我已经构建了可以使用Plupload将多个图像上传到服务器的工作VB.net代码。我正在使用HTTPHandler(FileUpload.ashx)进行上传,并希望添加一个SQL语句,将每个图像文件名插入到我的SQL数据库中。我曾尝试将SQL添加到Handler,但是当我这样做时,我会为每个上传的iamge获取4个数据库条目。我真的不明白为什么,需要一些指导。感谢您提前的时间。
一般HANDLER代码:
Public Sub ProcessRequest(ByVal context As HttpContext) Implements IHttpHandler.ProcessRequest
Dim chunk As Integer = If(context.Request("chunk") IsNot Nothing, Integer.Parse(context.Request("chunk")), 0)
Dim fileName As String = If(context.Request("name") IsNot Nothing, context.Request("name"), String.Empty)
Dim fileUpload As HttpPostedFile = context.Request.Files(0)
Dim uploadPath = context.Server.MapPath("Upload")
Using fs = New FileStream(Path.Combine(uploadPath, fileName), If(chunk = 0, FileMode.Create, FileMode.Append))
Dim buffer = New Byte(fileUpload.InputStream.Length - 1) {}
fileUpload.InputStream.Read(buffer, 0, buffer.Length)
fs.Write(buffer, 0, buffer.Length)
End Using
context.Response.ContentType = "text/plain"
context.Response.Write("Success")
EXP:SQL插入
Dim conn As SqlClient.SqlConnection = New SqlClient.SqlConnection(DBCONN)
Dim command As SqlClient.SqlCommand = New SqlClient.SqlCommand("W2_InsertPhoto " & fileName, conn)
Dim rs As SqlClient.SqlDataReader
conn.Open()
rs = command.ExecuteReader()
rs.Close()
rs = Nothing
conn.Close()
conn = Nothing
答案 0 :(得分:1)
如果您正在使用块,请确保在最后一个块已保存的情况下触发SQL aster
例如。
chunk = If(context.Request("chunk") IsNot Nothing, Integer.Parse(context.Request("chunk")), 0)
chunks = If(context.Request("chunks") IsNot Nothing, Integer.Parse(context.Request("chunks")) - 1, 0)
If (chunk = chunks) Then
'Upload is complete, Save to DB here or whatever
end if
-1,因为如果有意义的话,块是最后一个块的-1。
要获取文件名,您需要在handler.ashx中添加所有内容..
fileName = If(context.Request("name") IsNot Nothing, context.Request("name"), String.Empty)
为了从Pluplaod获取唯一的fileName到你的处理程序,你需要告诉Plupload(在客户端上)使用唯一的名称。
var uploader = new plupload.Uploader({
runtimes: 'html5,flash,silverlight,html4',
max_file_size: '20mb',
url: '../handler.ashx',
chunk_size: '100kb',
unique_names: true,
multipart_params: { imageType: $('#myDiv').attr("MyIMageType"), custom: 'This is static custom text' },
在您的处理程序中,您再次调用'name'请求,您将获得pluplaoder所做的unqie名称..也可以像往常一样请求多部分中的数据request
PictureType = If(context.Request("imageType") IsNot Nothing, [Enum].Parse(GetType(PictureType), context.Request("imageType")), Nothing)
Dim myCustom as String = If(context.Request("custom") IsNot Nothing, context.Request("custom"))
为了响应您的SQL,您需要使用'封装文件名,否则空格和特殊字符将破坏SQLCommand,因为SQL会认为它的另一个变量或命令而不是纯粹将其视为一个串。这也是SQL注入的常见问题。允许黑客因为这样的代码而注入代码。
答案 1 :(得分:1)
ppumpkin,我不认为我在解释自己。对不起,我肯定是lamens术语,我是同时掌握所有人的新手。
我使用唯一命名为“false”,因为我需要保留每个文件的原始名称。我目前正在上传到服务器时正确命名文件名,但对于我的SQL插入,我需要插入相同的名称。如果我尝试使用我声明的FileName(context.Request(“name”))作为我的SQL语句中的值,我立即得到一个错误,没有插入值。如果我只使用文件名的静态值进行测试,它会很好地插入,但当然它对我上传的每个文件都是相同的名称。
包括您的更新,这是我目前为处理程序和客户端脚本所拥有的内容。
处理程序:
Public Sub ProcessRequest(ByVal context As HttpContext) Implements IHttpHandler.ProcessRequest
Dim chunk As Integer = If(context.Request("chunk") IsNot Nothing, Integer.Parse(context.Request("chunk")), 0)
Dim chunks As Integer = If(context.Request("chunks") IsNot Nothing, Integer.Parse(context.Request("chunks")) - 1, 0)
Dim fileName As String = If(context.Request("name") IsNot Nothing, context.Request("name"), String.Empty)
If (chunk = chunks) Then
Dim conn As SqlClient.SqlConnection = New SqlClient.SqlConnection(mdata.DBCONN)
Dim command As SqlClient.SqlCommand = New SqlClient.SqlCommand("W2_InsertPhoto 12345," & **fileName**, conn)
Dim rs As SqlClient.SqlDataReader
conn.Open()
rs = command.ExecuteReader()
rs.Close()
rs = Nothing
conn.Close()
conn = Nothing
End If
Dim fileUpload As HttpPostedFile = context.Request.Files(0)
Dim uploadPath = context.Server.MapPath("Upload")
Using fs = New FileStream(Path.Combine(uploadPath, fileName), If(chunk = 0, FileMode.Create, FileMode.Append))
Dim buffer = New Byte(fileUpload.InputStream.Length - 1) {}
fileUpload.InputStream.Read(buffer, 0, buffer.Length)
fs.Write(buffer, 0, buffer.Length)
End Using
End Sub
我的客户脚本:
<script type="text/javascript">
// Convert divs to queue widgets when the DOM is ready
$(function () {
$("#uploader").pluploadQueue({
// General settings,silverlight,browserplus,html5gears,
runtimes: 'flash',
url: 'FileUpload.ashx',
max_file_size: '10mb',
chunk_size: '1mb',
unique_names: false,
// Specify what files to browse for
filters: [{ title: "Image files", extensions: "jpg,jpeg,gif,png,bmp"}],
// Flash settings
flash_swf_url: 'assets/resources/plupload.flash.swf',
// Silverlight settings
silverlight_xap_url: 'assets/resources/plupload.silverlight.xap',
init: {
FileUploaded: function (up, file, info) {
}
}
});
// Client side form validation
$('form').submit(function (e) {
var uploader = $('#uploader').pluploadQueue();
// Validate number of uploaded files
if (uploader.total.uploaded == 0) {
// Files in queue upload them first
if (uploader.files.length > 0) {
// When all files are uploaded submit form
uploader.bind('UploadProgress', function () {
if (uploader.total.uploaded == uploader.files.length)
$('form').submit();
});
uploader.start();
} else
alert('You must at least upload one file.');
e.preventDefault();
}
});
//tweak to reset the interface for new file upload
$('#btnReset').click(function () {
var uploader = $('#uploader').pluploadQueue();
//clear files object
uploader.files.length = 0;
$('div.plupload_buttons').css('display', 'block');
$('span.plupload_upload_status').html('');
$('span.plupload_upload_status').css('display', 'none');
$('a.plupload_start').addClass('plupload_disabled');
//resetting the flash container css property
$('.flash').css({
position: 'absolute', top: '292px',
background: 'none repeat scroll 0% 0% transparent',
width: '77px',
height: '22px',
left: '16px'
});
//clear the upload list
$('#uploader_filelist li').each(function (idx, val) {
$(val).remove();
});
});
});
</script>