1
嗨,大家好,我一直收到一个错误,当我尝试上传时没有选择图片,上传表格肯定是上传的正确名称和编号,所以它必须是错误的代码,任何人都可以明白为什么?上传图片php mysql二进制
<?php
// Create MySQL login values and
// set them to your login information.
$username = "**";
$password = "**";
$host = "**";
$database = "**";
// Make the connect to MySQL or die
// and display an error.
$link = mysql_connect($host, $username, $password);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
// Select your database
mysql_select_db ($database);
session_start();
if(!isset($_SESSION['username']))
{
die('You have no access to this page.');
}
else{
$username = $_SESSION['username'];
// Make sure the user actually
// selected and uploaded a file
if (isset($_FILES['image']) && $_FILES['image']['size'] > 0) {
// Temporary file name stored on the server
$tmpName = $_FILES['image']['tmp_name'];
// Read the file
$fp = fopen($tmpName, 'r');
$data = fread($fp, filesize($tmpName));
$data = addslashes($data);
fclose($fp);
// Create the query and insert
// into our database.
$query = "INSERT INTO Members WHERE username = '$username' ";
$query .= "(image) VALUES ('$data')";
$results = mysql_query($query, $link);
// Print results
print "Thank you, your file has been uploaded.";
}
else {
print "No image selected/uploaded";
}
}
// Close our MySQL Link
mysql_close($link);
?>
var_dump($ _ FILES)''给你什么?要么你传入了一个空文件,要么你没有给文件输入正确的名称(期待“image”)。 – Halcyon 2012-03-29 22:57:51
您不应该使用addslashes,而应该使用mysql_real_escape_string来确保您完全防止sql注入。 – dsas 2012-03-29 23:06:12