1. 首页
  2. 问答
  3. 如何获取用户ID并将其存储到数据库

如何获取用户ID并将其存储到数据库

2016-02-07 197 views
0

我是新来的php,并试图上传文件并将上载的文件存储在数据库中的当前登录用户ID,这是我的上传文件格式:如何获取用户ID并将其存储到数据库

<?php 
error_reporting(E_ALL^E_NOTICE); 
session_start(); 
?> 
<form method="post" enctype="multipart/form-data"> 
<table width="350" border="0" cellpadding="1" 
cellspacing="1" class="box"> 
<tr> 
<td>please select a file</td></tr> 
<tr> 
<td> 
<input type="hidden" name="MAX_FILE_SIZE" 
value="16000000"> 
<input name="pdf" type="file" id="pdf" accept="application/pdf"> 
</td> 
<td width="80"><input name="upload" 
type="submit" class="box" id="upload" value=" Upload "></td> 
</tr> 
</table> 
</form> 
</body> 
</html> 
<?php 
if(isset($_POST['upload'])&&$_FILES['pdf']['size']>0) 
{ 
$fileName = $_FILES['userfile']['name']; 
$tmpName = $_FILES['userfile']['tmp_name']; 
$fileSize = $_FILES['userfile']['size']; 
$filePath = $_FILES['userfile']['path']; 
$fileType = $_FILES['userfile']['type']; 
$fileType=(get_magic_quotes_gpc()==0 ? mysql_real_escape_string(
$_FILES['userfile']['type']) : mysql_real_escape_string(
stripslashes ($_FILES['userfile']))); 
$fp  = fopen($tmpName, 'r'); 
$content = fread($fp, filesize($tmpName)); 
$content = addslashes($content); 
fclose($fp); 
if(!get_magic_quotes_gpc()) 
{ 
    $fileName = addslashes($fileName); 
} 
$con = mysql_connect('localhost', 'root', '') or die(mysql_error()); 
$db = mysql_select_db('workflow', $con); 
if($db){ 
$query = "INSERT INTO upload (name, size, type, path ) ". 
"VALUES ('$fileName', '$fileSize', '$fileType', '$filePath')"; 
mysql_query($query) or die('Error, query failed'); 
mysql_close(); 
echo "<br>File $fileName uploaded<br>"; 
}else { echo "file upload failed"; } 
} 
?>

,这是我的登录表单:

<?php 
error_reporting(E_ALL^E_NOTICE); 
session_start(); 
?> 
<!DOCTYPE html> 
<html> 
<head> 
    <title>LOGIN FORM</title> 
</head> 
<body> 
<?php 
$form= "<form action='login.php' method='post'> 
    <table> 
    <tr> 
     <td>username :</td> 
     <td><input type='text' name='user'/></td> 
    </tr> 
    <tr> 
     <td>Password :</td> 
     <td><input type='password' name='password'/></td> 
    </tr> 
    <tr> 
     <td></td> 
     <td><input type='submit' name='loginbtn' value='login' /></td> 
    </tr> 
    </table> 
</form>"; 
if ($_POST['loginbtn']) { 
    $user = $_POST['user']; 
    $password = $_POST['password']; 
    if ($user) { 
    if ($password) { 
     require ("connect1.php"); 
     $password= md5(md5("jdhbjdbj".$password."jdh645fdj")); 
     $query = mysql_query("SELECT * FROM users WHERE username='$user'"); 
     $numrows = mysql_num_rows($query); 
     if ($numrows == 1) { 
     $row = mysql_fetch_assoc($query); 
     $dbid=$row['id']; 
     $dbuser=$row['username']; 
     $dbpass=$row['password']; 
     $dbactive=$row['active']; 
     if ($password == $dbpass) { 
      if ($dbactive == 1) { 
      $_SESSION['userid'] = $dbid; 
      $_SESSION['username'] = $dbuser; 

      echo "you have been logged in as <b>$dbuser</b>. <a href='insert1.php' >Click here</a> to go to the insertion page "; 

      } 
      else echo "you must activate your account to login .$form"; 
     } 
     else echo "You didn't enter a password . $form"; 
     } 
     else echo "the user name u entered wasn't found . $form";; 
     mysql_close(); 
    } 
    else echo "You must enter your password .$form"; 
    } 
    else echo "You must enter your username .$form"; 
} 
else echo $form; 

?> 
</body> 
</html>

我想获得当前用户ID,并将它与文件存储我上载她的任何一个可以帮助???

来源

2016-02-07 Mohamed Elbiheiry

+0

当用户在你的系统中存储了他的详细信息?在会议或其他事情? –

+0

@ A-2-A是的,我打开一个会话,当他登录 –

+0

上传是否工作?Shoudnt this'$ _FILES ['userfile'] ['name']'是'$ _FILES ['pdf'] [''名字']'等等? – Mihai

回答

2

您需要添加另一列到你的上传数据库,如userid,如果你还没有,只是把它想:

$query = "INSERT INTO upload (name, size, type, path, userid ) ". 
"VALUES ('$fileName', '$fileSize', '$fileType', '$filePath', '".$_SESSION['userid']."')";

$ _SESSION [“用户ID”] = <用户ID必须是更改为保存用户ID的密钥。不要忘记调用session_start();

来源

2016-02-07 11:40:04 AersolKing

+0

当我对这个$ _SESSION ['userid']和错误是:期待标识符(T_STRING)或变量(T_VARIABLE)或数字(T_NUM_STRING)时,它给出了一个错误 –

+0

尝试编辑,确保你调用session_start() ;在顶部,用户标识实际上保存用户标识。如果尚未设置,则无法使用。 – AersolKing

+0

我试过你说,它上传文件,但ID仍然给出为0,它应该是2 –

0

那么这里有一些步骤,建议您遵循: 建议第一:

  1. 使用mysqli_query instead of mysql_queryWhy mysqli?

  2. mysql_real_escape_string()扩展为deprecated .Read this寻求帮助。

  3. 始终为数据库连接维护一个单独的文件,并将其保留在public_directory之外,以使黑客难以访问。 How to do it?

现在为你“想获得当前用户ID,并将它与文件存储”: 要做到这一点,我会做这样的事情:

  1. 首先,在记录时间将用户标识存储在会话中。 How ?

  2. 存储在文件系统中的文件:

    if (move_uploaded_file($_FILES['userfile']["tmp_name"],"Filesystem/here/$_FILES['userfile']['name']")) 
{  
    // get the db connection 
    // get the user_id value from session 
    // store the user_id with path to file or whatever in database 
}

希望它会帮助你在一定程度上。祝你快乐编码:-)

来源

2016-02-07 12:15:24

相关问题

 相关问题