通过php将pdf文件上传到mysql时查询失败

时间:2014-03-20 02:12:53

标签: php html mysql

我正在尝试上传一个能够将pdf文件上传到数据库的上传按钮,但它遇到了一些问题。数据库我用的是mySQL。

弹出窗口供用户键入文档

<form method="POST" action="upload.php" enctype="multipart/form-data">
    <div>
        <label for="citation">Citation</label>
        <textarea name="citation" id="citation" placeholder="Enter text here..."></textarea>
    </div>
    <div>
        <label for="abstract">Abstract</label>
        <textarea name="abstract" id="abstract" placeholder="Enter text here..."></textarea>
    </div>
        <p>Upload your file here</p>
        <input type="hidden" name="MAX_FILE_SIZE" value="2000000">
        <input name="userfile" type="file" id="userfile">&nbsp;
        <br/> 
        <input name="submit" type="submit" value="Upload" style="width: 150px">
                <a class="close" href="#close"></a>
    </form>

这是upload.php

<?php
        // Connect to the database
        $host="localhost"; // Host name 
        $username="root"; // Mysql username 
        $password=""; // Mysql password 
        $db_name="is"; // Database name 
        $tbl_name="publication"; // Table name 

        $conn = mysql_connect("$host", "$username", "$password"); 
        if(! $conn )
        {
          die('Could not connect: ' . mysql_error());
        }

        mysql_select_db($db_name);

        $cit=mysql_real_escape_string($_POST['citation']);
        $abs=mysql_real_escape_string($_POST['abstract']);

        if(isset($_POST['submit']) && $_FILES['userfile']['size'] > 0)
        {
        $fileName = $_FILES['userfile']['name'];
        $tmpName  = $_FILES['userfile']['tmp_name'];
        $fileSize = $_FILES['userfile']['size'];
        $fileType = $_FILES['userfile']['type'];

        $fp      = fopen($tmpName, 'r');
        $content = fread($fp, filesize($tmpName));
        $content = addslashes($content);
        fclose($fp);

        if(!get_magic_quotes_gpc())
        {
            $fileName = addslashes($fileName);
        }

        $query = "INSERT INTO publication ('citation','abstract','file_name', 'file_size', 'file_type', 'file_content' ) VALUES ('$cit','$abs','$fileName', '$fileSize', '$fileType', '$content')";

        mysql_query($query) or die('Error, query failed'); 


        echo "<script type='text/javascript'>alert('File $fileName uploaded!');
                window.location.href='home_unlogin.php';
            </script>";
        } 
        mysql_close($conn);
?>

在下一个显示错误,查询失败,我不知道它有什么问题。

2 个答案:

答案 0 :(得分:0)

    $query = "INSERT INTO publication (`citation`,`abstract`,`file_name`, `file_size`, `file_type`, `file_content`) VALUES ('$cit','$abs','$fileName', '$fileSize', '$fileType', '$content')";

或者您可以在不包装字段名称的情况下使用

    $query = "INSERT INTO publication (citation, abstract, file_name, file_size, file_type, file_content) VALUES ('$cit','$abs','$fileName', '$fileSize', '$fileType', '$content')";

因为您的字段名称是标准名称,不是保留字或包含特殊字符。

答案 1 :(得分:0)

对于SQL中的字段,您可以不带引号但是对于值,它应该在引号内,无论它是变量还是静态。

$select = "INSERT INTO tbl_table (tbl_field1,tbl_field2) VALUES ('$value1','Test')";