy");
$theValue = "'" . $zendDate->toString("yyyy-MM-dd") . "'";
}
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
?>
<style type="text/css">
body,td,th {
color: #000;
font-family: "Courier New", Courier, monospace;
font-size: 18px;
}
body {
background-color: #FFF;
}
a:link {
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #606;
}
a:hover {
text-decoration: underline;
color: #066;
}
a:active {
text-decoration: none;
color: #600;
}
</style>
<body bgcolor="#D6D6D6" text="#FFFFFF" link="#330000" vlink="#006666" alink="#660000"><h1>
<style type="text/css">
#header {
font-family: "Times New Roman", Times, serif;
font-size: 24px;
font-style: normal;
line-height: normal;
font-weight: normal;
text-transform: none;
color: #066;
background-color: #FFF;
background-image: url(../images/contest.jpg);
background-repeat: no-repeat;
background-size: auto;
box-sizing: content-box;
margin-bottom: 400px;
}
body,td,th {
font-family: "Courier New", Courier, monospace;
color: #000;
}
body {
background-color: #FFF;
}
</style>
</h1>
<?php /* include('include/header.php');*/?>
<h3> </h3>
<h3>There are <?php echo $totalRows_rsStudent ?> Students.</h3>
<p>
<?php if ($pageNum_rsStudent > 0) { // Show if not first page ?>
<a href="<?php printf("%s?pageNum_rsStudent=%d%s", $currentPage, 0, $queryString_rsStudent); ?>">First</a> <a href="<?php printf("%s?pageNum_rsStudent=%d%s", $currentPage, max(0, $pageNum_rsStudent - 1), $queryString_rsStudent); ?>">Previous</a>
<?php } // Show if not first page ?>
<?php if ($pageNum_rsStudent < $totalPages_rsStudent) { // Show if not last page ?>
<a href="<?php printf("%s?pageNum_rsStudent=%d%s", $currentPage, min($totalPages_rsStudent, $pageNum_rsStudent + 1), $queryString_rsStudent); ?>">Next</a> <a href="<?php printf("%s?pageNum_rsStudent=%d%s", $currentPage, $totalPages_rsStudent, $queryString_rsStudent); ?>">Last</a>
<?php } // Show if not last page ?>
</p>
<table width="400" border="0">
</table>
<form id="form1" name="form1" method="post" action="" enctype="multipart/form-data">
<table width="2139" border="0">
<tr>
<th width="326" bgcolor="#009999" scope="col"><strong>First Name</strong></th>
<th width="315" bgcolor="#009999" scope="col"><strong>Last Name</strong></th>
<th width="282" bgcolor="#009999" scope="col"><strong>Gender</strong></th>
<th width="183" bgcolor="#009999" scope="col"><blockquote>
<p> <strong>BirthDate</strong></p>
</blockquote></th>
<th width="337" bgcolor="#009999" scope="col"><strong>Father's Name</strong></th>
<th width="271" bgcolor="#009999" scope="col"><strong>Email</strong></th>
<th width="95" bgcolor="#009999" scope="col"><strong>Address</strong></th>
<th width="150" bgcolor="#009999" scope="col"><strong>City</strong></th>
<th width="150" bgcolor="#009999" scope="col"><blockquote>
<p>Photo</p>
</blockquote></th>
<th width="150" bgcolor="#009999" scope="col"> </th>
<th width="7" bgcolor="#009999" scope="col"> </th>
<th width="131" scope="col"> </th>
</tr>
<?php do { ?>
<?php
$zendDate = new Zend_Date($row_rsStudent['dob']);
?>
<tr>
<td bgcolor="#333333"><blockquote>
<p><a href="update.php?s_id=<?php echo $row_rsStudent['s_id']; ?>"><?php echo $row_rsStudent['first_name']; ?></a></p>
</blockquote></td>
<td bgcolor="#333333"><blockquote>
<p><?php echo $row_rsStudent['last_name']; ?></p>
</blockquote></td>
<td bgcolor="#333333"><blockquote>
<p><?php echo $row_rsStudent['gender']; ?></p>
</blockquote></td>
<td bgcolor="#333333">
<?php echo $zendDate->toString("d/M/yyyy"); ?></td>
<td bgcolor="#333333"><blockquote>
<p><?php echo $row_rsStudent['father_name']; ?></p>
</blockquote></td>
<td bgcolor="#333333"><blockquote>
<p><?php echo $row_rsStudent['email']; ?></p>
</blockquote></td>
<td bgcolor="#333333"><blockquote>
<p><em><strong><a href="delete.php?s_id=<?php echo $row_rsStudent['s_id']; ?>"></a></strong></em><?php echo $row_rsStudent['address']; ?></p>
</blockquote></td>
<td bgcolor="#333333"><blockquote>
<p><em><strong><a href="delete.php?s_id=<?php echo $row_rsStudent['s_id']; ?>"></a></strong></em><?php echo $row_rsStudent['city']; ?></p>
</blockquote></td>
<td bgcolor="#333333"><blockquote>
<p><img src="<?php echo "thumbnails/".$row_rsStudent['student_photo']; ?>"/> </p>
</blockquote></td>
<td bgcolor="#FFFFFF"><blockquote>
<p><em><strong><a href="delete.php?s_id=<?php echo $row_rsStudent['s_id']; ?>">Delete</a></strong></em></p>
</blockquote></td>
</tr>
<?php } while ($row_rsStudent = mysql_fetch_assoc($rsStudent)); ?>
</table>
<p><strong><a href="insert.php">Insert New Record</a></strong></p>
<p> </p>
</form>
<?php
mysql_free_result($rsStudent);
?>
//tbl_student 包含一个字段名称“std_photo”,类型为 VarChar(255)。
//这是我的db_sms连接文件
<?php
# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_db_sms = "localhost";
$database_db_sms = "db_sms";
$username_db_sms = "root";
$password_db_sms = "";
$db_sms = mysql_pconnect($hostname_db_sms, $username_db_sms, $password_db_sms) or trigger_error(mysql_error(),E_USER_ERROR);
?>
请帮帮我!