如何使用 PHP 代码将图像上传到 MySQL 数据库
我正在尝试将图像从 HTML 表单保存到我的数据库中.我已经编写了 PHP 代码来完成这项任务.该程序没有生成任何错误消息,也没有在 MySQL 数据库中插入图像数据.请检查一下.在这里,我将分享我的代码的摘录.
/*--------------------图片查询---------------*/$file =$_FILES['image']['tmp_name'];如果(!isset($文件)){echo '请选择图片';}别的{$image_check = getimagesize($_FILES['image']['tmp_name']);如果($image_check==false){echo '不是一个有效的图像';}别的{$image = file_get_contents ($_FILES['image']['tmp_name']);$image_name = $_FILES['image']['name'];if ($image_query = mysql_query ("插入 product_images 值 (1,'$image_name',$image )")){回声 $current_id;//echo '成功';}别的{回声 mysql_error();}}}/*-----------------图片查询结束---------------------*/<form action='insert_product.php' method='POST' enctype='multipart/form-data'></br>文件:<输入类型='文件'名称='图像'></表格>
<块引用>
错误信息您的 SQL 语法有错误;检查手册对应于您的 MySQL 服务器版本,以便使用正确的语法第 1 行的 '' 附近
解决方案首先,你应该检查你的图片列是否为BLOB类型!
我对你的 SQL 表一无所知,但如果我会尝试制作自己的作为示例.
我们有字段 id
(int), image
(blob) 和 image_name
(varchar(64)).
所以代码应该如下所示(假设 ID 始终为 '1',让我们使用这个 mysql_query):
$image = addlashes(file_get_contents($_FILES['image']['tmp_name']));//SQL注入防御!$image_name = addlashes($_FILES['image']['name']);$sql = "INSERT INTO `product_images` (`id`, `image`, `image_name`) VALUES ('1', '{$image}', '{$image_name}')";if (!mysql_query($sql)) {//错误处理echo "出了点问题!:(";}
你在很多方面都做错了.不要使用 mysql 函数 - 它们已被弃用!使用 PDO 或 MySQLi.您还应该考虑将文件位置存储在磁盘上.使用 MySQL 存储图像被认为是 Bad Idea™.处理带有大数据(如图像)的 SQL 表可能会出现问题.
您的 HTML 表单也不符合标准.它应该是这样的:
<form action="insert_product.php" method="POST" enctype="multipart/form-data"><label>文件:</label><input type="file" name="image"/><输入类型=提交"/></表格>
<小时>
旁注:
在处理文件并将它们存储为 BLOB 时,必须使用 对数据进行转义mysql_real_escape_string()
,否则会导致语法错误.
I am trying to save images in my database from HTML form. I have written PHP code to accomplish this task. The program is not generating any error message, but also not inserting image data in MySQL database. Kindly check it. Here i am sharing a excerpt from my code.
/*-------------------
IMAGE QUERY
---------------*/
$file =$_FILES['image']['tmp_name'];
if(!isset($file))
{
echo 'Please select an Image';
}
else
{
$image_check = getimagesize($_FILES['image']['tmp_name']);
if($image_check==false)
{
echo 'Not a Valid Image';
}
else
{
$image = file_get_contents ($_FILES['image']['tmp_name']);
$image_name = $_FILES['image']['name'];
if ($image_query = mysql_query ("insert into product_images values (1,'$image_name',$image )"))
{
echo $current_id;
//echo 'Successfull';
}
else
{
echo mysql_error();
}
}
}
/*-----------------
IMAGE QUERY END
---------------------*/
<form action='insert_product.php' method='POST' enctype='multipart/form-data' ></br>
File : <input type='file' name= 'image' >
</form>
Error Message You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
解决方案
Firstly, you should check if your image column is BLOB type!
I don't know anything about your SQL table, but if I'll try to make my own as an example.
We got fields id
(int), image
(blob) and image_name
(varchar(64)).
So the code should look like this (assume ID is always '1' and let's use this mysql_query):
$image = addslashes(file_get_contents($_FILES['image']['tmp_name'])); //SQL Injection defence!
$image_name = addslashes($_FILES['image']['name']);
$sql = "INSERT INTO `product_images` (`id`, `image`, `image_name`) VALUES ('1', '{$image}', '{$image_name}')";
if (!mysql_query($sql)) { // Error handling
echo "Something went wrong! :(";
}
You are doing it wrong in many ways. Don't use mysql functions - they are deprecated! Use PDO or MySQLi. You should also think about storing files locations on disk. Using MySQL for storing images is thought to be Bad Idea™. Handling SQL table with big data like images can be problematic.
Also your HTML form is out of standards. It should look like this:
<form action="insert_product.php" method="POST" enctype="multipart/form-data">
<label>File: </label><input type="file" name="image" />
<input type="submit" />
</form>
Sidenote:
When dealing with files and storing them as a BLOB, the data must be escaped using mysql_real_escape_string()
, otherwise it will result in a syntax error.
相关文章