我正在为一个网站编写一个发布表单。它允许用户添加文本,或文本和一个或多个图像。当用户只输入文本时,一切都会完美地工作。当用户想在帖子中添加图片时,图像上传会起作用,但文本不会添加到MySQL数据库中。
function uploadImg($filesvar, $folder){
$num = 1;
$names = [];
$allFiles = [];
$uploadOk = 1;
foreach($_FILES[$filesvar]['name'] as $x => $name){
$type = pathinfo($name,PATHINFO_EXTENSION);
if($type !== "jpg" && $type !== "png" && $type !== "jpeg" && $type !== "gif" ) {
echo "<br>Bare JPG, JPEG, PNG og GIF filer er tillatt.";
$uploadOk = 0;
}else{
if (($_FILES[$filesvar]['size'][$x] < 100) || ($_FILES[$filesvar]['size'][$x] > 50*1024*1024)){
echo "<br>En eller flere av filen(e) er for stor(e)";
$uploadOk = 0;
}
}
}
if($uploadOk == 1){
foreach($_FILES[$filesvar]['name'] as $x => $name){
$type = pathinfo($name,PATHINFO_EXTENSION);
$target = $folder . date('dmyHis') . "." . $type;
if (file_exists($_SERVER['DOCUMENT_ROOT'].$target)){
$target = $folder . date('dmyHis') . $num . "." . $type;
$num += 1;
}
array_push($names, $target);
if(!move_uploaded_file($_FILES[$filesvar]["tmp_name"][$x], $_SERVER['DOCUMENT_ROOT'].$target)){echo "ERROR";}
}
return $names;
}else{
return "ERROR";
}
}
这^是我的上传功能。它似乎起到了应有的作用。如果上传顺利,它会将数组传递给下一个函数:
function ny_nyhet($Name, $Message) {
if($Message!==""){
if(is_uploaded_file($_FILES['userfile']['tmp_name'][0])){
$files = uploadImg('userfile', '/img/Nyheter/');
if($files !== "ERROR"){
foreach($files as $file){
$Message = $Message.'<br><a href="'.$file.'"><img src="'.$file.'"></a>';
}
insert_mysql("IP", "DATABASE", "USER", "PASSWORD", "TABLE", "ID, Name, Message", "``,`".$Name."`,`".$Message."`");
}else{
echo "<br>En feil oppstod";
}
}else{
insert_mysql("IP", "DATABASE", "USER", "PASSWORD", "TABLE", "ID, Name, Message", "'','".$Name."','".$Message."'");
}
}
}
在这一点上,代码也可以正常工作。除了零件:
insert_mysql("IP", "DATABASE", "USER", "PASSWORD", "TABLE", "ID, Name, Message", "``,`".$Name."`,`".$Message."`");
当用户只使用文本时,这很好,但当添加图像代码时,它就不起作用了。我直接在phpmyadmin中使用生成的代码进行了测试,这给了我一个格式错误。我不知道可能是什么错误。
function insert_mysql($Server, $Database, $User, $Pass, $Table, $Names, $Values) {
$con=mysqli_connect($Server, $User, $Pass, $Database);
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
mysqli_query($con,"SET NAMES 'utf8'");
mysqli_query($con,"INSERT INTO `".$Table."` (".$Names.") VALUES(".$Values.")");
mysqli_close($con);
}
此代码^是我用来添加到数据库中的代码。这可能会有所帮助,但我不知道实际问题是什么,也不知道问题出在哪里。我是犯了一个愚蠢的错误,还是文本需要正确格式化?我希望有人能给我一个答案。
MySQL查询:
插入nyheter
(ID、名称、消息)值(``、Admin
、<p>asdsadasda</p> <br><a href="/img/Nyheter/290315005049.jpg"><img src="/img/Nyheter/290315005049.jpg"></a><br><a href="/img/Nyheter/2903150050491.jpg"><img src="/img/Nyheter/2903150050491.jpg"></a><br><a href="/img/Nyheter/2903150050492.jpg"><img src="/img/Nyheter/2903150050492.jpg"></a>
)
根据文档mysqli_query
应该返回事务的结果。检查是否存在错误,并对其进行回应,以找出导致问题的原因。
function insert_mysql($Server, $Database, $User, $Pass, $Table, $Names, $Values) {
$con=mysqli_connect($Server, $User, $Pass, $Database);
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
mysqli_query($con,"SET NAMES 'utf8'");
$res = mysqli_query($con,"INSERT INTO `".$Table."` (".$Names.") VALUES(".$Values.")");
if ( !$res ) { die('Error inserting into db: ' . mysqli_error($con)); }
mysqli_close($con);
}
PLEASE还将了解如何将参数正确绑定到查询的这一点(mysqli_stmt::bind_param
)。作为替代方案,您也可以使用此选项。