//setting veriables
$imagestring = $_FILES["file"]["name"];
$myuser = $_POST['myusername'];
//mysql set up error handle
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$chkuserid = mysql_query("select UserID from users where Username = '".$myuser."'");
$row = mysql_fetch_array($chkuserid);
$finall = $row['UserID'];
// putting data into database
var_dump($finall);
$sql="UPDATE users SET avatarstring='k00138899.atspace.eu/photoalbum/upload/".$imagestring."' WHERE UserID='".$finall."'";
我想我在用户表中尝试了一切我有avatarstring,如果上传成功,它将存储图像的路径
userid - int(25)
$ finall - 字符串
avatarstring - 文字
文件上传但图像地址的输入应与此操作一起转到avatarstring列。
用于上传图片的代码工作,此代码放在if语句中,如果上传成功则显示此代码以及图片上传成功的消息
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"avatar/" . $_FILES["file"]["name"]);
echo "Stored in: " . "avatar/" . $_FILES["file"]["name"];
// if upload successful add entry into DB
$host="fdb4.atspace.com:3306"; // Host name
$username="1259829_photo"; // Mysql username
$password="j8"; // Mysql password
$db_name="1259829_photo"; // Database name
$tbl_name="users"; // Table name
//setting veriables
$imagestring = $_FILES["file"]["name"];
$myuser = $_POST['myusername'];
//mysql set up error handle
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$chkuserid = mysql_query("select UserID from users where Username = '".$myuser."'");
$row = mysql_fetch_array($chkuserid);
$finall = $row['UserID'];
// putting data into database
var_dump($finall);
var_dump($myuser);
$sql="UPDATE users SET avatarstring='k00138899.atspace.eu/photoalbum/upload/".$imagestring."' WHERE Username='".$myuser."'";
}
}
}
else
{
echo "Invalid file";
}
?>
答案 0 :(得分:0)
嘿,你最后只是不打电话给mysql_query( $sql); ......
否则它看起来很好。您应该考虑使用mysqli_或PDO而不是弃用mysql_,并确保您的代码不容易受到SQL注入攻击。