$conn = mysqli_connect("localhost","root","","vfssite");
if (isset($_POST['submit']))
{
$filetemp = $_FILES['file']['tmp_name'];
$filename = $filepath . basename($_FILES["fileToUpload"]["name"]);
$filepath = "uploads/galleryuploadwedding/".$filename;
$uploadOk = 1;
$imageFileType = pathinfo($filename,PATHINFO_EXTENSION);
move_uploaded_file($filetemp, $filepath);
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" )
{
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
$sql = "INSERT INTO gallerywedding (imagename) values ('$filename')";
if ($result = mysqli_query($conn, $sql))
{
echo "<script type='text/javascript'>alert('submitted successfully!')</script>";
} else
echo "Error";
}
上传带有类型验证的图像文件时出错并保存在文件夹中并在数据库中保存路径
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
- 邀请回答
-
1条回答 默认 最新
- dpu66046 2017-05-28 11:30关注
@Yuva Kishore here is the code which work. It is similar to your code and you can differentiate here. I have user PHP MYSQLI PREPARED STATEMENT AGAINST SQL INJECTION WHEN YOU ARE SEND DATA WITH INPUT FIELDS.
HTML CODE :
<form action="" method="post" enctype="multipart/form-data"> <input type="file" name="file" > <input type="submit" name="submit" > </form>
PHP CODE TO UPLOAD IMAGE AND INSERT INTO DATABASE
<?php $servername = "localhost"; $username = "root"; $password = "admin"; $dbname = "demo"; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); if(isset($_POST['submit'])){ $file_name = $_FILES['file']['name']; $filename_tmp = $_FILES['file']['tmp_name']; $path = 'uploads/galleryuploadwedding/'; $imageFileType = pathinfo($file_name,PATHINFO_EXTENSION); if($imageFileType == "jpg" || $imageFileType == "PNG" || $imageFileType == "jpeg" || $imageFileType == "gif") { //NOW MOVE UPLOADED FILE TO PATH if(move_uploaded_file($filename_tmp,$path.$file_name)){ echo "Success"; //NOW INSERT THE IMAGE NAME TO DATABASE //USER MYSQLI PREPARED STATEMENT AGAINST SQL INJECTION $sql = $conn->stmt_init(); $query = "INSERT INTO gallerywedding (imagename) VALUES (?)"; if($sql->prepare($query)){ $sql->bind_param('s',$file_name); if($sql->execute()){ echo "Successfuly inserted the image to database"; } } else { echo "Error".$conn->error; } } } else { echo $imageFileType."<br>"; echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed."; } } ?>
Feel free to ask questions comment below my post
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报
悬赏问题
- ¥15 对于这个复杂问题的解释说明
- ¥50 三种调度算法报错 采用的你的方案
- ¥15 关于#python#的问题,请各位专家解答!
- ¥200 询问:python实现大地主题正反算的程序设计,有偿
- ¥15 smptlib使用465端口发送邮件失败
- ¥200 总是报错,能帮助用python实现程序实现高斯正反算吗?有偿
- ¥15 对于squad数据集的基于bert模型的微调
- ¥15 为什么我运行这个网络会出现以下报错?CRNN神经网络
- ¥20 steam下载游戏占用内存
- ¥15 CST保存项目时失败