我是php新手并开始开发一个动态网站,我创建了一些静态页面和一个新闻页面。
对于新闻页面,我已经在phpmyadmin中创建了数据库,但我无法在我的数据库中获取任何数据,但我在图像文件夹中获取图像,请查看我的代码。
插入帖子我创建了这个:
<html>
<head>
<title>Insert New Post</title>
</head>
<body>
<form method="post" action="insert_post.php" enctype="multipart/form-data">
<table allign="center" border="10" width="600">
<tr>
<td align="center" colspan="5" bgcolor="yellow">
<h1>Insert New Post Here</h1></td>
</tr>
<tr>
<td align="right">Post Title:</td>
<td><input type="text" name="title" size="40"></td>
</tr>
<tr>
<td align="right">Post Author:</td>
<td><input type="text" name="author"></td>
</tr>
<tr>
<td align="right">Post image:</td>
<td><input type="file" name="image"></td>
</tr>
<tr>
<td align="right">Post content:</td>
<td><textarea name="content" cols="40" rows="20"></textarea></td>
</tr>
<tr>
<td align="center" colspan="6"><input type="submit" name="submit" value="Publish Now"></td>
</tr>
</table>
</form>
</body>
</html>
<?php
include('includes/connect.php');
if(isset($_POST['submit'])){
$title = $_POST['title'];
$date = DATE('y-m-d');
$author = $_POST['author'];
$content = $_POST['content'];
$image_name = $_FILES['image']['name'];
$image_type = $_FILES['image']['type'];
$image_size = $_FILES['image']['size'];
$image_tmp = $_FILES['image']['tmp_name'];
if($title == '' or $author =='' or $content ==''){
echo "<script>alert('Any filed is empty')</script>";
exit();
}
if($image_type=="image/jpeg" or $image_type=="image/png" or $image_type=="image/gif"){
if($image_size<=50000){
move_uploaded_file($image_tmp,"images/$image_name");
}
else {
echo "<script>alert('image is larger, only 50kb size is allowed')</script>";
}
}
else {
echo "<script>alert('image type is invalid')</script>";
}
$query = "insert into post (post_title,post_date,post_author,post_image,post_content) values ('$title','$date','$author','$image_name','$content')";
if(mysql_query($query)){
echo "<center><h1>Post has been Published</h1></center>";
}
}
?>
现在我创建了connect.php文件,其中包含以下代码:
<?php
mysql_connect("localhost","root","");
mysql_select_db("rect");
?>
我是php新手,很抱歉,如果我有任何错误,请提前谢谢。
答案 0 :(得分:1)
post的表,其中包含相应的列名:post_title,post_date,post_author,post_image,post_content mysqli_*,因为它们与您的连接有关,并且还会阻止SQL injections。如果您要在数据库中插入日期,而不是:
$date=DATE("y-m-d"); /* YY-MM-DD */
你应该这样做:
$date=DATE("Y-m-d"); /* YYYY-MM-DD */
首先,我们修复您与数据库的连接(connect.php):
<?php
$mysqli = new mysqli("localhost", "root", "", "rect");
/* CHECK CONNECTION */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
?>
然后像这个简单的例子一样更改插入查询:
$stmt = $mysqli->prepare("INSERT INTO post (post_title, post_date, post_author, post_image, post_content) VALUES (?,?,?,?,?)");
$stmt->bind_param('sssss',$title,$date,$author,$image_name,$content); /* BIND VARIABLES TO THE QUERY */
$stmt->execute(); /* EXECUTE QUERY */
?>