$conn = mysqli_connect("localhost","root","","vfssite");
if (isset($_POST['submit']))
{
$filetemp = $_FILES['file']['tmp_name'];
$filename = $filepath . basename($_FILES["fileToUpload"]["name"]);
$filepath = "uploads/galleryuploadwedding/".$filename;
$uploadOk = 1;
$imageFileType = pathinfo($filename,PATHINFO_EXTENSION);
move_uploaded_file($filetemp, $filepath);
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" )
{
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
$sql = "INSERT INTO gallerywedding (imagename) values ('$filename')";
if ($result = mysqli_query($conn, $sql))
{
echo "<script type='text/javascript'>alert('submitted successfully!')</script>";
} else
echo "Error";
}
上传带有类型验证的图像文件时出错并保存在文件夹中并在数据库中保存路径
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
- 邀请回答
-
1条回答 默认 最新
- dpu66046 2017-05-28 11:30关注
@Yuva Kishore here is the code which work. It is similar to your code and you can differentiate here. I have user PHP MYSQLI PREPARED STATEMENT AGAINST SQL INJECTION WHEN YOU ARE SEND DATA WITH INPUT FIELDS.
HTML CODE :
<form action="" method="post" enctype="multipart/form-data"> <input type="file" name="file" > <input type="submit" name="submit" > </form>
PHP CODE TO UPLOAD IMAGE AND INSERT INTO DATABASE
<?php $servername = "localhost"; $username = "root"; $password = "admin"; $dbname = "demo"; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); if(isset($_POST['submit'])){ $file_name = $_FILES['file']['name']; $filename_tmp = $_FILES['file']['tmp_name']; $path = 'uploads/galleryuploadwedding/'; $imageFileType = pathinfo($file_name,PATHINFO_EXTENSION); if($imageFileType == "jpg" || $imageFileType == "PNG" || $imageFileType == "jpeg" || $imageFileType == "gif") { //NOW MOVE UPLOADED FILE TO PATH if(move_uploaded_file($filename_tmp,$path.$file_name)){ echo "Success"; //NOW INSERT THE IMAGE NAME TO DATABASE //USER MYSQLI PREPARED STATEMENT AGAINST SQL INJECTION $sql = $conn->stmt_init(); $query = "INSERT INTO gallerywedding (imagename) VALUES (?)"; if($sql->prepare($query)){ $sql->bind_param('s',$file_name); if($sql->execute()){ echo "Successfuly inserted the image to database"; } } else { echo "Error".$conn->error; } } } else { echo $imageFileType."<br>"; echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed."; } } ?>
Feel free to ask questions comment below my post
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报
悬赏问题
- ¥15 #MATLAB仿真#车辆换道路径规划
- ¥15 java 操作 elasticsearch 8.1 实现 索引的重建
- ¥15 数据可视化Python
- ¥15 要给毕业设计添加扫码登录的功能!!有偿
- ¥15 kafka 分区副本增加会导致消息丢失或者不可用吗?
- ¥15 微信公众号自制会员卡没有收款渠道啊
- ¥100 Jenkins自动化部署—悬赏100元
- ¥15 关于#python#的问题:求帮写python代码
- ¥20 MATLAB画图图形出现上下震荡的线条
- ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘