在数据库中插入图像

Question

I am new to asp.net and databases! 我是asp.net和数据库的新手！ I am trying to save image into database from the file upload control. 我正在尝试通过文件上传控件将图像保存到数据库中。 i have tried it but it isn't working that is upon clicking the submit button, the data does not get added into the database neither showing any error! 我已经尝试过，但是单击提交按钮后它不起作用，数据没有添加到数据库中，也没有显示任何错误！ this is the code which I have tried 这是我尝试过的代码

protected void ButtonSubmit_Click(object sender, EventArgs e)
{         
    if (FileUpload1.HasFile && Page.IsValid)                //fileUpload and submit
    {
        string fileExtension = System.IO.Path.GetExtension(FileUpload1.FileName);

        if (fileExtension.ToLower() != ".jpg")
        {
            Labelupload.Text = "Only Files with .jpg extension are allowed";
            Labelupload.ForeColor = System.Drawing.Color.Red;
        }
        else
        {
            FileUpload1.SaveAs(Server.MapPath("~/Uploads/" + FileUpload1.FileName));
            Labelupload.Text = "File Uploaded";
            Labelupload.ForeColor = System.Drawing.Color.DeepSkyBlue;

            LabelSubmit.Text = "Submitted Succesfully";
            LabelSubmit.ForeColor = System.Drawing.Color.DeepSkyBlue;
        }
    }
    else
    {
        Labelupload.Text = "Please select a file";
        Labelupload.ForeColor = System.Drawing.Color.Red;
        LabelSubmit.Text = "Failed to Submit";
        LabelSubmit.ForeColor = System.Drawing.Color.Red;
    }

    // insert into database
    Work obj = new Work();

    /* Stream fs = FileUpload1.PostedFile.InputStream;
    BinaryReader br = new BinaryReader(fs);
    Byte[] bytes = br.ReadBytes((Int32)fs.Length);*/

    obj.listItem_1 = DropDownList1.SelectedValue;
    obj.listItem_2 = DropDownList2.SelectedValue;
    obj.Description = TextBoxdescription.Text;
    obj.Date = TextBoxdate.Text;
    //obj.UploadedImage = bytes;

    int k = obj.insertmethod();

    TextBoxdescription.Text = "";   
}

Here is the Work class that contains the insertmethod() logic: 这是包含insertmethod()逻辑的Work类：

public class Work
{
    Clssqlconnection obj = new Clssqlconnection();

    public string listItem_1 { get; set; }
    public string listItem_2 { get; set; }
    public string Description { get; set; }
    public string Date { get; set; }
    //public Byte[] UploadedImage { get; set; }

    public int insertmethod()
    {
        obj.str = @"insert into [assign_Work] (listItem_1, listItem_2, Description, Date, UploadedImage)" +
             "values('" + listItem_1 + "','" + listItem_2 + "','" + Description + "','" + Date + "','" + UploadedImage + "')";
        return obj.ExecuteNonQuery();
    }
}

Answer 1

The image needs to go into the database via a parameter. 图像需要通过参数进入数据库。 You cannot have it in a raw SQL statement. 您不能在原始SQL语句中使用它。 Try this: 尝试这个：

public int insertmethod()
{

    obj.str = @"insert into [assign_Work] (listItem_1, listItem_2, Description, Date, UploadedImage)" +
         "values('" + listItem_1 + "','" + listItem_2 + "','" + Description + "','" + Date + "', ?)";
    obj.Parameters.AddWithValue("File", UploadedImage);

    return obj.ExecuteNonQuery();


}

Also, btw, you might want to consider using parameters for all of these values to avoid injection attacks. 另外，顺便说一句，您可能要考虑对所有这些值使用参数，以避免注入攻击。 For instance, what if your Description field had an apostrophe in it? 例如，如果您的“描述”字段中包含撇号怎么办？

在数据库中插入图像

问题描述

1 个解决方案

解决方案1
1 已采纳 2013-09-24 20:42:27

在数据库中插入图像

问题描述

1 个解决方案

解决方案1 1 已采纳 2013-09-24 20:42:27

解决方案1
1 已采纳 2013-09-24 20:42:27