0

我正在尝试使用 php 将 pdf 文件插入到我的数据库中。我知道这通常不是好的做法,但我仍然需要这样做。

所以这是我试图将 pdf 插入的表的架构:

    create table manager_certificate(
    manager_id int,
    certificate_id int,
    certificate blob,
    primary key(manager_id, certificate_id),
    foreign key(manager_id) references manager(id)
) ENGINE=InnoDB;

我有一个允许用户选择文件的 html 页面,并且有一个上传按钮,该按钮调用应该将文件上传到数据库的 php 文件。

html:

<!DOCTYPE html>
<head>
    <title>MySQL file upload example</title>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
    <form action="manager_upload.php" method="post" enctype="multipart/form-data">
        <input type="file" name="uploaded_file"><br>
        <input type="submit" value="Upload file">
    </form>
    <p>
        <a href="list_files.php">See all files</a>
    </p>
</body>
</html>

php:

<?php
// Check if a file has been uploaded
if(isset($_FILES['uploaded_file'])) {
    // Make sure the file was sent without errors
    if($_FILES['uploaded_file']['error'] == 0) {
        // Connect to the database
        $dbLink = new mysqli('dbclass.cs.nmsu.edu', 'corbinc', 'corbinc430', 'cs482corbinc');
        if(mysqli_connect_errno()) {
            die("MySQL connection failed: ". mysqli_connect_error());
        }

        // Gather all required data
        $data = $dbLink->real_escape_string(file_get_contents($_FILES  ['uploaded_file']['tmp_name']));

        // Create the SQL query
        $query = "
            INSERT INTO 'manager_certificate'('certificate')
            VALUES ( '{$data}' )";

        // Execute the query
        $result = $dbLink->query($query);

        // Check if it was successfull
        if($result) {
            echo 'Success! Your file was successfully added!';
        }
        else {
            echo 'Error! Failed to insert the file'
               . "<pre>{$dbLink->error}</pre>";
        }
    }
    else {
        echo 'An error accured while the file was being uploaded. '
           . 'Error code: '. intval($_FILES['uploaded_file']['error']);
    }

    // Close the mysql connection
    $dbLink->close();
}
else {
    echo 'Error! A file was not sent!';
}

?>

所以我尝试了上面的代码,我收到以下错误:

Error! Failed to insert the file
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''manager_certificate'('certificate')
            VALUES ( '%PDF-1.5\n%ÐÔÅØ\n3 0 ' at line 1

我该如何解决这个错误?我的架构有问题吗?或者php可能?

4

2 回答 2

0

您不应该在表或字段名称周围加上引号,仅用于字符串数据。试试INSERT INTO manager_certificate (certificate) ...

于 2013-11-14T01:42:24.460 回答
-1

这是您的问题的工作示例代码。

<?php 
// CREATE TABLE files (
//     id   INT           AUTO_INCREMENT PRIMARY KEY,
//     mime VARCHAR (255) NOT NULL,
//     data BLOB          NOT NULL
// );
class BlobDemo {

    const DB_HOST = 'localhost';
    const DB_NAME = 'test';
    const DB_USER = 'root';
    const DB_PASSWORD = '';

    /**
     * PDO instance
     * @var PDO 
     */
    private $pdo = null;

    /**
     * Open the database connection
     */
    public function __construct() {
        // open database connection
        $conStr = sprintf("mysql:host=%s;dbname=%s;charset=utf8", self::DB_HOST, self::DB_NAME);

        try {
            $this->pdo = new PDO($conStr, self::DB_USER, self::DB_PASSWORD);
            //for prior PHP 5.3.6
            //$conn->exec("set names utf8");
        } catch (PDOException $e) {
            echo $e->getMessage();
        }
    }

    /**
     * insert blob into the files table
     * @param string $filePath
     * @param string $mime mimetype
     * @return bool
     */
    public function insertBlob($filePath, $mime) {
        $blob = fopen($filePath, 'rb');

        $sql = "INSERT INTO files(mime,data) VALUES(:mime,:data)";
        $stmt = $this->pdo->prepare($sql);

        $stmt->bindParam(':mime', $mime);
        $stmt->bindParam(':data', $blob, PDO::PARAM_LOB);

        return $stmt->execute();
    }

    /**
     * select data from the the files
     * @param int $id
     * @return array contains mime type and BLOB data
     */
    public function selectBlob($id) {

        $sql = "SELECT mime,
                        data
                   FROM files
                  WHERE id = :id;";

        $stmt = $this->pdo->prepare($sql);
        $stmt->execute(array(":id" => $id));
        $stmt->bindColumn(1, $mime);
        $stmt->bindColumn(2, $data, PDO::PARAM_LOB);

        $stmt->fetch(PDO::FETCH_BOUND);

        return array("mime" => $mime,
            "data" => $data);
    }


    /**
     * close the database connection
     */
    public function __destruct() {
        // close the database connection
        $this->pdo = null;
    }

}
$blobObj = new BlobDemo();
if(isset($_POST['submit']))
{

    $blobObj->insertBlob($_FILES['uploaded_file']['tmp_name'],"application/pdf");
}
?>
<!DOCTYPE html>
<head>
    <title>MySQL file upload example</title>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
        <input type="file" name="uploaded_file"><br>
        <input type="submit" name="submit" value="Upload file">
    </form>
    <p>
      <?php 
      // to display the pdf from database
   //    $a = $blobObj->selectBlob(3);
            // header("Content-Type:" . $a['mime']);
            // echo $a['data'];
      ?>
    </p>
</body>
</html>

希望你能从中锻炼出一个解决方案。谢谢。

于 2016-07-10T15:13:37.440 回答