尝试创建个人资料图像系统
我正在尝试在我的页面上创建个人资料图片上传系统,但我遇到了一个挑战,图片回显四次,默认图片在页面上显示四次,当我上传图片时,它也会这样做。我需要有关如何解决此问题的帮助,我只需要在页面上显示一张图像。
<?php
require("./includes/databaseHandler.php");
$id = $usersData['id'];
$sql = "SELECT * FROM users";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result) > 0 ){
while(mysqli_fetch_assoc($result)){
$sqlImg = "SELECT * FROM profileimg WHERE userid = '$id'";
$resultImg = mysqli_query($con, $sqlImg);
while($rowImg = mysqli_fetch_assoc($resultImg)){
echo "<div class='user-container'>";
if($rowImg['status'] == 0){
echo "<img src = 'uploads/profile".$id.".jpg' >";
}else{
echo "<img src = 'uploads/profiledefault.jpg'>";
}
echo "</div>";
}
}
}
?>
HUWWW1回答
-
一只名叫tom的猫
您没有将第一个查询的结果提取到可用变量中,因此您没有$id第一个查询返回的每个用户的集合注意:您的脚本对SQL 注入攻击是开放的。即使您正在逃避输入,它也不安全! 您应该考虑在或API 中使用准备好的参数化语句,而不是连接值MYSQLI_PDO因此,我还在回答中使用了准备好的参数化语句。<?phprequire("./includes/databaseHandler.php");// I assume this was a fudge to get it working//$id = $usersData['id'];$sql = "SELECT * FROM users";$result = mysqli_query($con, $sql);if(mysqli_num_rows($result) > 0 ){ // prepare query here ONCE and use it may times with amended parameters $sqlImg = "SELECT * FROM profileimg WHERE userid = ?"; $stmt = $con->prepare($sqlImg); while($user = $result->fetch_assoc()){ // ^^^^^ $stmt->bind_param('i', $user['id']); $stmt->execute(); $result = $stmt->get_result(); while($rowImg = $result->fetch_assoc()){ echo "<div class='user-container'>"; if($rowImg['status'] == 0){ echo "<img src = 'uploads/profile" .$user['id']. ".jpg' >"; }else{ echo "<img src = 'uploads/profiledefault.jpg'>"; } echo "</div>"; } }}?>
随时随地看视频慕课网APP
PHP