我有一个表单,可以将图像上传到我的服务器并将图像的路径存储在 MySQL 中,并且该表单可以完美运行。我现在想要做的是能够更新存储在 MySQL 中的存储图像和路径,但我不知道如何将 $target 变量添加到我的代码中,以便它更新 MySQL 中的路径和文件名。我现在拥有代码的方式将上传新图像,但不会更新 MySQL 中的路径和名称,我知道它与 $target 有关,我只是不知道把它放在哪里。是的,我很清楚 sql 注入,所以请不要评论它,因为我不关心这种情况。
<?php
//This is the directory where images will be uploaded and saved
$target = "uploads/cheer/";
$target = $target . basename($_FILES['member_photo']['name']);
//This gets all the form data//
//----------MEMBER INFO----------//
$team_name=$_POST['team_name'];
$first_name=$_POST['first_name'];
$last_name=$_POST['last_name'];
$registration=$_POST['registration'];
$pay_status=$_POST['pay_status'];
$physical=$_POST['physical'];
$photo=$_POST['photo'];
$logo_src=$_POST['logo_src'];
//----------NOTES----------//
$notes=$_POST['notes'];
//----------IMAGES----------//
$pic=($_FILES['member_photo']['name']);
//----------CONNECT TO DATABASE----------//
include 'elite_connect.php';
//----------WRITES DATA TO DATABASE----------//
mysql_query("UPDATE cheer SET team_name='$team_name', first_name='$first_name', last_name='$last_name', registration='$registration', pay_status='$pay_status', physical='$physical', photo='$photo', logo_src='$logo_src', notes='$notes', member_photo='$member_photo',
WHERE `id` = '$id'");
//----------DISPLAYS MYSQL ERRORS----------//
print_r($_POST);
echo mysql_error();
//----------WRITES PHOTO TO SERVER----------//
if(move_uploaded_file($_FILES['member_photo']['tmp_name'], $target))
{
//----------TELLS IF ALL IS OK----------//
echo "The file ". basename($_FILES['member_photo']['name']). "has been uploaded!";
}
else {
//----------GIVES AN ERROR IF IT'S NOT----------//
?><br/><?php
echo "Sorry, there was a problem uploading your image.";
}
?>
将 $target 添加到 SET 会从 process_edit.php 文件中产生以下错误
数组([id] => 18 [first_name] => 你的 [last_name] => 爸爸 [team_name] => [registration] => YES [pay_status] => PENDING [physical] => NO [photo] => [notes ] => 我是你爸爸 [logo_src] => logos/cougars2013.jpg [submit] => 更新会员)你的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,以在第 1 行的 ''uploads/cheer/helmet1.jpg' WHERE
id= ''' 附近使用正确的语法文件helmet1.jpg 已上传!
如您所见,更新正在写入 MySQL,并且图像已上传到服务器,但图像的路径未更新。
所以回显整个查询几乎给出了与上面完全相同的东西,
数组([id] => 20 [first_name] => Fat [last_name] => Amy [team_name] => [registration] => YES [pay_status] => 已全额支付 [physical] => YES [photo] => YES [notes] => Large and in Charge! [logo_src] => logos/gvklogo2013.png [submit] => Update Member ) 你的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,以在第 12 行的 'uploads/images/fatamy.png='uploads/images/fatamy.png' WHERE
id= '20'' 附近使用正确的语法文件 fatamy.png 有已上传!
如果这有帮助,这里是处理输入表单以上传文件和存储路径的代码。
<?php
//This is the directory where images will be uploaded and saved
$target = "uploads/cheer/";
$target = $target . basename($_FILES['member_photo']['name']);
//This gets all the form data//
//----------MEMBER INFO----------//
$team_name=$_POST['team_name'];
$first_name=$_POST['first_name'];
$last_name=$_POST['last_name'];
$registration=$_POST['registration'];
$pay_status=$_POST['pay_status'];
$physical=$_POST['physical'];
$photo=$_POST['photo'];
$logo_src=$_POST['logo_src'];
//----------NOTES----------//
$notes=$_POST['notes'];
//----------IMAGES----------//
$pic=($_FILES['member_photo']['name']);
//----------CONNECT TO DATABASE----------//
include 'elite_connect.php';
//----------WRITES DATA TO DATABASE----------//
mysql_query("INSERT INTO cheer (team_name, first_name, last_name, registration, pay_status, physical, photo, logo_src, notes, member_photo)
VALUES ('$team_name','$first_name','$last_name','$registration','$pay_status','$physical','$photo','$logo_src','$notes','$target')");
//----------DISPLAYS MYSQL ERRORS----------//
echo mysql_error();
//----------WRITES PHOTO TO SERVER----------//
if(move_uploaded_file($_FILES['member_photo']['tmp_name'], $target))
{
//----------TELLS IF ALL IS OK----------//
echo "The file ". basename($_FILES['member_photo']['name']). "has been uploaded!";
}
else {
//----------GIVES AN ERROR IF IT'S NOT----------//
?><br/><?php
echo "Sorry, there was a problem uploading your image.";
}
?>
我也可以添加更新表格
<tr class="firstname">
<td class="firstname" style="width: 58px">First Name</td>
<td class="firstname" style="width: 280px">
<input type="text" name="first_name" value="<?php echo $data2['first_name']?>" style="width: 170px"></td>
</tr>
<tr class="lastname">
<td class="label" style="width: 58px">Last Name</td>
<td class="field" style="width: 280px">
<input type="text" name="last_name" id="lastname" value="<?php echo $data2['last_name']?>" style="width: 171px">
</td></tr>
<tr class="teamname">
<td class="teamname" style="width: 58px">Team Name</td>
<td class="teamname" style="width: 280px">
<input type="text" name="team_name" id="teamname" value="<?php echo $data2['team_name']?>" style="width: 170px">
<br>
</td>
</tr>
<tr class="typeName">
<td class="label" style="width: 58px">Registration</td>
<td class="field" style="width: 280px">
<input type="text" name="registration" id="jerseybrand" value="<?php echo $data2['registration']?>" style="width: 170px">
</td>
</tr>
<tr class="paystatus">
<td class="paystatus" style="width: 58px">Payment Status</td>
<td class="paystatus" style="width: 280px">
<input type="text" name="pay_status" id="paystatus" value="<?php echo $data2['pay_status']?>" style="width: 170px">
<br>
</td>
</tr>
<tr class="physical">
<td class="physical" style="width: 58px">Physical</td>
<td class="physical" style="width: 290px">
<input type="text" name="physical" id="physical" value="<?php echo $data2['physical']?>">
</tr style="width: 170px">
<tr class="photo">
<td class="photo" style="width: 58px">Photo Taken</td>
<td class="photo" style="width: 290px">
<input type="text" name="photo" id="photo" value="<?php echo $data2['photo']?>">
</tr style="width: 170px">
<tr>
<td>
Notes
</td>
<td class="notes" style="width: 280px">
<textarea name="notes" id="notes" class="auto-style1" style="height: 35px; width: 215px"><?php echo $data2['notes']?></textarea>
<br><br>
</td></tr>
<tr class="teamlogo">
<td class="teamlogo" style="width: 58px">Team Logo</td>
<td class="teamlogo" style="width: 280px">
<img name="logo_image "src="<?php echo $data2['logo_src']?>" id="logoimage" height="100" width="100">
</td width="116">
<input type="hidden" name="logo_src" value="<?php echo $data2['logo_src']?>" id="logosrc"/>
</tr>
<tr class="logosrc">
<td class="logosrc" style="width: 58px">Change Logo</td>
<td class="logosrc" style="width: 280px">
<select name="team_name" id="dd" onChange="swapImage()" style="width: 150px">
<option value="" title="logos/cheerlogoleft.jpg">SELECT</option>
<option value="COUGARS" title="logos/cougars2013.jpg" >Cougars</option>
<option value="FALCONS" title="logos/falcons2013.jpg" >Falcons</option>
<option value="GREEN VALLEY KNIGHTS" title="logos/gvklogo2013.png">Green Valley Knights</option>
<option value="LONGHORNS" title="logos/longhorns2013.jpg">Longhorns</option>
<option value="MUSTANGS" title="logos/mustangs2013.jpg">Mustangs</option>
<option value="NW NINERS" title="logos/nwniners2013.jpg">NW Niners</option>
<option value="REBELS" title="logos/rebels2013.jpg">Rebels</option>
<option value="WILDCATS" title="logos/wildcats2013.jpg">Wildcats</option>
</select>
</td>
</tr>
<tr class="photo">
<td class="photo" style="width: 58px">Change Photo</td>
<td class="photo" style="width: 290px">
<input type="file" name="member_photo" id="cheerphoto"/>
</tr style="width: 170px">
</tbody>
</table>
</div>
</fieldset>
</td><td id="righttdhw" style="width: 517px; height: 141px;">
<fieldset id="info" style="width: 260px; height: 183px">
<legend id="infoLegend">Member Photo</legend>
<div id="memberphoto">
<table style="height: 156px; width: 260px;">
<tbody>
<tr class="memberphoto">
<td class="field" style="width: 269px; height: 132px; text-align: center;">
<img name="member_photo" src="<?php echo $data2['member_photo']?>" id="memberphoto" height="150" width="250" >
</td>
</tr>