我已经能够将图像上传到数据库中,但现在我还想在html表单下方显示上传的图像。我试图通过在php脚本中创建一个将在单独的PHP脚本中使用的数组来实现此目的。显而易见的错误是“不要直接访问超级全球$ _REQUEST”我该如何解决?
<?php
require 'connection';
$id = addslashes ($_REQUEST ['id']);
$image = mysql_query ("SELECT * FROM players WHERE id= $id");
$image2 = mysql_fetch_assoc($image);
$image3 = $image2 ['image'];
header ("content-type: image/jpeg");
echo $image3;
<?php
require 'connection.php';
// file properties
$id = filter_input(INPUT_POST, 'playerid');
$name = filter_input(INPUT_POST, 'name');
$age = filter_input(INPUT_POST, 'age');
$position = filter_input(INPUT_POST, 'position');
$nationality = filter_input(INPUT_POST, 'nationality');
$file = $_FILES['image']['tmp_name'];
if (! isset($file)){
echo "Please select an image.";
}
else {
$_id = mysql_real_escape_string( $id );
$_name = mysql_real_escape_string( $name );
$_age = mysql_real_escape_string( $age );
$_position = mysql_real_escape_string( $position );
$_nationality = mysql_real_escape_string( $nationality );
$image = addslashes(file_get_contents($_FILES ['image']['tmp_name']));
$image_name = addslashes($_FILES ['image']['name']);
$image_size = getimagesize($_FILES ['image']['tmp_name']);
if ($image_size == FALSE){
echo "Thats not an image.";
}
else{
if(!$insert = mysql_query("INSERT INTO players VALUES ( '$_id', '$_name', '$_age', '$_position', '$_nationality', '$image_name', '$image' )" )){
echo "Problem uploading image.";
}
else
{
$lastid = mysql_insert_id();
echo "Profile photo uploaded.<p />Player photo:<p /><img src= getphoto.php?id=$lastid";
}
}
}
答案 0 :(得分:0)
更改
../
要访问$id = addslashes ($_REQUEST ['id']);
或$_POST
,具体取决于您是否正在处理POST或GET请求:
$_GET