将数据插入mysqli数据库答案

【问题标题】：inserting data into mysqli database将数据插入mysqli数据库
【发布时间】：2015-02-27 14:17:03
【问题描述】：

我有一段代码在另一个站点上运行良好，但是当我尝试在另一个站点上实现它时，它得到一个 php 500 内部错误。

代码连接到我的数据库，然后获取图像文件并调整图像大小。然后它应该将数据插入数据库。但是要么图像被上传到服务器，要么正在创建数据库行。

代码是：

    <?php
$con=mysqli_connect("localhost","user","pass","db");
// Check connection
if (mysqli_connect_errno()) {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

// defined the upload image directory and it must be read and writable 
// it is used for save the image 
define('UPLOAD_PATH', $_SERVER['DOCUMENT_ROOT'] . '/websites/img/');

// defined the image directory, and this used for display
define('DISPLAY_PATH', '/websites/img/');

//defined the image size
define('MAX_FILE_SIZE', 2000000);

// image extension 
$permitted = array('image/jpeg', 'image/jpg', 'image/png', 'image/gif');

   $fileName = $_FILES['userbanner']['name'];
   $tmpName = $_FILES['userbanner']['tmp_name'];
   $fileSize = $_FILES['userbanner']['size'];
   $fileType = $_FILES['userbanner']['type'];

// make a new image name
   // get the file extension 
   $ext = substr(strrchr($fileName, "."), 1);
   // generate the random file name
   $randName = md5(rand() * time());

   // image name with extension
   $myfile = $randName . '.' . $ext;
   // save image path
   $path = UPLOAD_PATH . $myfile;

   if (in_array($fileType, $permitted) && $fileSize > 0
           && $fileSize <= MAX_FILE_SIZE) {

      $result = move_uploaded_file($tmpName, $path);

      if ($result) {
        $imageurl = "" . DISPLAY_PATH . $myfile . "";
      }
      else {
          $imageurl = "/src/img/space.gif";
      }
   }

//store image to the upload directory

      include("../smart_resize_image.function.php");

       //indicate which file to resize (can be any type jpg/png/gif/etc...)
      $file = "" . DISPLAY_PATH . $myfile . "";

      //indicate the path and name for the new resized file
      $resizedFile = "" . DISPLAY_PATH . $myfile . "";

      //call the function (when passing path to pic)
      smart_resize_image($file , null, 250 , 250 , false , $resizedFile , false , false ,100 );
      //call the function (when passing pic as string)
      smart_resize_image(null , file_get_contents($file), 250 , 250 , false , $resizedFile , false , false ,100 );

      //done!

      include('session.php');

      $userid = $login_id;
      $url = $_POST['linkurl'];
      $image = $imageurl;
      $userviews = $login_views;

$sql="INSERT INTO websites (userid, url, image, userviews)
VALUES ('". $userid ."', '". $url ."', '". $image ."', '". $userviews ."')";

    if (!mysqli_query($con,$sql)) {
      die('Error: ' . mysqli_error($con));
    }

    mysqli_close($con);

    header( 'Location: /dashboard/#start' );
}
else 
{
    header( 'Location: /dashboard/#start?error=1' );
}

?>

【问题讨论】：

您能确认从其他站点连接到数据库吗？
是的。我正在使用来自跨平台成功使用的外部文件的连接。
你的缩进很清楚你有一个解析错误。在开发过程中检查错误日志和/或启用错误显示。
500 错误意味着服务器端代码中的某些东西（可能是 anything）失败了。检查服务器端日志中的 actual 错误。考虑到你有一个明显的 SQL 注入漏洞，不知道代码会在数据库上做什么。

标签： php mysql mysqli insert

【解决方案1】：

试试这个

     <?php
$con=mysqli_connect("localhost","user","pass","db");
// Check connection
if (mysqli_connect_errno()) {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

// defined the upload image directory and it must be read and writable 
// it is used for save the image 
define('UPLOAD_PATH', $_SERVER['DOCUMENT_ROOT'] . '/websites/img/');

// defined the image directory, and this used for display
define('DISPLAY_PATH', '/websites/img/');

//defined the image size
define('MAX_FILE_SIZE', 2000000);

// image extension 
$permitted = array('image/jpeg', 'image/jpg', 'image/png', 'image/gif');

   $fileName = $_FILES['userbanner']['name'];
   $tmpName = $_FILES['userbanner']['tmp_name'];
   $fileSize = $_FILES['userbanner']['size'];
   $fileType = $_FILES['userbanner']['type'];

// make a new image name
   // get the file extension 
   $ext = substr(strrchr($fileName, "."), 1);
   // generate the random file name
   $randName = md5(rand() * time());

   // image name with extension
   $myfile = $randName . '.' . $ext;
   // save image path
   $path = UPLOAD_PATH . $myfile;

   if (in_array($fileType, $permitted) && $fileSize > 0
           && $fileSize <= MAX_FILE_SIZE) {

      $result = move_uploaded_file($tmpName, $path);

      if ($result) {
        $imageurl = "" . DISPLAY_PATH . $myfile . "";
      }
      else {
          $imageurl = "/src/img/space.gif";
      }
   }

//store image to the upload directory

      include("../smart_resize_image.function.php");

       //indicate which file to resize (can be any type jpg/png/gif/etc...)
      $file = "" . DISPLAY_PATH . $myfile . "";

      //indicate the path and name for the new resized file
      $resizedFile = "" . DISPLAY_PATH . $myfile . "";

      //call the function (when passing path to pic)
      smart_resize_image($file , null, 250 , 250 , false , $resizedFile , false , false ,100 );
      //call the function (when passing pic as string)
      smart_resize_image(null , file_get_contents($file), 250 , 250 , false , $resizedFile , false , false ,100 );

      //done!

      include('session.php');

      $userid = $login_id;
      $url = $_POST['linkurl'];
      $image = $imageurl;
      $userviews = $login_views;

$sql="INSERT INTO websites (userid, url, image, userviews)
VALUES ('". $userid ."', '". $url ."', '". $image ."', '". $userviews ."')";

    if (!mysqli_query($con,$sql)) {
      die('Error: ' . mysqli_error($con));


    mysqli_close($con);

    header( 'Location: /dashboard/#start' );
}
else 
{
    header( 'Location: /dashboard/#start?error=1' );
}

?>

【讨论】：

【解决方案2】：

问题出在文件底部...

特别是本节

if (!mysqli_query($con, $sql)) {
die('Error: ' . mysqli_error($con));
}

mysqli_close($con);

header( 'Location: /dashboard/#start' );
}
else
{
header( 'Location: /dashboard/#start?error=1' );
}

由于流程被搞砸了，我实际上没有找到修复它的方法。实际上有2个错误。

1) 你有一个额外的大括号}

2) 你有一个没有链接到 if 的 else。

【讨论】：