我已经设置了一个允许用户上传图像的网站,然后这些图像会显示在主屏幕上。但是我刚刚碰壁,所以我过去让用户上传图像,然后将图像保存到文件夹和数据库,但是我怎么做才能让图像显示在主屏幕上。
<?php
// Connect to database
$errmsg = "";
if (! @mysql_connect("localhost","alfred1000351","*******")) {
$errmsg = "Cannot connect to database";
}
@mysql_select_db("drp_2cgih5o233");
$q = <<<CREATE
create table pix (
pid int primary key not null auto_increment,
title text,
imgdata longblob)
CREATE;
@mysql_query($q);
// Insert any new image into database
if ($_REQUEST[completed] == 1) {
// Need to add - check for large upload. Otherwise the code
// will just duplicate old file ;-)
// ALSO - note that latest.img must be public write and in a
// live appliaction should be in another (safe!) directory.
move_uploaded_file($_FILES['imagefile']['tmp_name'],"latest.img");
$instr = fopen("latest.img","rb");
$image = addslashes(fread($instr,filesize("latest.img")));
if (strlen($instr) < 149000) {
mysql_query ("insert into pix (title, imgdata) values (\"".
$_REQUEST[whatsit].
"\", \"".
$image.
"\")");
} else {
$errmsg = "Too large!";
}
}
// Find out about latest image
$gotten = @mysql_query("select * from pix order by pid desc limit 1");
if ($row = @mysql_fetch_assoc($gotten)) {
$title = htmlspecialchars($row[title]);
$bytes = $row[imgdata];
} else {
$errmsg = "There is no image in the database yet";
$title = "no database image available";
// Put up a picture of our training centre
$instr = fopen("../wellimg/ctco.jpg","rb");
$bytes = fread($instr,filesize("../wellimg/ctco.jpg"));
}
// If this is the image request, send out the image
if ($_REQUEST[gim] == 1) {
header("Content-type: image/jpeg");
print $bytes;
exit ();
}
?>
<html><head>
<title>Upload an image to a database</title>
<body bgcolor=white><h2>Here's the latest picture</h2>
<font color=red><?= $errmsg ?></font>
<center><img src=?gim=1 width=144><br>
<b><?= $title ?></center>
<hr>
<h2>Please upload a new picture and title</h2>
<form enctype=multipart/form-data method=post>
<input type=hidden name=MAX_FILE_SIZE value=150000>
<input type=hidden name=completed value=1>
Please choose an image to upload: <input type=file name=imagefile><br>
Please enter the title of that picture: <input name=whatsit><br>
then: <input type=submit></form><br>
<hr>
</body>
</html>
答案 0 :(得分:0)
这是我的顽强:
请勿禁止从DB获取的警告。它们是真实的,也是必需的。从DB调用的前面删除所有@ -characters。 如果您收到任何通知,警告,错误都不会抑制它们,请更正错误。
如果您正在制作新代码,请考虑将PDO用作数据库API,而不是旧的,弃用的PHP MySQL API。它就像使用MySQL API一样简单。
您只想尝试仅创建一次,将其从执行多次的代码中删除。
您应该检查$ _REQUEST参数是否存在,如果不存在则不进行比较。您还需要将参数名称放在引号中,否则PHP认为您使用的是常量,而您不是。因此,行if ($_REQUEST[completed] == 1) {必须固定为if(isset($_REQUEST['completed']) && $_REQUEST['completed'] == 1) {。与whatisit和gim -params相同的应用。
代码if (strlen($instr) < 149000) {无法正常工作,您无法获得资源长度。您可能正在寻找此功能:if (strlen($_FILES['imagefile']['size']) < 149000) {。
与$row相同(在步骤4中)您需要将文字放在引号中,因此请将这些行修复为:$title = htmlspecialchars($row['title']); $bytes = $row['imgdata'];
其他应该可行。但是,它包含DB安全漏洞,这会导致您的网站泄露,所以我建议您不要将它放到任何真实的网站上。只是为了你自己/朋友的乐趣。