我已经编写了一些代码来收集图像,重新调整大小,上传到两个不同的文件夹并将新名称存储在mysql数据库中。代码的每个其他方面都在工作。我唯一的问题是,给图像的新名称没有存储在数据库中。我得到的只是一个数字。 E.g而不是将文件名称上传为1234_12345.jpg存储在数据库中,存储的文件名只是说1或3等。
以下是我的表格:
<form method="POST" id="adimageadd" action="<?php echo $editFormAction; ?>" name="adimageadd" enctype="multipart/form-data">
<div class="h1">Select Album:</div>
<select class="input-field-login2" id="albumselect" name="albumselect" required type="text" tabindex="1">
<option value="">Please Select</option>
<?php foreach ($result_album as $rs) { ?>
<option value="<?php echo $rs["alID"]; ?>"><?php echo $rs["alTitle"]; ?></option>
<?php } ?>
</select>
<input type="hidden" name="MAX_FILE_SIZE" value="" />
<input name="photo[]" type="file" required id="photo" size="26" multiple='multiple'/>
<button name="login" type="submit" id="login_submit" tabindex="3">Add Images</button>
<input type="hidden" name="form_insert" value="adimageadd">
</form>
PHP代码是:
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
define ("MAX_SIZE","2048");
$errors=0;
$query_album = "SELECT alID, alTitle, alImage, alDesc FROM galbum ORDER BY alID DESC";
$result_album = mysqli_query($connKcla, $query_album);
$row_album = mysqli_fetch_assoc($result_album);
$totalRows_album = mysqli_num_rows($result_album);
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["form_insert"])) && ($_POST["form_insert"] == "adimageadd")) {
//get form details and check for sql injections and disable them
$albumRef = mysqli_real_escape_string($connKcla, $_POST['albumselect']);
$image = $_FILES["photo"]["name"];
$uploadedfile = $_FILES['photo']['tmp_name'];
$img = count($image);
for ($i = 0; $i < $img; $i++) {
if ($image){
$filename = mysqli_real_escape_string($connKcla, $image[$i]);
$extension = getExtension($filename);
$extension = strtolower($extension);
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
{
echo ' Unknown Image extension ';
$errors=1;
}
else
{
$size=filesize($_FILES['photo']['tmp_name'][$i]);
if ($size > MAX_SIZE*1024)
{
echo "Your image has exceeded the size limit of 2Mb. Click the back button on your browser to re-enter the right size of image";
$errors=1;
}
if($extension=="jpg" || $extension=="jpeg" )
{
$uploadedfile = $_FILES['photo']['tmp_name'][$i];
$src = imagecreatefromjpeg($uploadedfile);
}
else if($extension=="png")
{
$uploadedfile = $_FILES['photo']['tmp_name'][$i];
$src = imagecreatefrompng($uploadedfile);
}
else
{
$src = imagecreatefromgif($uploadedfile);
}
list($width,$height)=getimagesize($uploadedfile);
$newwidth=760;
$newheight=($height/$width)*$newwidth;
$tmp=imagecreatetruecolor($newwidth,$newheight);
imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height);
$thumbnewwidth=250;
$thumbnewheight=($height/$width)*$thumbnewwidth;
$thumbtmp=imagecreatetruecolor($thumbnewwidth,$thumbnewheight);
imagecopyresampled($thumbtmp,$src,0,0,0,0,$thumbnewwidth,$thumbnewheight,$width,$height);
$set['photo'] = $image[$i];
$kaboom = explode(".", $image[$i]);
$pixExt = end($kaboom);
$photo = rand()."_".time().".".$pixExt;
$target = "../gallery/images/". $photo;
$thumbtarget = "../gallery/images/thumbs/". $photo;
imagejpeg($tmp,$target,100);
imagejpeg($thumbtmp,$thumbtarget,75);
imagedestroy($src);
imagedestroy($tmp);
imagedestroy($thumbtmp);
}
}
$stmt = $connKcla->prepare("INSERT INTO gimage (imImage, albumRef) VALUES ($photo[$i], $albumRef)");
$results = $stmt->execute();
$stmt->close();
if($results){
$updateGoTo = "confirm.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header("Location: ". $updateGoTo);
}else{
header("Location: error.php");
}
}
}
请非常感谢任何帮助。
答案 0 :(得分:1)
这会创建一个字符串:
$photo = rand()."_".time().".".$pixExt;
这会从该字符串中获取一个字符:
$photo[$i]
您在数据库中存储的内容:
$stmt = $connKcla->prepare("INSERT INTO gimage (imImage, albumRef) VALUES ($photo[$i], $albumRef)");
如果要存储整个字符串,只需使用字符串本身而不是特定字符的索引:
$stmt = $connKcla->prepare("INSERT INTO gimage (imImage, albumRef) VALUES ($photo, $albumRef)");
//^-- here
此外,您可能应该开始研究使用查询参数和预准备语句。虽然如果没有任何输入来自用户,此代码可能巧合当前 对SQL注入不开放是一个很好的习惯。
答案 1 :(得分:0)
问题解决了。我只是改变了查询的值部分:
$stmt = $connKcla->prepare("INSERT INTO gimage (imImage, albumRef) VALUES ($photo[$i], $albumRef)");
到
$stmt = $connKcla->prepare("INSERT INTO gimage (imImage, albumRef) VALUES ('$photo', '$albumRef')");