Home >Backend Development >PHP Tutorial >麻烦帮小弟解决一下这个问题

麻烦帮小弟解决一下这个问题

WBOY
WBOYOriginal
2016-06-23 14:08:391029browse

小弟刚学php不久,写了如下代码,各位大侠见笑了。
代码的大概功能是在当前页面修改页面上显示的图片和文字。文字信息和图片信息存储在mySQL相应的表格里。

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><?php 	require_once 'header.php'; 	require_once 'check.php';?><meta content="en-us" http-equiv="Content-Language" /><meta content="text/html; charset=utf-8" http-equiv="Content-Type" /><title>Item Detail</title><style type="text/css">.auto-style2 {	text-align: center;}.auto-style1 {	font-size: 36pt;	text-align: left;	font-family: Default;}.auto-style3 {	font-family: Broadway;}</style></head><body><?php	if(isset($_POST['submit_edit_item_id']))	{		$_SESSION['edit_item_id'] = $_POST['sub_edit_item_id'];	}		$item_id = $_SESSION['edit_item_id'];			$result = mysql_query("SELECT * FROM ITEM WHERE ITEM_ID = $item_id");		if($result)	{		$row = mysql_fetch_array($result);				$user_id = $_SESSION['id'];		$name = $row['NAME'];		$dsc = $row['DESCRIPTION'];		$auc = $row['RESERVE_PRICE'];		$bin = $row['BIN_PRICE'];		$btime = $row['BEGIN'];		$etime = $row['END'];		$status = $row['STATUS'];		$seller = $row['SELLER_ID'];		$winner = $row['WINNER_ID'];		$curr_bid = $row['CURR_BID'];		$num_bid = $row['NUM_BID'];		$img_id = $row['IMG_ID'];				echo "item_id is $item_id";		echo "img_id is $img_id";	}		$result = mysql_query("SELECT USER_NAME FROM USER WHERE USER_ID = $seller");	if($result)	{		$row = mysql_fetch_array($result);		$seller_name = $row['USER_NAME'];	}?>		<table align="center" style="width: 100%">			<tr>				<td>				<div class="auto-style2">					<table align="center" style="width: 100%">						<tr>							<td class="auto-style1">Edit item:</td>							<td>							<a href="http://acadweb1.salisbury.edu/~rwan/home.php">							<img     style="max-width:90%" src="logo.jpg" style="float: right"  style="max-width:90%" / alt="麻烦帮小弟解决一下这个问题" ></a></td>						</tr>					</table>				</div>				<hr />				<table style="width: 100%">					<tr>						<td rowspan="2">						<?php						display_image($img_id, 500, 400);						?>												<form action="edit_item.php" method="post" enctype="multipart/form-data">						<table><tr><td><input type="file" name="image" /></td></tr>						<tr><td><input name="sub_change_pic" type="submit" value="Change picture">						<input name="sub_del_pic" type="submit" value="Delete picture"></td></tr>						</table></form>												<?php						if(isset($_POST['sub_change_pic']))						{							if(isset($_FILES['image']))							{								$file = $_FILES['image']['tmp_name'];								if(!empty($file))								{									$image = addslashes(file_get_contents($file));									$image_name = addslashes($_FILES['image']['name']);									$image_size = getimagesize($file);																									if($image_size == false)									{										print'<p class = "error">The file is not an image.</p>';									}																	else									{										mysql_query("LOCK TABLES IMAGES WRITE");										mysql_query("LOCK TABLES ITEM WRITE");										if($img_id == 1)										{																						mysql_query("INSERT INTO IMAGES (IMG_NAME, IMG) VALUES ('$image_name', '$image')");																																											$pic_id = mysql_insert_id();																						mysql_query("UPDATE ITEM SET IMG_ID = $pic_id WHERE ITEM_ID = $item_id");										}										else										{											mysql_query("UPDATE IMAGES SET IMG_NAME = '$image_name', IMG = '$image' 													WHERE IMG_ID = $img_id");										}										mysql_query("UNLOCK TABLES");										header("location: " . $_SERVER['REQUEST_URI']);										}								}							}						}												if(isset($_POST['sub_del_pic']))						{							mysql_query("LOCK TABLES ITEM WRITE");							mysql_query("UPDATE ITEM SET IMG_ID = 1	WHERE ITEM_ID = $item_id");							if($img_id != 1)							{																mysql_query("LOCK TABLES IMAGES WRITE");								mysql_query("DELETE FROM IMAGES WHERE IMG_ID = $img_id");							}							mysql_query("UNLOCK TABLES");							header("location: " . $_SERVER['REQUEST_URI']);														}						?>											</td>						<td><form action="edit_item.php" method="post">						<textarea cols="50" name="title" rows="4"><?php print $name; ?></textarea><br>						<input name="change_item_title" type="submit" value="Change item title" /></form></td>											</tr>										<tr>						<td><hr />										<?php						if(isset($_POST['change_item_title']))					{						$name = $_POST['title'];						mysql_query("LOCK TABLES ITEM WRITE");						mysql_query("UPDATE ITEM SET NAME = '$name' WHERE ITEM_ID = $item_id");						mysql_query("UNLOCK TABLES");						header("location: " . $_SERVER['REQUEST_URI']);						}																if($status == "SOLD")					{						$result = mysql_query("SELECT * FROM ITEM_SOLD WHERE ITEM_ID = $item_id");						$row = mysql_fetch_array($result);						$buyer = $row['BUYER_ID'];												if($_SESSION['id'] == $buyer)						{							print'<p class = "error">Congratulations! The item is yours.</p>';						}						else						{							print'<p class = "error">Sorry, the item has been sold!</p>';						}					}					else if($status == "NA")					{						print'<p class = "error">Item is not available yet!</p>';					}					else if($status == "EXPIRE")					{						print'<p class = "error">Item is expired.</p>';					}					else					{											date_default_timezone_set('America/New_York');						$curr_date = date("Y-m-d");						$curr_time = date("H:i");						$curr_datetime = "$curr_date $curr_time:00";						print"<p><strong>Current datetime: $curr_datetime</strong></p>";												$result = mysql_query("SELECT * FROM ITEM WHERE ITEM_ID = $item_id");												if($result)						{							$row = mysql_fetch_array($result);							$btime = strtotime($row['BEGIN']);							$etime = strtotime($row['END']);														$date = date("Y-m-d", $etime);							$time = date("H:i", $etime);						}						print'<table><tr><td><form action="edit_item.php" method="post">						  Change End time:</td></tr><tr><td><input type="date" name="end_date" value='.$date.'>						  <input type="time" name="end_time" value='.$time.'></td>						  <td><input type="submit" name= "go" value="Set Time">						</form></td></tr></table>';						if($_POST['go'] == "Set Time")						{									$end_date = $_POST['end_date'];							$end_time = $_POST['end_time'];							$end_time = $end_time.':00';							$end_datetime = strtotime("$end_date $end_time");														$now = strtotime($default_datetime);														$problem = false;																					if ($end_datetime <= $now)							{								print'You cannot set End time earlier than current time!';								$problem = true;							}									if(!$problem)							{											mysql_query("LOCK TABLES ITEM WRITE");									mysql_query("UPDATE ITEM SET END = '$end_date $end_time' WHERE ITEM_ID = $item_id");									mysql_query("UNLOCK TABLES");																		header("location: " . $_SERVER['REQUEST_URI']);																}													}						refresh();					}										?>										<hr /><br />															<table><tr><td>Buy it Now Price:</td></tr>						<tr><td><form action ="edit_item.php" method="post">						<input name="price" type="text" value="<?php print $bin; ?>" ></td></tr>						<tr><td><input name="sub_change_price" type="submit" value="Change price" /></form></td></tr></table>												<?php						if(isset($_POST['sub_change_price']))						{							$price = $_POST['price'];							mysql_query("LOCK TABLES ITEM WRITE");							mysql_query("UPDATE ITEM SET BIN_PRICE = $price WHERE ITEM_ID = $item_id");							mysql_query("UNLOCK TABLES");							header("location: " . $_SERVER['REQUEST_URI']);							}					?>											</td>						</tr>						<tr>							<td class="auto-style3" colspan="2">							<form action ="edit_item.php" method="post">							<textarea cols="80" name="description" rows="10"><?php print $dsc; ?></textarea><br>							<input name="change_dsc" type="submit" value="Change item description" /></form></td>						</tr>											<?php					if(isset($_POST['change_dsc']))					{						$dsc = $_POST['description'];						mysql_query("LOCK TABLES ITEM WRITE");						mysql_query("UPDATE ITEM SET DESCRIPTION = '$dsc' WHERE ITEM_ID = $item_id");						mysql_query("UNLOCK TABLES");						header("location: " . $_SERVER['REQUEST_URI']);						}					?>					</table>					</td>				</tr>			</table>			</body><?php require_once 'webmaster.php'; ?></html>

问题:第 120行的插入命令为什么不能执行?什么原因导致?怎么解决?


回复讨论(解决方案)

自己多echo输出下看看,查看mysql_query()的返回值是啥?

mysql_query("INSERT INTO IMAGES (IMG_NAME, IMG) VALUES ('$image_name', '$image')");

$image = addslashes(file_get_contents($file));

$file 显然是二进制文件
那么仅仅 addslashes 对于 mysql 5 是不行的(mysql 4 可以)
因为大多不可打印的 ASCII 字符都会影响 mysql 的行为

如果一定要将图片数据存放于数据库中,那么要存放图片数据的 base64 编码

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn