我有一个网页,旨在允许用户上传文件并提交评论。 然后应将文件和相应的注释输入MySQL数据库。 目前,如果有人试图这样做,则上传文件并将链接插入到数据库中。 但是,注释永远不会进入数据库。 该网页包含以下代码:
<div style="padding-left: 225px; padding-top: 15px; padding-bottom: 15px; background-color: #754f00; border-style: solid; border-weight: 4px; border-color: black;"> <div class="uploadbox" style='margin-left: 100px'> <? include('uploadform.php') ?> <? include('uploader.php'); ?> </div> <center> <? include('testpost.php'); ?> </center> </div> <br> <hr> <br> <center> <? include('feed.php'); ?> </center>文件uploadform.php由哪个给出
<form enctype="multipart/form-data" method="POST"> Comment:<br /> <textarea name='comment' id='comment'></textarea><br /> <input type="hidden" name="MAX_FILE_SIZE" value="10000000" /> Choose a file to upload: <input name="uploadedfile" type="file" /><br /> <input type="submit" value="Submit" /> </form>文件uploader.php包含以下内容:
<?php if( $_POST ){ // Where the file is going to be placed $target_path = "uploads/"; /* Add the original filename to our target path. Result is "uploads/filename.extension" */ $target_path = $target_path .time() .basename( $_FILES['uploadedfile']['name']); if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) { echo "The <a href=" . $target_path . ">file</a> has been uploaded! <br /> LINK: " . $target_path; $con = mysql_connect("localhost","theshitp_user","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("theshitp_posts", $con); $query = " INSERT INTO `theshitp_posts`.`test2` (`file`) VALUES ( '$target_path' );"; mysql_query($query); echo "<p style='color: grey;'><b>Thank you for your Comment!</b></p>"; mysql_close($con); } else{ echo "There was an error uploading the file, please try again!"; } } ?>并且文件testpost.php包含
<? if( $_POST ) { $con = mysql_connect("localhost","theshitp_user","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("theshitp_posts", $con); $users_comment = $_POST['comment']; $users_comment = mysql_real_escape_string($users_comment); $query = " INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES (NULL, '$users_comment', CURRENT_TIMESTAMP() );"; mysql_query($query); echo "<p style='color: grey;'><b>Thank you for your Comment!</b></p>"; mysql_close($con); } ?>任何人都可以看到为什么文件链接正在输入数据库,但评论不是吗? id和timestamp字段也正确输入数据库。
I have a webpage intended to allow users to upload a file and submit a comment. The file and respective comment should then be input into a MySQL database. Currently, if someone tries to do this, the file is uploaded and the link is inserted into the database as it should be. However, the comment never gets entered into the database. The webpage has the following code:
<div style="padding-left: 225px; padding-top: 15px; padding-bottom: 15px; background-color: #754f00; border-style: solid; border-weight: 4px; border-color: black;"> <div class="uploadbox" style='margin-left: 100px'> <? include('uploadform.php') ?> <? include('uploader.php'); ?> </div> <center> <? include('testpost.php'); ?> </center> </div> <br> <hr> <br> <center> <? include('feed.php'); ?> </center>Where the file uploadform.php is given by
<form enctype="multipart/form-data" method="POST"> Comment:<br /> <textarea name='comment' id='comment'></textarea><br /> <input type="hidden" name="MAX_FILE_SIZE" value="10000000" /> Choose a file to upload: <input name="uploadedfile" type="file" /><br /> <input type="submit" value="Submit" /> </form>The file uploader.php contains the following:
<?php if( $_POST ){ // Where the file is going to be placed $target_path = "uploads/"; /* Add the original filename to our target path. Result is "uploads/filename.extension" */ $target_path = $target_path .time() .basename( $_FILES['uploadedfile']['name']); if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) { echo "The <a href=" . $target_path . ">file</a> has been uploaded! <br /> LINK: " . $target_path; $con = mysql_connect("localhost","theshitp_user","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("theshitp_posts", $con); $query = " INSERT INTO `theshitp_posts`.`test2` (`file`) VALUES ( '$target_path' );"; mysql_query($query); echo "<p style='color: grey;'><b>Thank you for your Comment!</b></p>"; mysql_close($con); } else{ echo "There was an error uploading the file, please try again!"; } } ?>And the file testpost.php contains
<? if( $_POST ) { $con = mysql_connect("localhost","theshitp_user","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("theshitp_posts", $con); $users_comment = $_POST['comment']; $users_comment = mysql_real_escape_string($users_comment); $query = " INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES (NULL, '$users_comment', CURRENT_TIMESTAMP() );"; mysql_query($query); echo "<p style='color: grey;'><b>Thank you for your Comment!</b></p>"; mysql_close($con); } ?>Can anyone see why file links are being entered into the database as they should, but comments are not? The id and timestamp fields are also being entered correctly into the database.
最满意答案
查看testpost.php文件中的查询参数 - >
$query = " INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES (NULL, '$users_comment', CURRENT_TIMESTAMP() );";查询参数中的第一个分号是删除这个内部';' first $ query =“;”; < - 在查询中
第二个id = NULL < - 在主键的情况下是不允许的,它可以是空白的自动增量但不是NULL
所以新的查询
$query = " INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES ('', '$users_comment', CURRENT_TIMESTAMP() )";Look at your query parameter in testpost.php file-->
$query = " INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES (NULL, '$users_comment', CURRENT_TIMESTAMP() );";First thing semi-colon in the query parameter remove this inner ';' first $query=";"; <-- in the query and
Second id = NULL <-- which is not allowed in case of primary key, it could be blank for auto-increment but not NULL
so the new query
$query = " INSERT INTO `theshitp_posts`.`test2` (`id`, `comment`, `timestamp`) VALUES ('', '$users_comment', CURRENT_TIMESTAMP() )";更多推荐
发布评论