Hi, i have been trying to solve the problem of uploading, the code i have works in one page, but not in the other, and i have no idea why. The only notable difference is that one is an update form, and the other is a record insertion form. I am trying to upload the filename in the database, so that i can use it along with path, to diplay the image. But at the moment it doesnt upload, while my other page does. any help would be great.
p.s. i am working with the university macromedia mx software, therefore i wont be able to upgrade or apply any add ons....
code:
<?php require_once('Connections/mysql.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}
if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO artistmembers (email, membernameid, membername, memberpicture, membertext, memberposition) VALUES (%s, %s, %s, %s, %s, %s)",
GetSQLValueString($HTTP_POST_VARS['email'], "text"),
GetSQLValueString($HTTP_POST_VARS['membernameid'], "int"),
GetSQLValueString($HTTP_POST_VARS['membername'], "text"),
GetSQLValueString($_FILES['memberpicture']['name'], "text"),
GetSQLValueString($HTTP_POST_VARS['membertext'], "text"),
GetSQLValueString($HTTP_POST_VARS['memberposition'], "text"));
mysql_select_db($database_mysql, $mysql);
$Result1 = mysql_query($insertSQL, $mysql) or die(mysql_error());
}
mysql_select_db($database_mysql, $mysql);
$query_loadmember = "SELECT * FROM artistmembers";
$loadmember = mysql_query($query_loadmember, $mysql) or die(mysql_error());
$row_loadmember = mysql_fetch_assoc($loadmember);
$totalRows_loadmember = mysql_num_rows($loadmember);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<!-- DW6 -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<!-- TemplateBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- TemplateEndEditable --><link rel="stylesheet" href="3col_leftNav.css" type="text/css">
<style type="text/css">
<!--
.style1 {color: #FFFFFF}
.style8 {font-size: 10px}
.style9 {font-size: 12px}
-->
</style>
<!-- TemplateParam name="Headline1" type="boolean" value="true" -->
<!-- TemplateBeginEditable name="head" --><!-- TemplateEndEditable -->
</head>
<body>
<div id="masthead">
<h1 id="siteName">Soundstage</h1>
<div id="globalNav">
<a href="register.html">register</a> | <a href="login.html">login</a> | <a href="logout.html">logout</a> | <a href="#">basket</a> |
<a href="#">checkout</a> |
</div>
<h2 class="style1" id="pageName">reviews...</h2>
<div id="breadCrumb">
<a href="#">breadcrumb</a> / <a href="#">breadcrumb</a> / <a href="#">breadcrumb</a> /
</div>
</div>
<div id="navBar">
<div id="search">
<form action="#">
<label>search</label>
<input name="searchFor" type="text" size="10">
<input name="goButton" type="submit" value="go">
</form>
</div>
<div id="sectionLinks">
<h3>Section Links</h3>
<ul>
<li><a href="index.html">Home</a></li>
<li><a href="artists.html">Artists</a></li>
<li><a href="genre.html">Genre</a></li>
<li><a href="city.html">City</a></li>
<li><a href="reviews.html">Reviews</a></li>
<li><a href="#">Section Link</a></li>
</ul>
</div>
<div class="relatedLinks">
<h3>Related Link Category</h3>
<ul>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
</ul>
</div>
<div class="relatedLinks">
<h3>Related Link Category</h3>
<ul>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
<li><a href="#">Related Link</a></li>
</ul>
</div>
</div>
<!--end navBar div -->
<div id="headlines">
<h3>Artist of the week:</h3>
<p>
</p>
<div id="advert">
<img src="" alt="" width="107" height="66"> Ad copy ad copy ad copy. Ad
copy ad copy.
</div>
</div>
<!--end headlines -->
<div id="content"> </div>
<!--end content -->
<table width="53%" height="34" border="0">
<tr>
<td><a href="bandsection1.php"></a>
<p align="center"><a href="bandsection1.php">back to edit band</a></p></td>
</tr>
</table>
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<table align="center">
<tr valign="baseline">
<td nowrap align="right">Membername:</td>
<td><input type="text" name="membername" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Memberpicture:</td>
<td><input type="file" name="memberpicture" value="uploadfile" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right" valign="top">Membertext:</td>
<td> <textarea name="membertext" cols="50" rows="5"></textarea> </td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Memberposition:</td>
<td><input type="text" name="memberposition" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right"> </td>
<td><input name="submit" type="submit" value="Insert Record"></td>
</tr>
</table>
<input type="hidden" name="email" value="">
<input type="hidden" name="membernameid" value="">
<input type="hidden" name="MM_insert" value="form1">
</form>
<p> </p>
<div align="left">
<p> </p>
</div>
<div id="siteInfo">
<img src="" width="44" height="22"> <a href="#">About Us</a> | <a href="#">Site
Map</a> | <a href="#">Privacy Policy</a> | <a href="#">Contact Us</a> | ©2003
Company Name
</div>
<br>
<p> </p>
</body>
</html>
<?
echo $HTTP_POST_VARS['memberpicture'];
$uploaddir = '//ftpserver/www/bla/bla/bla/bla/';
$uploadfile = $uploaddir . basename($_FILES['memberpicture']['name']);
echo $uploadfile;
echo '<pre>';
if (move_uploaded_file($_FILES['memberpicture']['tmp_name'], $uploadfile)) {
echo "Your a mastermind.....\n";
}
else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
?>
<?php
mysql_free_result($loadmember);
?>