下面的代码打印当前用户的正确用户ID,但只将0或1存储到
中数据库。我不明白代码的问题。非常感谢您的帮助
<?php
$user_id=print_r($_SESSION["id"]);
if(isset($_POST['submit'])){
$host = "";
$db_name = "";
$username = "";
$password = "";
$link=mysqli_connect($host, $username, $password, $db_name);
//filename as image_path
$filename=$_FILES['file']['name'];
$filetmp=$_FILES['file']['tmp_name'];
$image_title=$_POST['text'];
$target="uploaded/".$filename;
$date_time = date('Y-m-d H:i:s');
$image_url="http://.....".$filename;
if($filename!=""){
$sql="INSERT INTO images (image_path,created,image_url,image_title,user_id) VALUES('$filename','$date_time','$image_url','$image_title','$user_id')";
mysqli_query($link,$sql);
if(move_uploaded_file($filetmp,$target)){
echo "Image uploaded Successfully";
}
else{
echo "Failed to upload !!";
}
}else{
echo "Please insert a valid image !!";
}
}
?>
答案 0 :(得分:0)
你在$ _SESSION [“id”]上使用print_r所以它期望$ _SESSION [“id”]是一个数组尝试使用:
$user_id = $_SESSION["id"];
或
echo $_SESSION["id"]
打印
答案 1 :(得分:0)
您正在尝试将会话ID的打印值分配给变量,但它实际上分配了打印函数的返回值。
你应该尝试遵循部分代码:
$user_id=$_SESSION["id"];
将带有id键值的SESSION数组存储到$user_id变量是有意义的。
答案 2 :(得分:0)
print_r($_SESSION["id"]);
$user_id=$_SESSION["id"];
if(isset($_POST['submit']))
{
$host = "";
$db_name = "";
$username = "";
$password = "";
$link=mysqli_connect($host, $username, $password, $db_name);
//filename as image_path
$filename=$_FILES['file']['name'];
$filetmp=$_FILES['file']['tmp_name'];
$image_title=$_POST['text'];
$target="uploaded/".$filename;
$date_time = date('Y-m-d H:i:s');
$image_url="htt..".$filename;
if($filename!=""){
$sql="INSERT INTO images (image_path,created,image_url,image_title,user_id) VALUES ('$filename','$date_time','$image_url','$image_title','$user_id')";
mysqli_query($link,$sql);
if(move_uploaded_file($filetmp,$target)){
echo "Image uploaded Successfully";
}
else
{
echo "Failed to upload !!";
}
}
else{
echo "Please insert a valid image !!";
}
}
?>
</body>
</html>
答案 3 :(得分:0)
您没有检索用户ID,而是检索print_r()返回的成功值,当插入数据库时,该值将转换为0(false)或1(true)。
您希望直接从$_SESSION['id']分配值,并且为了安全起见,请确保它是一个整数。
在查询中使用它们之前,还需要转义$filename和$image_title,否则会产生SQL注入漏洞。
最后一件事 - 虽然不是你当前问题的一部分 - 是你应该在成功上传后才创建数据库条目。
$user_id = (int)$_SESSION['id'];
if (isset($_POST['submit']))
{
$host = '';
$db_name = '';
$username = '';
$password = '';
$link = mysqli_connect($host, $username, $password, $db_name);
$filename = $_FILES['file']['name'];
$filetmp = $_FILES['file']['tmp_name'];
$image_title = $_POST['text'];
$target = 'uploaded/' . $filename;
$date_time = date('Y-m-d H:i:s');
$image_url = 'http://...' . $filename;
if ($filename != "")
{
if (move_uploaded_file($filetmp, $target))
{
$filename = mysqli_real_escape_string($link, $filename);
$image_title = mysqli_real_escape_string($link, $image_title);
$sql = "INSERT INTO images (image_path,created,image_url,image_title,user_id) VALUES ('$filename','$date_time','$image_url','$image_title',$user_id)";
mysqli_query($link, $sql);
echo 'Image uploaded successfully';
}
else
{
echo 'Failed to upload!';
}
}
else
{
echo 'Please insert a valid image!';
}
}