麻烦图像发布和mysql BLOB变量

时间:2016-05-20 16:11:39

标签: php mysql

我有一个创建员工的表单,我需要在我的数据库中存储图像(使用BLOB MySQL数据类型)。我使用此代码,我收到一个错误。它是关于这条线的吗?

$file=file_get_contents($_FILES["image"]["tmp_name"]);

这段代码有什么问题???

if (isset($_POST['submit']))
{


    $name=mysqli_prep($_POST["name"]);
    $family=mysqli_prep($_POST["family"]);
    $id=$_POST["id"];
    $staff_id=$_POST["staff_id"];
    $account_number=$_POST["account_number"];
    $sex=$_POST["sex"];
    $number_of_children=$_POST["number_of_children"];
    $tel=$_POST["tel"];
    $address=$_POST["address"];
    $no=$_POST["no"];
    $working_record=$_POST["working_record"];
    $marital_state=$_POST["marital_state"];
    $employer_id=$_POST["employer_id"];
        $file=file_get_contents($_FILES["image"]["tmp_name"]); 


    $query  ="INSERT INTO Employee (";
    $query .="Name,Family,ID,Staff_ID,Account_Number,Sex,Number_of_Children,";
    $query .="Tel,Address,No,Working_Record,Marital_State,";
    $query .="Employer_ID,Image)";
    $query .=" VALUES (";
    $query .="'{$name}','{$family}',{$id},{$staff_id},{$account_number},";       
    $query .="'{$sex}',{$number_of_children},{$tel},'{$address}',{$no},";
    $query .="'{$working_record}','{$marital_state}',";
    $query .="{$employer_id},'$file')";        
    $result =mysqli_query($connection, $query);

       if(!$result){   
           $_SESSION["message"] ="There were some errors,fill each 
       section carefully";   
           redirect_to("creat_employee.php");
       }
       else{
           $_SESSION["message"]="filling has been done !";

           redirect_to("creat_employee.php");
    }
}

1 个答案:

答案 0 :(得分:0)

最后我找到答案,尝试使用addslashes函数(用于sqlinjection)并且令人惊讶的是它正常工作