php 如何在MySQL中上传图片PHP并插入路径?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18737462/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to upload image PHP and insert path in MySQL?
提问by Muskan
I'd like to include in my MySQL table a path to an image. The image path gets into the table by inserting the value of a "file" textfield (one of those Browse kind of deals). So the value that gets entered is something like: image001.jpg. But I can't seem to use that value to put an image into a html page. if it goes into the table fine, why can't I get it out?
我想在我的 MySQL 表中包含一个图像路径。通过插入“文件”文本字段(浏览类型的交易之一)的值,图像路径进入表格。这样被输入的值是一样的东西:image001.jpg。但我似乎无法使用该值将图像放入 html 页面。如果它进入桌子很好,为什么我不能把它拿出来?
I upload an image but I don't know where it's gone. Because there's no value entered in image field when I checked it through PhpMyadmin.
我上传了一张图片,但我不知道它去了哪里。因为当我通过 PhpMyadmin 检查时,图像字段中没有输入值。
Table schema
表模式
CREATE TABLE employee_details
(
emp_image varchar(255),
employee_name varchar(50),
employee_address varchar(50),
employee_designation varchar(50),
employee_salary int(),
);
Query
询问
$sql="
INSERT INTO employee_detail(
emp_image,
employee_name,
employee_address,
employee_contact,
employee_designation,
employee_salary
)
VALUES(
'$_POST[emp_image]',
'$_POST[employee_name]',
'$_POST[employee_address]',
'$_POST[employee_contact]',
'$_POST[employee_designation]',
'$_POST[employee_salary]'
)";
回答by Christian Mark
On your comment you ask how to upload and store the data to mysql. So here it is:
在您的评论中,您询问如何将数据上传和存储到 mysql。所以这里是:
To get the file, you should have a script in your html like this:
要获取该文件,您的 html 中应该有一个脚本,如下所示:
<html>
<body>
<form action="upload_file.php" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file"><br>
<input type="submit" name="submit" value="Submit">
</form>
</body>
</html>
Now, on POST, your PHP file should look like this but please take note that you have to check if the file exists on your POST:
现在,在 POST 中,您的 PHP 文件应该如下所示,但请注意,您必须检查 POST 中是否存在该文件:
if ($_FILES["file"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br>";
echo "Type: " . $_FILES["file"]["type"] . "<br>";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
echo "Stored in: " . $_FILES["file"]["tmp_name"];
}
Since the "Stored in:" part is just the temporary path, you should move to your 'real' image path using move_uploaded_file(). Let say the real/default path for your images is in:
由于“存储在:”部分只是临时路径,您应该使用move_uploaded_file()移动到您的“真实”图像路径。假设您的图像的真实/默认路径在:
$image_dir= '/images/';
You just have to move the file using this:
你只需要使用这个移动文件:
move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $image_dir. $_FILES['uploaded_file']['name']);
And your full path to the image would be
你的图像的完整路径是
$image = $final_save_dir . $_FILES['uploaded_file']['name'];
There are several ways to store the path to your database:
有几种方法可以存储数据库的路径:
1st: Is to store just the filenameand concatenate the path of the image in PHP using $_SERVER['DOCUMENT_ROOT']and your default image path like:
第一:仅存储文件名并使用 PHP 连接$_SERVER['DOCUMENT_ROOT']图像的路径和您的默认图像路径,例如:
$sql="insert into employee_detail( emp_image, employee_name, employee_address,
employee_contact, employee_designation, employee_salary)
values( '$image', '$_POST[employee_name]', '$_POST[employee_address]', '$_POST[employee_contact]',
'$_POST[employee_designation]','$_POST[employee_salary]')";
2nd: Is to store the full pathlike:
第二:是存储完整路径,如:
$sql="insert into employee_detail( emp_image, employee_name, employee_address,
employee_contact, employee_designation, employee_salary)
values( '".$_SERVER['DOCUMENT_ROOT']."\images\".$image."', '$_POST[employee_name]', '$_POST[employee_address]', '$_POST[employee_contact]',
'$_POST[employee_designation]','$_POST[employee_salary]')";
What I recommend is this approach wherein you will input the partial path(without the root dir) so that later you don't have a problem on deploying it:
我推荐的是这种方法,其中您将输入部分路径(没有根目录),以便以后部署它时不会出现问题:
$sql="insert into employee_detail( emp_image, employee_name, employee_address,
employee_contact, employee_designation, employee_salary)
values( 'images\".$image."', '$_POST[employee_name]', '$_POST[employee_address]', '$_POST[employee_contact]',
'$_POST[employee_designation]','$_POST[employee_salary]')";
And make sure that the images are successfully upload to that default image dir/path.
并确保图像成功上传到该默认图像 dir/path。
UPDATE
更新
I also recommend that you use mysqli_*or PDOand use prepare()method /function to prevent sql injection.
我还建议您使用mysqli_*orPDO和使用prepare()方法 /function 来防止 sql 注入。
回答by giorgio
If you upload an image, it is saved in the temporary path at first. You'll have to move it to your final directory, otherwise it'll be gone after script execution. What basically happens is this:
如果您上传图片,它首先会保存在临时路径中。您必须将其移动到最终目录,否则脚本执行后它将消失。基本上发生的是这样的:
If you have a form with some form fields (text, checkbox, textarea, whatever), AND a file field (<input type="file" name="uploaded_file" />), all 'normal' fields will be accessible with the $_POSTarray. The file(s) however will be accessible in the $_FILESarray (see also the man page about file uploads).
如果您有一个包含一些表单字段(文本、复选框、文本区域等)和一个文件字段 ( <input type="file" name="uploaded_file" />) 的表单,则所有“普通”字段都可以通过$_POST数组访问。但是,可以在$_FILES数组中访问文件(另请参阅有关文件上传的手册页)。
Now when you receive the POST request, the uploaded files are stored in your temporary directory. If you don't do anything, it'll be deleted again after script execution. So you'd need to call the move_uploaded_file() function. Example:
现在,当您收到 POST 请求时,上传的文件将存储在您的临时目录中。如果你什么都不做,它会在脚本执行后再次被删除。所以你需要调用move_uploaded_file() 函数。例子:
$final_save_dir = '/path/to/images/dir/';
move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $final_save_dir . $_FILES['uploaded_file']['name']);
And your full path to the image would be
你的图像的完整路径是
$image_full_path = $final_save_dir . $_FILES['uploaded_file']['name'];
This path can be saved in your database:
此路径可以保存在您的数据库中:
$sql="
INSERT INTO employee_detail(
emp_image,
...
)
VALUES(
'$image_full_path',
...
)";
IMPORTANT:please take note on @brewal's comment. Your script is VERY unsafe like this.
重要提示:请注意@brewal 的评论。你的脚本是非常不安全的。
