Search the Community

The first file adds images correctly but if you want to edit the product, this form ignores the new image. It's not sending it to the file even if there is no previous image, so it's not an overwrite issue (I have other files overwriting images in the same site). It shows the temp name of the image, echoes the success message & updates the db but simply will not move that image. <?php session_start(); include('functions.php'); if (verifySession(getSession(session_id())) != true) { // only returns true for role of Administrator header('Location: noaccess.php'); } dbConnect(); $success=""; $problem=""; $title=""; $author_name=""; $price=""; $pub_name=""; $description=""; $description_b=""; $fileField=""; $newname=""; $product_id=""; if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_POST['getListing'])) { $title= mysql_real_escape_string($_POST['title']); $sql=mysql_query("Select * FROM product WHERE title='$title' LIMIT 1"); while($row = mysql_fetch_array($sql)){ $product_id=$row["product_id"]; $title=$row["title"]; $author_name=$row["author_name"]; $price=$row["price"]; $pub_name=$row["pub_name"]; $description=$row["description"]; $description_b=$row["description_b"]; } } if (isset($_POST['title']) && ($_POST['author_name']) && ($_POST['price']) &&($_POST['pub_name']) && ($_POST['description'])&& ($_POST['description_b'])){ { if (isset($_POST['submit']) && (!$problem)) { $product_id= mysql_real_escape_string($_POST['product_id']); $title= mysql_real_escape_string($_POST['title']); $author_name = mysql_real_escape_string($_POST['author_name']); $price= mysql_real_escape_string($_POST['price']); $pub_name= mysql_real_escape_string($_POST['pub_name']); $description= mysql_real_escape_string($_POST['description']); $description_b= mysql_real_escape_string($_POST['description_b']); $fileField=$_FILES['fileField']; //$fileField=(isset($_FILES['fileField'])); mysql_query("UPDATE product SET title='$title', author_name='$author_name', price='$price',pub_name='$pub_name', description='$description',description_b='$description_b' WHERE product_id= '$product_id'") or die (mysql_error()); $success='Updated ' .$title. '.'; if ($_FILES[$fileField]['tmp_name'] != "") { //Place image in the folder $product_id=mysql_insert_id();//how it tags the image in addBook, makes no difference with or w/o it here $newname = 'product' . $product_id. '.jpg'; move_uploaded_file($_FILES[$fileField]['tmp_name'], "product_images/$newname"); } } } } } //} ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Edit a Listing</title> <link rel="stylesheet" type="text/css" href=".././project.css"> <link rel="icon" type="image/png" href="https://<snip>/iShop/project_images/icon.png" > <script type="text/javascript"> <!-- function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } //--> </script> </head> <body onload="MM_preloadImages('../project_images/inventory_down.png')"> <?php include('header.php');?> <?php include('.././footer.php');?> <div id="pageContent"> <p align = "center"><a href="index.php"><img src="../project_images/admin.png" width="609" height="71" alt="Admin Panel" /></a></p> <br /> <div id="addBook"> <form action="<?php htmlentities($_SERVER['PHP_SELF']) ?>" enctype="multipart/form-data" name="editBook" class="addBook_bg" method="post"> <a href="seeBooks.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Inventory','','../project_images/inventory_down.png',1)"><img src="../project_images/inventory.png" alt="Inventory" name="Inventory" width="336" height="86" border="0" id="Inventory" /></a> <h2> Edit a Listing</h2><br/><br/> <?php //echo $book; ?> <table width="90%" border="0" cellspacing="0" cellpadding="6"> <tr> <td width="20%" align="right">Title</td> <td width="80%"> <input name="title" type="text" id="title" size="30" maxlength="100" class="form_input" value="<?php echo $title; ?>" /><input type="submit" name="getListing" id="getListing" value="Get Listing" /><br/><?php if(isset($_POST['submit'])) { $title=preg_replace('#[^a-z0-9?!-: (),]#i','',$_POST['title']); if($title =="" ){ echo '<span class="warning"></span>Please enter a title.</span>'; $problem = TRUE;}} ?> </td> </tr> <tr> <td align="right">Author</td> <td> <input name="author_name" type="text" id="author_name" size="30" maxlength="80" class="form_input" value="<?php echo $author_name; ?>"/><?php if(isset($_POST['submit'])) { $author_name=preg_replace('#[^a-z ]#i','',$_POST['author_name']); if($author_name =="" ){ echo '<span class="warning"></span>Please enter the author.</span>'; $problem = TRUE;}} ?> </td> </tr> <tr> <td align="right">Price</td> <td><input type="text" name="price" id="price" size="30" maxlength="7" class="form_input" value="<?php echo $price; ?>" /><?php if(isset($_POST['submit'])) { $price=preg_replace('#[^0-9.]#i','',$_POST['price']); if($price =="" ){ echo '<span class="warning"></span>Please enter the price.</span>'; $problem = TRUE;}} ?> </td> </tr> <tr> <td align="right">Publisher</td> <td><input type="text" name="pub_name" id="pub_name" size="30" maxlength="80" class="form_input" value="<?php echo $pub_name; ?>" /><?php if(isset($_POST['submit'])) { $pub_name=preg_replace('#[^a-z0-9?!-: (),]#i','',$_POST['pub_name']); if($pub_name =="" ){ echo '<span class="warning"></span>Please enter the publisher.</span>'; $problem = TRUE;}} ?> </td> </tr> <tr> <td align="right">Description</td> <td> <textarea name="description" type="text" id="description" cols="40" rows="6" maxlength="250" class="text_box" /><?php echo $description; ?></textarea><br/><?php if(isset($_POST['submit'])) { $description=preg_replace('#[^a-z0-9?!-: (),]#i','',$_POST['description']); if($description =="" ){ echo '<span class="warning"></span>Please enter the description.</span>'; $problem = TRUE;}} ?> </td> </tr> <tr> <td align="right">Detail</td> <td> <textarea name="description_b" type="text" id="description_b" cols="40" rows="6" maxlength="250" class="text_box" /><?php echo $description_b; ?></textarea><br/><?php if(isset($_POST['submit'])) { $description_b=preg_replace('#[^a-z0-9?!-: (),]#i','',$_POST['description_b']); if($description_b =="" ){ echo '<span class="warning"></span>Please enter the detail.</span>'; $problem = TRUE;}} ?> </td> </tr> <tr> <td align="right">Picture</td> <td> <input type="file" name="fileField" id="fileField" /> </td> </tr> <tr> <td> </td> <td> <input name="product_id" type="hidden" value="<?php echo $product_id; ?>" /> <input type="submit" name="submit" id="submit" /> <input type="reset" onclick="location.reload('editBook.php');return false;"/> <?php echo $success ?> </td> </tr> </table> <br/><br/> </form> <br /><br /> </div> </div> </body> </html>