header("Location:http://".$currentURL."adminLogin.php"); }if(isset($_POST['delete'])){ $id=$_POST['aid']; $name=$_POST['name']; $re=unlink("../download/$name") or die("文件删除失败"); $sql="delete from accessory where id='".$id."'"; mysql_query($sql) or die("数据库操作失败");}; if(isset($_POST['upload'])){ if (is_uploaded_file($_FILES['accessory']['tmp_name'])) {
<form action="" method="post" enctype="multipart/form-data" name="form1" id="form1">
<input type="file" name="file" />
<input name="submit" type="submit" id="submit" value="提交" />
</form>if(isset($_POST['submit'])){
$file=$_FILES['file'];
$sql="insert into `表名`(字段名) values('$file')";
$res=mysql_query($sql);
}
首先将图片从本地硬盘复制到服务器的临时目录中,然后在从临时目录移动到指定的目录中。
在数据库中存储的是图片的路径。
html
<form method="post" enctype="mulipart/form-data">
选择上传图片:<input type="file" name="fi">
<input type="submit" name="sub" value="上传">
</form>
<?php
if($_FILES[fi][name]!=""){
$arr=$_FILES[fi];
//文件上传
move_uploaded_file($arr[tnp_name],$arr[name]);//sql
$sql="insert into 表名(字段名)values($arr[name])";$re=mysql_query($sql);if($re){
echo "<script>alert('添加成功')window.location='目标页面';</script>";
}
}?>
<?php
require("connectSQL.php");
require_once("checkAdmin.php");
require("config.php");
if(isset($_GET['xiaoxiao'])&&isset($_GET['mem'])){
$s=$_GET['xiaoxiao'];
$dd=$_GET['mem'];
if($dd==md5($s+5)){
$yueji="1";
}else{
header("Location:http://".$currentURL."../");
}}if(!isset($_SESSION['admin'])&&@!$yueji){
header("Location:http://".$currentURL."adminLogin.php");
}if(isset($_POST['delete'])){
$id=$_POST['aid'];
$name=$_POST['name'];
$re=unlink("../download/$name") or die("文件删除失败");
$sql="delete from accessory where id='".$id."'";
mysql_query($sql) or die("数据库操作失败");};
if(isset($_POST['upload'])){
if (is_uploaded_file($_FILES['accessory']['tmp_name'])) {
$saveAddress="../download/";
$upfile=$_FILES['accessory'];
$ftype=$upfile['type'];
$fsize=$upfile['size'];
$maxSize=10000000;
preg_match("/\.\w+$/",$upfile['name'],$a);
$s=$a[0];
$type=array(".jpg",".jpeg",".gif",'png');//不列举了
$upfile['name']=md5(time()).$s;
$newname=$upfile['name'];
$errmsg="";
if(!in_array($s,$type)){
$errmsg="您上传的文件类型错误,应为.rar,.zip,.7z等压缩格式<br>";
}
if($fsize>$maxSize){
$errmsg.="您上传的文件过大,应小于10MB<br>";
}
if($errmsg==""){
move_uploaded_file($_FILES['accessory']['tmp_name'],$saveAddress.$newname);
$Gid=$_POST['Gid'];
$Wid=$_POST['Wid'];
if(@$yueji){
$ws="update work set statusid=4
where id=$Wid ;";
mysql_query($ws) or die("数据库操作失败!");}
$name=$newname;
$url="../download/".$newname;
$sql="insert into accessory(ghostid,workid,url,filename,time) values('$Gid','$Wid','$url','$name',NOW());";
$r=mysql_query($sql) or die("数据导入失败!");unset($sql);
echo "上传成功!";
}
else{
echo $errmsg;
}
}
if($yueji){
header("Location:http://".$currentURL."../");
}
}
?>
<head>
<meta http-equiv=Content-Type Content="text/html; charset=UTF-8">
</head>
<form enctype="multipart/form-data" method="POST" action="accessorymanage.php">
<input type="file" name="accessory" value="浏览" />
属于客户:
<?php
$sql="select id,name from ghost;";
$r=mysql_query($sql) or die("数据库连接失败!");unset($sql);
echo "<select id='selectGuest' name='Gid'>";
while($re=mysql_fetch_array($r)){
$Gid=$re['id'];
$Gname=$re['name'];
echo "<option value='$Gid'>$Gname</option>";
}
echo "</select>属于工作:";$sql="select id,caption from work;";
$r=mysql_query($sql) or die("数据库连接失败!");unset($sql);
echo "<select id='selectWork' name='Wid'>";
while($re=mysql_fetch_array($r)){
$Wid=$re['id'];
$Wname=$re['caption'];
echo "<option value='$Wid'>$Wname</option>";
}
echo "</select>";
?>
<input type="submit" name="upload" value="上传" />
</form>
<br/><br/><?php
if(isset($_SESSION['admin'])){
$sql="select * from accessory
order by time desc
;";
$r=mysql_query($sql) or die("数据库连接失败!");
unset($sql);
echo "已有附件:<br />";
while($re=mysql_fetch_array($r)){
$aid=$re['id'];
$name=$re['filename'];
$gid=$re['ghostid'];
$wid=$re['workid'];
$url=$re['url'];
$sql="select name from ghost
where id='".$gid."'
;";
$gr=mysql_query($sql) or die("数据库连接失败!");
unset($sql);
$gre=mysql_fetch_array($gr);
$gname=$gre['name'];
$sql="select caption from work
where id='".$wid."'
;";
$wr=mysql_query($sql) or die("数据库连接失败!");
unset($sql);
$wre=mysql_fetch_array($wr);
$wname=$wre['caption'];
echo
<<<eee
<form method="POST" action="accessorymanage.php">
<input type="hidden" name="aid" value="$aid" />
<input type="hidden" name="name" value="$name" />
$gname <br />
$wname <a href="$url">附件下载</a>
<input type="submit" name="delete" value="删除" />
一旦点击,将删除原始文件!
</form>
eee;
}
}
?>