嘿,伙计们有点复杂,我有一个创建帐户页面,它只是将数据插入到mysql数据库中:
protected void Button1_Click(object sender, EventArgs e)
{
OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite2; User=root; Password=commando;");
cn.Open();
OdbcCommand cmd = new OdbcCommand("INSERT INTO User (Email, FirstName, SecondName, DOB, Location, Aboutme, username, password) VALUES ('" + TextBox1.Text + "', '" + TextBox2.Text + "', '" + TextBox3.Text + "', '" + TextBox4.Text + "', '" + TextBox5.Text + "', '" + TextBox6.Text + "', '" + TextBox7.Text + "', '" + TextBox8.Text + "')", cn);
cmd.ExecuteNonQuery();
{
//e.Authenticated = true;
Response.Redirect("Login.aspx");
// Event useradded is true forward to login
}
}
}
但是我的问题在创建帐户页面上我添加了一个文件上传控件,我想上传图片并将图片保存在图片表中:
string filenameDB = Path.GetFileName(FileUploadControl.FileName);
string fileuploadpath = Server.MapPath("~/userdata/" + theUserId + "/uploadedimage/") + Path.GetFileName(FileUploadControl.FileName);
FileUploadControl.SaveAs(fileuploadpath);
string fileuploadpaths = ("~/userdata/" + theUserId + "/uploadedimage/") + filenameDB;
StatusLabel.Text = "Upload status: File uploaded!";
OdbcCommand cmd = new OdbcCommand("INSERT INTO Pictures VALUES picturepath ='" + fileuploadpaths + "' WHERE UserId = '" + theuserid + "'", cn);
cmd.ExecuteNonQuery();
第一个问题是sql语法我需要将fileupload与我的buttonclick结合起来,所以它会INSERT INTO两个表用户和图片,但之后的问题是,如果帐户尚未创建,我怎么得到用户ID ? AHHH lol
表格结构:
总而言之,我需要将用户详细信息插入到用户表中并上传到项目文件并将imageUrl插入到图片表中(如此存储〜/ userdata / 2 / uploadedimages / bla.jpg)可以看到图片表是与用户表的1-1关系,所以它依赖于创建帐户的用户ID,没有用户ID,所以不确定是否有办法错开代码,所以首先插入用户详细信息然后使用会话检索该用户ID然后将imageurl插入图片表?
或者也许有一些时髦的功能,一些聪明的人已经遇到过这个问题,或者它只是一个简单的sql语法decombobulator。
P.S我知道SQL注入风险,请不要发布此事。谢谢你们!
修改
protected void Button1_Click(object sender, EventArgs e)
{
if (FileUpload1.HasFile)
{
try
{
OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite2; User=root; Password=commando;");
cn.Open();
OdbcCommand cmd = new OdbcCommand("INSERT INTO User (Email, FirstName, SecondName, DOB, Location, Aboutme, username, password) VALUES ('" + TextBox1.Text + "', '" + TextBox2.Text + "', '" + TextBox3.Text + "', '" + TextBox4.Text + "', '" + TextBox5.Text + "', '" + TextBox6.Text + "', '" + TextBox7.Text + "', '" + TextBox8.Text + "')", cn);
OdbcCommand sc = new OdbcCommand("SELECT LAST_INSERT_ID()", cn);
//convert LAST INSERT into string theUserId
string filenameDB = Path.GetFileName(FileUpload1.FileName);
string fileuploadpath = Server.MapPath("~/userdata/" + theUserId + "/uploadedimage/") + Path.GetFileName(FileUpload1.FileName);
FileUpload1.SaveAs(fileuploadpath);
string fileuploadpaths = ("~/userdata/" + theUserId + "/uploadedimage/") + filenameDB;
Label10.Text = "Upload status: File uploaded!";
OdbcCommand cm = new OdbcCommand("INSERT INTO Pictures (picturepath, UserId) VALUES ('" + fileuploadpaths + "', " + theUserId + ")", cn);
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
Label10.Text = "Upload status: The file could not be uploaded. The following error occured: " + ex.Message;
}
//e.Authenticated = true;
//Response.Redirect("Login.aspx");
// Event useradded is true forward to login
}
}
}
答案 0 :(得分:1)
您需要从用户插入中返回新用户ID。从mysql自动增量文档:
您可以检索最新的 AUTO_INCREMENT值与 LAST_INSERT_ID()SQL函数或 mysql_insert_id()C API函数。 这些功能是 特定于连接,所以他们的回归 值不受另一个值的影响 连接也在执行 插入
无论如何,您需要存储此返回并将其传递给相关操作。
答案 1 :(得分:1)
如果用户的图片是1:1,是否可以将图片路径放在用户表中?
如果没有,MySQL有一个last_insert_id()函数,允许您从表中获取最后一个自动增量值(在本例中为User) - 通常是主键。
答案 2 :(得分:0)
我看不到你的表结构,但它就像插入User表一样简单,检索UserID,保留UserID(可能传递给查询字符串的上传页面,或者使用session等),然后在Pictures表插入中使用该UserID? ħere's documentation on how to get the unique ID from an inserted row in MySQL