Step by step, we will teach you how to use PHP + MySql to build website No. 5 Image Upload and story deletion,

Step by step, we will teach you how to use PHP + MySql to build website No. 5 Image Upload and story deletion,

As mentioned in the previous article, the page after the form is submitted in story. php isStory_submit.phpLet's take a look at how story_submit.php has published the article.

As usual, first go to the Code:

<?php# add / modify story recordinclude_once('include_fns.php');$handle = db_connect();$headline = $_REQUEST['headline'];$page = $_REQUEST['page'];$time = time();if ((isset($_FILES['html']['name']) && (dirname($_FILES['html']['type']) == 'text') &&is_uploaded_file($_FILES['html']['tmp_name']) )) {// if user upload some files, then set the content of the files as the story_text$story_text = file_get_contents($_FILES['html']['tmp_name']);}else{$story_text = $_REQUEST['story_text'];}$story_text = addslashes($story_text);if (isset($_REQUEST['story']) && $_REQUEST['story']!='') {# it's an update$story = $_REQUEST['story'];$query = "update stories   set headline = '$headline',    story_text = '$story_text',    page = '$page',    modified = $time  where id = $story";}else{// it's a new story$query = "insert into stories  (headline,story_text,page,writer,created,modified)  values  ('$headline','$story_text','$page','".$_SESSION['auth_user']."',  $time,$time)";}$result = mysql_query($query);if (!$result) {# code...echo "There was a database error when executing <pre>$query</pre>";echo mysql_error();exit; }if ((isset($_FILES['picture']['name']) && is_uploaded_file($_FILES['picture']['tmp_name']))) {# there is uploaded pictureif (!isset($_REQUEST['story']) || $_REQUEST['story']=='') {$story = mysql_insert_id($handle);// mysql_insert_id  return the auto generated id used in the last query}$type = basename($_FILES['picture']['type']);switch ($type) {case 'jpeg':case 'pjpeg':case 'png':case 'jpg':$filename = "images/$story.jpg";move_uploaded_file($_FILES['picture']['tmp_name'], '../'.$filename);$query = "update stories   set picture = '$filename'  where id = $story";$result = mysql_query($query);break;default:echo 'Invalid picture format:'.$_FILES['picture']['type'];break;}}else{// there is no image file to upload or didn't get the file's infoecho 'Possible file upload attack:';echo "filename '".$_FILES['picture']['tmp_name']."'.";}header('Location: '.$_REQUEST['destination']);?>

We should first repeat the code from the whole process:

Row 7 and 8

Both variables are from the previous page.Story. phpParameters obtained in the submission form

9th rows

The time function returns the timestamp.

11-18 rows

This part of the code returns the content of the uploaded html file.

20th rows

Here we use a function in php to send text content to the database:AddslashesTo add a/symbol before a specific symbol.', '', Nul ,\,

For example:

Then I searched for this function and found another method.Mysql_escape_string,

22-39 rows

Determine whether to update or add a new story based on the input parameter. We have mentioned this before.

50-75 rows

Is the standard php File Upload step, you can try to remember

Note that the second row is the next field in the auto-increment sequence.

The last 82nd rows

As mentioned in the previous blog, two hidden parameters are submitted in form, one of which is destination, which is actually the writer. php page.

Okay. Basically, this page is not particularly difficult.

Let's look at the simplerDelete_story.php

PassCheck_permissionFunction to determine whether the current user has the modification permission. If yes, delete the current article.

Check_permission is in the user_auth_fns.php File

All right, we have completed the modification and creation of the Article. Next blog will introduce the three files related to publish.