1 回答
TA贡献1830条经验 获得超9个赞
我更改了两个插入,添加 select for catch last insert id 卡然后我上传图像并插入 DB
<?php
session_start();
header('Content-type: text/html; charset=utf-8');
require_once "db_connect.php";
// Prepare an insert statement
$sql = "INSERT INTO cards (name, phone, phone2, email, zipcode, address, company, job, description, userid) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($conn, $sql);
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ssssissssi", $name, $phone, $phone2, $email, $zipcode, $address, $company, $job, $description, $userid);
if (mysqli_stmt_execute($stmt)) {
if (isset($_POST['name'])) {
$name = $_POST['name'];
}
if (isset($_POST['phone'])) {
$phone = $_POST['phone'];
}
if (isset($_POST['phone2'])) {
$phone2 = $_POST['phone2'];
}
if (isset($_POST['email'])) {
$email = $_POST['email'];
}
if (isset($_POST['zipcode'])) {
$zipcode = $_POST['zipcode'];
}
if (isset($_POST['address'])) {
$address = $_POST['address'];
}
if (isset($_POST['company'])) {
$company = $_POST['company'];
}
if (isset($_POST['job'])) {
$job = $_POST['job'];
}
if (isset($_POST['description'])) {
$description = $_POST['description'];
}
if (isset($_SESSION['id'])) {
$userid = $_SESSION['id'];
}
if (isset($_POST['upload'])) {
$name = $_FILES['file']['name'];
$target_dir = "upload/";
$target_file = $target_dir . basename($_FILES["file"]["name"]);
// Select file type
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
// Valid file extensions
$extensions_arr = array("jpg", "jpeg", "png", "gif");
// Check extension
if (in_array($imageFileType, $extensions_arr)) {
// Convert to base64
$image_base64 = base64_encode(file_get_contents($_FILES['file']['tmp_name']));
$image = 'data:image/'.$imageFileType.';base64,'.$image_base64;
$selectid = $conn->prepare("SELECT id FROM cards DESC limit 1");
$selectid->execute();
$resultid = $selectid->get_result();
$res = $resultid->fetch_array();
$cardid = $res['id'];
// Insert record
$imagequery = $conn->prepare("INSERT INTO cardimages(cardid, name, image) VALUES (?,?,?)");
$imagequery->bind_param('iss', $cardid, $name, $image);
$imagequery->execute();
// Upload file
move_uploaded_file($_FILES['file']['tmp_name'], 'upload/'.$name);
}
}
header("Location: addbusiness.php?message=1");
} else {
echo "ERROR: Could not execute query: $sql. " . mysqli_error($conn);
}
// Close statement
mysqli_stmt_close($stmt);
// Close connection
mysqli_close($conn);
另一个变化是所有查询都准备好了。记住总是这样做。参考
- 1 回答
- 0 关注
- 95 浏览
添加回答
举报