我正在尝试将信息输入数据库,同时将文件上传到服务器并将其链接存储在数据库中。此时文件上传,但数据库中没有显示任何表单数据,并返回表单无法提交的错误消息,但实际上并未指定错误。
任何帮助都会很棒!!!
<?php
$dbc=mysql_connect('localhost', 'mgertenbach', 'mollyr');
mysql_select_db('mgertenbach', $dbc);
if($_SERVER['REQUEST_METHOD']=='POST'){
//you needed to move this INSIDE the conditional.. you had it up at line 15 which... woudl cause the errors to show.
$sqlInsertString = "INSERT INTO band_information
VALUES ('{$_POST['bandname']}', '{$_FILES['bandphoto']['name']}', '{$_POST['bandbio']}', '{$_POST['bandcity']}', '{$_POST['bandstate']}', '{$_POST['bandzipcode']}', '{$_POST['bandgenre']}', '{$_POST['bandlink']}');";
if(move_uploaded_file($_FILES['bandphoto']['tmp_name'], "C:\\HTML\\mgertenbach\\BAND\\photos\\{$_FILES['bandphoto']['name']}") && @mysql_query($sqlinsertString, $dbc)){
print '<p>Thanks for submitting your band!</p>';
} else {
print '<p>Could not submit band because: <br/>' .
mysql_error($dbc) . '</p>';
}
}
?>
<h3>Please fill out the following information.</h3>
<form action="submitband.php" method="post" enctype="multipart/form-data">
<fieldset><legend>Who Are You?</legend>
<label>Band Name: <input type="text" name="bandname" size="10"/></label>
<br/><br/>
<label>Link to Photo*: <input type="hidden" name="MAX_FILE_SIZE" value="300000" /><input type="file" id="bandphoto" name="bandphoto" /></label>
<br/> *image must be a square file
<br/><br/>
<label>Enter a short bio: <br/><textarea name="bandbio" cols="40" rows="10"></textarea></label>
</fieldset>
<br/><br/>
<fieldset><legend>Where Are You From?</legend>
<label>City: <input type="text" name="bandcity" size="10"/></label>
<br/><br/>
<label>State:
<select id="bandstate" name="bandstate">
<option value=""> </option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District Of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
</select></label>
<br/><br/>
<label>Zipcode: <input type="text" name="bandzipcode" size="10"/></label>
</fieldset>
<br/><br/>
<fieldset><legend>What's Your Music Like?</legend>
<label>Genre:
<select name="bandgenre">
<option value="country">Country</option>
<option value="electronic">Electronic</option>
<option value="folk">Folk</option>
<option value="indie">Indie</option>
<option value="punk">Punk</option>
<option value="rock">Rock</option>
</select>
</label>
<br/><br/>
<label>Share a link to where we can hear it: <input type="text" name="bandlink" size="40"/></label>
</fieldset>
<br/><br/>
<input type="submit" value="submit"/>
</form>
答案 0 :(得分:0)
为什么你有这样的花括号'{$_POST['bandname']}'
这是PHP而不是bash所以摆脱它们。
但实际上并未指定错误
从中删除@
@mysql_query查看错误
您的代码容易受到SQL注入攻击,如中所述 注释使用参数化查询或PDO
答案 1 :(得分:0)
首先,删除@beforre mysql_query会得到错误消息。你的代码中也有两层单引号,这不会返回任何结果:
$sqlInsertString = "INSERT INTO band_information
VALUES ('{$_POST['bandname']}', '{$_FILES['bandphoto']['name']}', '{$_POST['bandbio']}', '{$_POST['bandcity']}', '{$_POST['bandstate']}', '{$_POST['bandzipcode']}', '{$_POST['bandgenre']}', '{$_POST['bandlink']}');";
此外,您没有列出要插入的字段?不是问题,请确保每个值符合所需的字段类型,否则查询将失败。 你有两种方法可以纠正sql,或者事先分配每个值,然后使用它们:
$bandname = $_POST['bandname'];
$sqlInsertString = "INSERT INTO band_information VALUES ('$bandname', // etc
或退出双引号,然后输入变量:
$sqlInsertString = "INSERT INTO band_information VALUES ('" . $_POST['bandname'] . "','" . $_FILES['bandphoto']['name'] . "','" . $_POST['bandbio'] . "','" . $_POST['bandcity'] . "','" . $_POST['bandstate'] . "','" . $_POST['bandzipcode'] . "','" . $_POST['bandgenre'] . "','" . $_POST['bandlink'] . "')";
这很难调试
if(move_uploaded_file($_FILES['bandphoto']['tmp_name'], "C:\\HTML\\mgertenbach\\BAND\\photos\\{$_FILES['bandphoto']['name']}") && @mysql_query($sqlinsertString, $dbc))
如果sql出错或者move_uploaded_file失败,这将具有相同的行为。移动文件是众所周知的婊子,因为所有这些权限问题。也许尝试分离那些:
if (mysql_query($sqlInsertString))
{if (move_uploaded_file($_FILES['bandphoto']['tmp_name'], "C:\\HTML\\mgertenbach\\BAND\\photos\\{$_FILES['bandphoto']['name']}"))
{echo 'both worked!';}}
else
{echo 'only the query worked';}
else
{echo 'the query failed';}