从db存储和显示图像文件

时间:2015-02-10 13:27:24

标签: php mysql sql blob

我创建了一个简单的添加产品表单,这就是它的外观:

<form id="loginForm" name="loginForm" method="post" enctype="multipart/form-data" action="ads_include/ads_v1_normal_priori.php"> 
    <label class="control-label" for="input01">Naziv oglasa</label> 
    <div class="controls"> 
        <input type="text" name="naziv" id="naziv" class="form-control"> 
    </div> 
    <label class="control-label">Opis oglasa</label> 
    <div class="controls"> 
        <div class="textarea"> 
            <textarea type="" name="opis" id="opis" class="form-control" rows="5"></textarea> 
        </div> 
    </div>
    <label class="control-label">Slika oglasa</label> 
    <div class="controls"> 
        <input type="file" name="image" class="form-control">
    </div>
    <label class="control-label" for="input02">Kategorija oglasa</label> 
    <div class="controls"> 
        <input type="text" name="kategorija" id="kategorija" class="form-control"> 
    </div> 
    <label class="control-label" for="input03">Kontakt telefon</label> 
    <div class="controls"> 
        <input type="text" name="tel" id="tel" class="form-control"> 
    </div> 
    <label class="control-label" for="input04">Adresa (1)</label> 
    <div class="controls"> 
        <input type="text" name="adresa" id="adresa" class="form-control"> 
    </div> 
    <label class="control-label" for="input05">Adresa (2)</label> 
    <div class="controls"> 
        <input type="text" name="adresa2" id="adresa2" class="form-control"> 
    </div> 
    <label class="control-label" for="input06">Adresa (3)</label> 
    <div class="controls"> 
        <input type="text" name="adresa3" id="adresa3" class="form-control"> 
    </div> 
    <label class="control-label" for="input07">Drzava</label> 
    <div class="controls"> 
        <input type="text" name="drzava" id="drzava" class="form-control"> 
    </div> 
    <label class="control-label" for="input08">Grad</label> 
    <div class="controls"> 
        <input type="text" name="grad" id="grad" class="form-control"> 
    </div> 
    <label class="control-label" for="input09">Mesto</label> 
    <div class="controls"> 
        <input type="text" name="mesto" id="mesto" class="form-control"> 
    </div> 
    <label class="control-label" for="input10">Datum reg. oglasa</label> 
    <div class="controls"> 
        <input type="text" name="datumPostavljana" id="datumPostavljana" class="form-control"> 
    </div> 
    <label class="control-label" for="input11">Datum odj.oglasa</label> 
    <div class="controls"> 
        <input type="text" name="datumBrisanja" id="datumBrisanja" class="form-control"> 
    </div><br/> 
    <div class="controls"> 
        <input type="submit" value="Dodaj oglas" class="btn btn-success"> 
        <input type="submit" value="Obriši" class="btn btn-default"> 
    </div> 
</form>

这是用于将数据存储到db:

的文件
<?php
    //Start session
    session_start();

    //Include database connection details
    require_once('config.php');

    //Array to store validation errors
    $errmsg_arr = array();

    //Validation error flag
    $errflag = false;

    //Connect to mysql server
    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }

    //Select database
    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {
        die("Unable to select database");
    }

    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }

    //Sanitize the POST values
    $naziv = clean($_POST['naziv']);
    $opis = clean($_POST['opis']);
    $kategorija = clean($_POST['kategorija']);
    $tel = clean($_POST['tel']);
    $adresa = clean($_POST['adresa']);
    $drzava = clean($_POST['drzava']);
    $grad = clean($_POST['grad']);
    $mesto = clean($_POST['mesto']);
    $datumPostavljana = clean($_POST['datumPostavljana']);
    $datumBrisanja = clean($_POST['datumBrisanja']);

    //Input Validations
    if($naziv == '') {
        $errmsg_arr[] = 'Naziv missing';
        $errflag = true;
    }
    if($opis == '') {
        $errmsg_arr[] = 'Opis missing';
        $errflag = true;
    }
    if($kategorija == '') {
        $errmsg_arr[] = 'Kategorija missing';
        $errflag = true;
    }
    if($tel == '') {
        $errmsg_arr[] = 'Telefon missing';
        $errflag = true;
    }
    if($adresa == '') {
        $errmsg_arr[] = 'Adresa missing';
        $errflag = true;
    }
    if($drzava == '') {
        $errmsg_arr[] = 'Drzava missing';
        $errflag = true;
    }
    if($grad == '') {
        $errmsg_arr[] = 'Grad missing';
        $errflag = true;
    }
    if($mesto == '') {
        $errmsg_arr[] = 'Mesto missing';
        $errflag = true;
    }
    if($datumPostavljana == '') {
        $errmsg_arr[] = 'Datum postavljanja missing';
        $errflag = true;
    }
    if($datumBrisanja == '') {
        $errmsg_arr[] = 'Datum isteka missing';
        $errflag = true;
    }


    //Check for duplicate login ID
    if($login != '') {
        $qry = "SELECT * FROM oglas WHERE link='$naziv'";
        $result = mysql_query($qry);
        if($result) {
            if(mysql_num_rows($result) > 0) {
                $errmsg_arr[] = 'Naziv already in use';
                $errflag = true;
            }
            @mysql_free_result($result);
        }
        else {
            die("Query failed");
        }
    }

    //If there are input validations, redirect back to the registration form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: ../add_ads_normal.php");
        exit();
    }

    //Create INSERT query
    $qry = "INSERT INTO oglas (naziv, opis, kategorija, tel, adresa, adresa2, adresa3, drzava, grad, mesto, datumPostavljana, datumBrisanja) 
    VALUES('$naziv','$opis','$kategorija','$tel','$adresa','$adresa2','$adresa3','$drzava','$grad','$mesto','$datumPostavljana','$datumBrisanja')";
    $result = @mysql_query($qry);


    //Check whether the query was successful or not
    if($result) {
        header("location: ../add_ads_normal.php?successfull_add_1_row_in_oglas_v1");
        exit();
    }else {
        die("Query failed");
    }
?>

我的问题是:如何将图像存储在de数据库中并显示它?我需要在第二页上使用哪些代码才能使其正常工作?

1 个答案:

答案 0 :(得分:1)

首先,您需要一个可以处理文件上传的HTML表单。这意味着表单需要具有enctype="multipart/form-data"属性,我认为你有这个属性。

接下来,在您收到的PHP脚本中,此信息将位于$_FILES全局变量中。如果您的<input type="file">name="myfile",则此上传文件的元信息将显示在$_FILES['myfile']中。如果您使用var_dump进行检查,则会在tmp_name条目中看到上传文件的位置。

(有关上述内容的更多信息,请参阅Google“PHP文件上传”。)

接下来,您可以使用PHP的file_get_contents函数来读取该文件的内容,并将其存储在您的数据库中。在将它放入SQL查询之前,我首先使用base64_encode将其转换为一些ASCII安全字符串。

您还应该将文件的文件类型存储在数据库中,这样您就可以知道需要从PHP输出发送哪种标头来告诉浏览器文件类型。可以使用您可以使用PECL安装的FileInfo extension来检测此文件类型。

一旦你将所有数据存储在数据库中,然后检索它并将其输出到浏览器,就需要获取文件类型,内容base64_decode,设置正确的标题(不要忘记Content-Length标头),然后回显字节。