stackoom
  简体   繁体   中英

Uploading images to mysql using php form

 原文  2015-03-22 19:40:40       php/ mysql/ mysqli/ image-uploading

Question

I have this form to upload pictures to my mysql database: 

<h4>Add Photo</h4>

<form enctype="multipart/form-data" method="post">
    <?php
    require_once 'config.php';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

    if (isset($_POST['upload'])){
        $caption   = $_POST['caption'];
        $albumID   = $_POST['album'];
        $file      = $_FILES ['file']['name'];
        $file_type = $_FILES ['file']['type'];
        $file_size = $_FILES ['file']['size'];
        $file_tmp  = $_FILES ['file']['tmp_name'];
        $random_name = rand();

        if (empty($file)){
            echo "Please enter a file <br>";
        } else {
            move_uploaded_file($file_tmp, 'uploads/'.$random_name.'.jpg');
            mysqli_query(
                $mysqli,
                "INSERT INTO photos (caption, image_url, date_taken, imageID) "
                . "VALUES('"
                . addslashes($caption) . "', '"
                . $random_name . ".jpeg', NOW(), ?)"
            );
            echo "Photo successfully uploaded!<br>";
        }
    }
    ?>

    Caption: <br>
    <input type="text" name="caption">
    <br><br>

    Select Album: <br>
    <select name="album">
    <?php
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
    $result = $mysqli->query("SELECT * FROM albums");
    while ($row = $result->fetch_assoc()) {
        $albumID = $row['albumID'];
        $title   = $row['title'];
        echo "<option value='$albumID'>$title</option>";
    }
    ?>
    </select>
    <br><br>

    Select Photo: <br>
    <input type="file" name="file">
    <br><br>

    <input type="submit" name="upload" value="Upload">
</form>

I can successfully upload pictures to the 'uploads' folder on my sever, however nothing is added to the 'photos' table on my database. The schema for my photos folder is: caption, image_url, date_taken, imageID

is there something I am doing wrong with the structure? mysqli code? any help will be very much appreciated! Thank you in advance!

1 answers

solution1
 0 ACCPTED  2015-03-22 20:06:46

As Fred -ii- mentioned, the problem is that you're using a "?" as the value for the column imageID, but you're not using prepared statements. You're not checking for errors, but if you did you'd get something like:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?)' at line xx

Also, you're using addslashes to get user data into the query, which is unsafe (you should use mysqli_real_escape_string instead ).

A good solution to both problems would be to use prepared statements. You'd do something like this instead: 

    move_uploaded_file($file_tmp, 'uploads/'.$random_name.'.jpg');
    $ret = mysqli_prepare($mysqli, "INSERT INTO photos (caption, image_url, date_taken)
    VALUES(?, ?, NOW())");
    $filename = $random_name + ".jpeg";
    mysqli_stmt_bind_param($ret, "ss", $caption, $filename);
    mysqli_stmt_execute($ret);
    echo "Photo successfully uploaded!<br>";

Update : As the id is autogenerated, I removed the column from the query entirely.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Uploading a images in MySql using PHP Issue in uploading images to MySQL database using PHP uploading images in database mysql using php PHP form are not uploading images Uploading multiple images php, mysql uploading images php mysql binary Uploading images to MySQL (blob) with PHP Images are not uploading using PHP and AJAX uploadify not uploading images using php Uploading Images using ios to php
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM