Search the Community

Hi there guys, I've a little problem with inserting a file name into a database table. I can't see wich is the problem. The code is bellow and i think the problem is at INSERT INTO part. <?php $path = "./cv/"; $valid_formats = array("doc", "pdf"); if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST") { $name = $_FILES['photoimg']['name']; $size = $_FILES['photoimg']['size']; if(strlen($name)) { list($txt, $ext) = explode(".", $name); if(in_array($ext,$valid_formats)) { if($size<(20480*20480)) // Image size max 20 MB { $actual_image_name = time().$id.".".$ext; $tmp = $_FILES['photoimg']['tmp_name']; if(move_uploaded_file($tmp, $path.$actual_image_name)) { mysqli_query($mysqli,"INSERT INTO formular_client (client_cv = '$actual_image_name')"); } else echo "failed"; } else echo "Image file size max 20 MB"; } else echo "Invalid file format.."; } } ?> <input type="file" name="photoimg" id="photoimg" />

Can I get some help or a point in the right direction. I am trying to create a form that allows me to add, edit and delete records from a database. I can add, edit and delete if I dont include the image upload code. If I include the upload code I cant edit records without having to upload the the same image to make the record save to the database. So I can tell I have got the code processing in the wrong way, thing is I cant seem to see or grasp the flow of this, to make the corrections I need it work. Any help would be great! Here is the form add.php code <?php require_once ("dbconnection.php"); $id=""; $venue_name=""; $address=""; $city=""; $post_code=""; $country_code=""; $url=""; $email=""; $description=""; $img_url=""; $tags=""; if(isset($_GET['id'])){ $id = $_GET['id']; $sqlLoader="Select from venue where id=?"; $resLoader=$db->prepare($sqlLoader); $resLoader->execute(array($id)); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Add Venue Page</title> <link href='http://fonts.googleapis.com/css?family=Droid+Sans' rel='stylesheet' type='text/css'> <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css"> <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js"></script> </head> <body> <div class="container"> <?php $sqladd="Select * from venue where id=?"; $resadd=$db->prepare($sqladd); $resadd->execute(array($id)); while($rowadd = $resadd->fetch(PDO::FETCH_ASSOC)){ $v_id=$rowadd['id']; $venue_name=$rowadd['venue_name']; $address=$rowadd['address']; $city=$rowadd['city']; $post_code=$rowadd['post_code']; $country_code=$rowadd['country_code']; $url=$rowadd['url']; $email=$rowadd['email']; $description=$rowadd['description']; $img_url=$rowadd['img_url']; $tags=$rowadd['tags']; } ?> <h1 class="edit-venue-title">Add Venue:</h1> <form role="form" enctype="multipart/form-data" method="post" name="formVenue" action="save.php"> <input type="hidden" name="id" value="<?php echo $id; ?>"/> <div class="form-group"> <input class="form-control" type="hidden" name="id" value="<?php echo $id; ?>"/> <p><strong>ID:</strong> <?php echo $id; ?></p> <strong>Venue Name: *</strong> <input class="form-control" type="text" name="venue_name" value="<?php echo $venue_name; ?>"/><br/> <br/> <strong>Address: *</strong> <input class="form-control" type="text" name="address" value="<?php echo $address; ?>"/><br/> <br/> <strong>City: *</strong> <input class="form-control" type="text" name="city" value="<?php echo $city; ?>"/><br/> <br/> <strong>Post Code: *</strong> <input class="form-control" type="text" name="post_code" value="<?php echo $post_code; ?>"/><br/> <br/> <strong>Country Code: *</strong> <input class="form-control" type="text" name="country_code" value="<?php echo $country_code; ?>"/><br/> <br/> <strong>URL: *</strong> <input class="form-control" type="text" name="url" value="<?php echo $url; ?>"/><br/> <br/> <strong>Email: *</strong> <input class="form-control" type="email" name="email" value="<?php echo $email; ?>"/><br/> <br/> <strong>Description: *</strong> <textarea class="form-control" type="text" name="description" rows ="7" value=""><?php echo $description; ?></textarea><br/> <br/> <strong>Image Upload: *</strong> <input class="form-control" type="file" name="image" value="<?php echo $img_url; ?>"/> <small>File sizes 300kb's and below 500px height and width.<br/><strong>Image is required or data will not save.</strong></small> <br/><br/> <strong>Tags: *</strong> <input class="form-control" type="text" name="tags" value="<?php echo $tags; ?>"/><small>comma seperated vales only, e.g. soul,hip-hop,reggae</small><br/> <br/> <p>* Required</p> <br/> <input class="btn btn-primary" type="submit" name="submit" value="Save"> </div> </form> </div> </body> </html> Here is the save.php code <?php error_reporting(E_ALL); ini_set("display_errors", 1); include ("dbconnection.php"); $venue_name=$_POST['venue_name']; $address=$_POST['address']; $city=$_POST['city']; $post_code=$_POST['post_code']; $country_code=$_POST['country_code']; $url=$_POST['url']; $email=$_POST['email']; $description=$_POST['description']; $tags=$_POST['tags']; $id=$_POST['id']; if(is_uploaded_file($_FILES['image']['tmp_name'])){ $folder = "images/hs-venues/"; $file = basename( $_FILES['image']['name']); $full_path = $folder.$file; if(move_uploaded_file($_FILES['image']['tmp_name'], $full_path)) { //echo "succesful upload, we have an image!"; var_dump($_POST); if($id==null){ $sql="INSERT INTO venue(venue_name,address,city,post_code,country_code,url,email,description,img_url,tags)values(:venue_name,:address,:city,:post_code,:country_code,:url,:email,:description,:img_url,:tags)"; $qry=$db->prepare($sql); $qry->execute(array(':venue_name'=>$venue_name,':address'=>$address,':city'=>$city,':post_code'=>$post_code,':country_code'=>$country_code,':url'=>$url,':email'=>$email,':description'=>$description,':img_url'=>$full_path,':tags'=>$tags)); }else{ $sql="UPDATE venue SET venue_name=?, address=?, city=?, post_code=?, country_code=?, url=?, email=?, description=?, img_url=?, tags=? where id=?"; $qry=$db->prepare($sql); $qry->execute(array($venue_name, $address, $city, $post_code, $country_code, $url, $email, $description, $full_path, $tags, $id)); } if($success){ var_dump($_POST); echo "<script language='javascript' type='text/javascript'>alert('Successfully Saved!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('index.php','_self')</script>"; } else{ var_dump($_POST); echo "<script language='javascript' type='text/javascript'>alert('Successfully Saved!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('index.php','_self')</script>"; } } //if uploaded else{ var_dump($_POST); echo "<script language='javascript' type='text/javascript'>alert('Upload Recieved but Processed Failed!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('index.php','_self')</script>"; } } //move uploaded else{ var_dump($_POST); echo "<script language='javascript' type='text/javascript'>alert('Successfully Updated.')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('index.php','_self')</script>"; } ?> Thanks in advance!

I am trying out a new script for image upload and resize using ajax method. All the ones I've found so far process the php file through the form action="". Since I am inserting other data into the database and calling the other php code directly on the same page as a the html form, I would like to know if there is another way I can run that specific image upload php code through ajax. This is one the scripts I have looked at . http://www.sanwebe.com/2012/05/ajax-image-upload-and-resize-with-jquery-and-php This is what their html form looks like. <form action="processupload.php" method="post" enctype="multipart/form-data" id="MyUploadForm"> <input name="image_file" id="imageInput" type="file" /> <input type="submit" id="submit-btn" value="Upload" /> <img src="images/ajax-loader.gif" id="loading-img" style="display:none;" alt="Please Wait"/> </form> <div id="output"></div> I would like to process the "processupload.php" above through the ajax code below and leave the form action="" empty, as I am running other php code on the same page to insert other data as well. How would you do that? <script> $(document).ready(function() { var options = { target: '#output', // target element(s) to be updated with server response beforeSubmit: beforeSubmit, // pre-submit callback success: afterSuccess, // post-submit callback resetForm: true // reset the form after successful submit }; $('#MyUploadForm').submit(function() { $(this).ajaxSubmit(options); // always return false to prevent standard browser submit and page navigation return false; }); }); function afterSuccess() { $('#submit-btn').show(); //hide submit button $('#loading-img').hide(); //hide submit button } //function to check file size before uploading. function beforeSubmit(){ //check whether browser fully supports all File API if (window.File && window.FileReader && window.FileList && window.Blob) { if( !$('#imageInput').val()) //check empty input filed { $("#output").html("Are you kidding me?"); return false } var fsize = $('#imageInput')[0].files[0].size; //get file size var ftype = $('#imageInput')[0].files[0].type; // get file type //allow only valid image file types switch(ftype) { case 'image/png': case 'image/gif': case 'image/jpeg': case 'image/pjpeg': break; default: $("#output").html("<b>"+ftype+"</b> Unsupported file type!"); return false } //Allowed file size is less than 1 MB (1048576) if(fsize>1048576) { $("#output").html("<b>"+bytesToSize(fsize) +"</b> Too big Image file! <br />Please reduce the size of your photo using an image editor."); return false } $('#submit-btn').hide(); //hide submit button $('#loading-img').show(); //hide submit button $("#output").html(""); } else { //Output error to older browsers that do not support HTML5 File API $("#output").html("Please upgrade your browser, because your current browser lacks some new features we need!"); return false; } } //function to format bites bit.ly/19yoIPO function bytesToSize(bytes) { var sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB']; if (bytes == 0) return '0 Bytes'; var i = parseInt(Math.floor(Math.log(bytes) / Math.log(1024))); return Math.round(bytes / Math.pow(1024, i), 2) + ' ' + sizes[i]; } </script>

Hi: Am not sure if this is the best algorithm to go about saving a record and uploading (plus moving to another directory) files. I feel i need another algorithm? if (self::post()->isPost()) { #check if there is any file if($this->request->hasFiles() == true){ $uploads = $this->request->getUploadedFiles(); $isUploaded = false; #do a loop to handle each file individually foreach($uploads as $upload){ #define a "unique" name and a path to where our file must go $path = 'temp/'.md5(uniqid(rand(), true)).'-'.strtolower($upload->getname()); #move the file and simultaneously check if everything was ok if($upload->moveTo($path)) { #Build an array to be sent to the API for moving the uploaded file to front end directory $files=""; $files = array( 'name' => $upload->getName(), 'link' => $this->di['url']->get('temp/' . $upload->getName()), 'direction' => 'adverts' ); $saveResult = self::request()->request('move-advert/', array('file' => $files), 'POST'); if($saveResult->response == 'success') $isUploaded = true; else $isUploaded = false; } } #if any file couldn't be moved, then throw an message if($isUploaded) { $save_response = self::request()->request('advert/' . $id, self::editValues(self::post()->getPost()), 'POST'); if ($save_response->response == 'success') { $this->flashSession->success('Advert Updated'); return $this->response->redirect('adverts/list-adverts'); } else { $this->flashSession->notice('Could not update Advert'); } } else { $this->flashSession->notice('Some error ocurred. Please try again'); } }else { $this->flashSession->notice('You must Choose an advert image'); } } Any suggestions?

Hi guys, does anybody know of any good libraries to handle and validate file uploading including Zipped folders. Also I was needing some tips, so my website developers can come and upload zipped folders, files etc. but eventually would'nt this start taking up a lot of space especially the zipped folders?

Here is my code which i use to recieve uploaded files. $filepath = $_SERVER['DOCUMENT_ROOT'] . "file/"; $fileunzippath = $filepath."unzipped/"; $exclude_list = array(".", "..", "...", "index.php", ".php", ".htaccess"); if($_FILES["zip_file"]["name"]) { $filename = $_FILES["zip_file"]["name"]; $source = $_FILES["zip_file"]["tmp_name"]; $type = $_FILES["zip_file"]["type"]; $name = explode(".", $filename); $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed'); foreach($accepted_types as $mime_type) { if($mime_type == $type) { $okay = true; break; } } $continue = strtolower($name[1]) == 'zip' ? true : false; if(!$continue) { $message = "The file you are trying to upload is not a .zip file. Please try again."; } $string = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $filename); $clean_name = strtr($string, array('Š' => 'S','Ž' => 'Z','š' => 's','ž' => 'z','Ÿ' => 'Y','À' => 'A','Á' => 'A','Â' => 'A','Ã' => 'A','Ä' => 'A','Å' => 'A','Ç' => 'C','È' => 'E','É' => 'E','Ê' => 'E','Ë' => 'E','Ì' => 'I','Í' => 'I','Î' => 'I','Ï' => 'I','Ñ' => 'N','Ò' => 'O','Ó' => 'O','Ô' => 'O','Õ' => 'O','Ö' => 'O','Ø' => 'O','Ù' => 'U','Ú' => 'U','Û' => 'U','Ü' => 'U','Ý' => 'Y','à' => 'a','á' => 'a','â' => 'a','ã' => 'a','ä' => 'a','å' => 'a','ç' => 'c','è' => 'e','é' => 'e','ê' => 'e','ë' => 'e','ì' => 'i','í' => 'i','î' => 'i','ï' => 'i','ñ' => 'n','ò' => 'o','ó' => 'o','ô' => 'o','õ' => 'o','ö' => 'o','ø' => 'o','ù' => 'u','ú' => 'u','û' => 'u','ü' => 'u','ý' => 'y','ÿ' => 'y')); $clean_name = strtr($clean_name, array('Þ' => 'TH', 'þ' => 'th', 'Ð' => 'DH', 'ð' => 'dh', 'ß' => 'ss', 'Œ' => 'OE', 'œ' => 'oe', 'Æ' => 'AE', 'æ' => 'ae', 'µ' => 'u')); $clean_name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $clean_name); $target_path = $filepath.$clean_name; // change this to the correct site path if(move_uploaded_file($source, $target_path)) { echo "Source: ".$source."<br/>"; echo "Type: ".$type."<br/>"; echo "Filename: ".$filename."<br/>"; $zip = new ZipArchive(); $x = $zip->open($target_path); if ($x === true) { $zip->extractTo($fileunzippath.$clean_name); // change this to the correct site path $zip->close(); $exclude_list; $dir_path = $_SERVER['DOCUMENT_ROOT']; $dir_path .= "/file/unzipped/"; $directories = array_diff(scandir($fileunzippath.$clean_name), $exclude_list); foreach($directories as $entry) { if(is_dir($dir_path.$entry)) { if($entry != 'part0' || $entry !='part1') { rmdir($entry); } } } } $message = "Your .zip file was uploaded and unpacked."; } else { $message = "There was a problem with the upload. Please try again."; } } Specifically i want to highlight this part: $exclude_list; $dir_path = $_SERVER['DOCUMENT_ROOT']; $dir_path .= "/file/unzipped/"; $directories = array_diff(scandir($fileunzippath.$clean_name), $exclude_list); foreach($directories as $entry) { if(is_dir($dir_path.$entry)) { if($entry != 'part0' || $entry !='part1') { rmdir($entry); } } } When I upload a zip file containing 2 directories(one called 'part0', and one called 'bad'), they get unzipped correctly and it gives no errors, however the fake directories(not called part0 or part1) I put in there are still there. Any Help?

Hi guys and Gals, This has my head wrecked to be honest. I am trying to upload an image to a directory, which is working. However, I also want to put the file name into MySQL. This will work if the image upload script is removed. With the script enabled, the file uploads but I get "Undefined index: userPic" from the following line: $userPic = mysqli_real_escape_string($mysqli, $_POST['userPic']); Here is the complete code: if(isset($_POST['Submit'])){//if the submit button is clicked $company_name = mysqli_real_escape_string($mysqli, $_POST['company_name']); $company_abn = mysqli_real_escape_string($mysqli, $_POST['company_abn']); $company_email = mysqli_real_escape_string($mysqli, $_POST['company_email']); $address = mysqli_real_escape_string($mysqli, $_POST['address']); $company_phone = mysqli_real_escape_string($mysqli, $_POST['company_phone']); $company_slogan = mysqli_real_escape_string($mysqli, $_POST['company_slogan']); $userPic = mysqli_real_escape_string($mysqli, $_POST['userPic']); // Upload Image if (isset($_FILES["userPic"]["name"])) { $name = $_FILES["userPic"]["name"]; $tmp_name = $_FILES['userPic']['tmp_name']; $error = $_FILES['userPic']['error']; if (!empty($name)) { $location = 'uploads/'; if (move_uploaded_file($tmp_name, $location.$name)){ echo 'Uploaded'; } } else { echo 'please choose a file'; } } $sql="UPDATE company_settings SET company_name='$company_name', company_slogan='$company_slogan', company_abn='$company_abn', company_email='$company_email', address='$address', company_phone='$company_phone', userPic='$userPic'"; $mysqli->query($sql) or die("Cannot update");//update or error } Has anyone got any ideas where I am going wrong (besides not using PDO) and how I can solve it? Thanks in advance.

The image uploads fine but I get this weird gibberish code after I submit. It goes away after i refresh the page. JFIF>CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality C $.' ",#(7),01444'9=82<.342C 2!!22222222222222222222222222222222222222222222222222" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz?((((((((((((((((((((((((((((((((((((((((((((((((((((( Here's my code. if(isset($_POST['submit'])) { $errors = array(); $db->beginTransaction(); if(isset($_FILES['image'])) { if(!empty($_FILES['image']['name'])) { $name = $_FILES['image']['name']; $temp = $_FILES['image']['tmp_name']; $type = $_FILES['image']['type']; $size = $_FILES['image']['size']; $ext = pathinfo($name, PATHINFO_EXTENSION); $size2 = getimagesize($temp); $width = $size2[0]; $height = $size2[1]; $upload = md5( rand( 0, 1000 ) . rand( 0, 1000 ) . rand( 0, 1000 ) . rand( 0, 1000 )); // Restrictions for uploading $maxwidth = 1500; $maxheight = 1500; $allowed = array('image/jpeg', 'image/jpg', 'image/png', 'image/gif'); // Recognizing the extension switch($type){ // Image/Jpeg case 'image/jpeg': $ext= '.jpeg'; break; // Image/Jpg case 'image/jpg': $ext= '.jpg'; break; // Image/png case 'image/png': $ext= '.png'; break; // Image/gif case 'image/gif': $ext= '.gif'; break; } // check if extension is allowed. if(in_array($type, $allowed)) { // Checking if the resolution is FULLHD or under this resolution. if($width <= $maxwidth && $height <= $maxheight) { if ($size <= 5242880) { $admin_dir = "images/"; if(!is_dir($admin_dir)){ mkdir($admin_dir, 0775, true); } // upload variables $path = $admin_dir . $upload . $ext; // Resizing according to extension. switch ($type) { // Image/Jpeg case 'image/jpeg'; $img = $temp; $thumb = imagecreatetruecolor($width, $height); imagejpeg($thumb); imagecolortransparent($thumb, imagecolorallocatealpha($thumb, 0, 0, 0, 127)); imagealphablending($thumb, false); imagesavealpha($thumb, true); break; // Image/Jpg case 'image/jpg'; $img = $temp; $thumb = imagecreatetruecolor($width, $height); imagejpeg($thumb); imagecolortransparent($thumb, imagecolorallocatealpha($thumb, 0, 0, 0, 127)); imagealphablending($thumb, false); imagesavealpha($thumb, true); break; // Image/png case 'image/png'; $img = $temp; $thumb = imagecreatetruecolor($width, $height); imagepng($thumb); imagecolortransparent($thumb, imagecolorallocatealpha($thumb, 0, 0, 0, 127)); imagealphablending($thumb, false); imagesavealpha($thumb, true); break; // Image/gif case 'image/gif'; $img = $temp; $thumb = imagecreatetruecolor($width, $height); imagegif($thumb); imagecolortransparent($thumb, imagecolorallocatealpha($thumb, 0, 0, 0, 127)); imagealphablending($thumb, false); imagesavealpha($thumb, true); break; } $insert_date = date('Y-m-d H:i:s'); $insert = $db->prepare("INSERT INTO images(path, date_added) VALUES(:path, :date_added)"); $insert->bindParam(':path', $path); $insert->bindParam(':date_added', $insert_date); $result_insert = $insert->execute(); if($result_insert == false) { $errors[] = 'Profile photo could not be uploaded.'; } if(empty($errors)) { $db->commit(); move_uploaded_file($temp, $path); $success = 'Profile photo has been updated.'; } else { $db->rollBack(); } } else { $errors[] = 'The image size is bigger than 5mb.'; } } else { $errors[] = 'The image resolution exceeds the limit of 1500px by 1500px.'; } } else { $errors[] = 'You have uploaded a forbidden extension.'; } } else { $errors[] = 'An image is required.'; } } } ?> <form id="upload-form" action="" method="post" enctype="multipart/form-data"> <label>175px by 175px</label> <input type="file" name="image" /> <input type="submit" id="upload-submit" value="Upload Image" name="submit"> </form>

Hey guys! I'm trying to add an upload feature to my contact form. I had one before that simply added the image under the text in the email not as an actual attachment and it was pretty easy but I lost the code and can’t seem to find it again. But I seem to be having a problem finding a form that can help me add this. As of now the code in HTML has the upload but the PHP doesn’t at all. If anyone could help me add the rest of the PHP code I'd really appreciate it! HTML: <form name="htmlform" method="post" action="oc.php"><label for="fname"><p>Full Name:</p></label> <input type="text" name="fname" maxlength="50" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td valign="top"> <label for="phone"> <p>Phone Number: </p></label> <input type="text" name="phone" maxlength="50" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td valign="top"> <label for="email"> <p> Email Address: </p></label> <input type="text" name="email" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> </tr> <tr> <td> <h4>DELIVERY INFORMATION:</h4> <label for="address"> <p>Address: </p></label> <input type="text" name="address" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="city"> <p>City: </p></label> <input type="text" name="city" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="state"> <p>State: </p></label> <input type="text" name="state" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="zip"> <p>Zip Code: </p></label> <input type="text" name="zip" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <h4>INFORMATION:</h4> <label for="first"> <p>First Name: </p></label> <input type="text" name="first" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="last"> <p>Last Name: </p></label> <input type="text" name="last" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="rec"> <p>Recommendation ID Number: </p></label> <input type="text" name="rec" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="exp"> <p>Recommendation Experation Date: </p></label> <input type="text" name="exp" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="doc"> <p>Doctors Name: </p></label> <input type="text" name="doc" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="docphone"> <p>Doctors Phone Number: </p></label> <input type="text" name="docphone" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> <label for="ver"> <p>Verification Website: </p></label> <input type="text" name="ver" maxlength="80" size="60" style="color:#000;" required="required"> </td> </tr> <tr> <td> </td> </tr> <tr> <td valign="top"><label for="message"><p>How did you hear about us?</p></label><textarea name="message" id="message" style="background-color:#fff; color:#000;" cols="45"/></textarea></td> </tr> <tr> <td colspan="2" style="text-align:left"> <p> Upload Recommendation:</p> <input type="file" name="pic" id="pic"> <br /> <p> Upload California State ID:</p> <input type="file" name="id" id="id"> <br /> <br /> <input type="image" value="submit"img src="img/sub.png" onmouseover="this.src='img/sub1.png'" onmouseout="this.src='img/sub.png'" /> </form> PHP: <?php // first clean up the input values foreach($_POST as $key => $value) { if(ini_get('magic_quotes_gpc')) $_POST[$key] = stripslashes($_POST[$key]); $_POST[$key] = htmlspecialchars(strip_tags($_POST[$key])); } $ip=$_SERVER['REMOTE_ADDR']; $email_to = "info@example.com"; $email_subject = "Register"; $email_message .= "Full Name: ".$_POST["fname"]."\n"; $email_message .= "Phone Number: ".$_POST["phone"]."\n"; $email_message .= "Email Address: ".$_POST["email"]."\n"; $email_message .= "Address: ".$_POST["address"]."\n"; $email_message .= "City: ".$_POST["city"]."\n"; $email_message .= "State: ".$_POST["state"]."\n"; $email_message .= "Zip Code: ".$_POST["zip"]."\n"; $email_message .= "First Name: ".$_POST["first"]."\n"; $email_message .= "Last Name: ".$_POST["last"]."\n"; $email_message .= "Recommendation ID Number: ".$_POST["rec"]."\n"; $email_message .= "Recommendation Exp Date: ".$_POST["exp"]."\n"; $email_message .= "Doctors Name: ".$_POST["doc"]."\n"; $email_message .= "Doctors Phone Number: ".$_POST["docphone"]."\n"; $email_message .= "Verification Website: ".$_POST["ver"]."\n"; $email_message .= "Message: ".$_POST["message"]."\n"; $userEmail = filter_var( $_POST['email'],FILTER_VALIDATE_EMAIL ); if( ! $userEmail ){ exit; } //email headers $headers = 'From: '.$_POST["email"]."\r\n". 'Reply-To: '.$_POST["email"]."\r\n" . 'X-Mailer: PHP/' . phpversion(); echo (mail($email_to, $email_subject, $email_message, $headers) ? "<html><head><meta http-equiv='Refresh' content='0; url=http://www..com/thankyou.html'><body bgcolor='#fff'> ":"<html><body bgcolor='#fff'><center><font color='white'><h2>We're sorry, something went wrong.</h2></font><p><font color='white'>Please return to <a href='http://www..com'></a>.</font></p></center></body></html>"); $ip=$_SERVER['REMOTE_ADDR']; $email_to = $_POST["email"]; $email_subject = "420 In Action"; $email_message1 = "Welcome! Sincerely, "; //email headers $headers = 'From: '.$_POST["email"]."\r\n". 'Reply-To: '.$_POST["email"]."\r\n" . 'X-Mailer: PHP/' . phpversion(); echo (mail($email_to, $email_subject, $email_message1, $headers) ? "":""); exit(); // test input values for errors $errors = array(); if(strlen($fname) < 2) { if(!$fname) { $errors[] = "You must enter a name."; } else { $errors[] = "Name must be at least 2 characters."; } } if(!$email) { $errors[] = "You must enter an email."; } else if (!validEmail($email)) { $errors[] = "You must enter a valid email."; } if($errors) { // output errors to browser and die with a failure message $errortext = ""; foreach($errors as $error) { $errortext .= "<li>".$error."</li>"; } die("<span class='failure'>The following errors occured:<ul>". $errortext ."</ul></span>"); } // check to see if email is valid function validEmail($email) { $isValid = true; $atIndex = strrpos($email, "@"); if (is_bool($atIndex) && !$atIndex) { $isValid = false; } else { $domain = substr($email, $atIndex+1); $local = substr($email, 0, $atIndex); $localLen = strlen($local); $domainLen = strlen($domain); if ($localLen < 1 || $localLen > 64) { $isValid = false; } // local part length exceeded else if ($domainLen < 1 || $domainLen > 255) { $isValid = false; } // domain part length exceeded else if ($local[0] == '.' || $local[$localLen-1] == '.') { $isValid = false; } // local part starts or ends with '.' else if (preg_match('/\\.\\./', $local)) { $isValid = false; } // local part has two consecutive dots else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { $isValid = false; } // character not valid in domain part else if (preg_match('/\\.\\./', $domain)) { $isValid = false; } // domain part has two consecutive dots else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless local part is quoted if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local))) { $isValid = false; } } if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { $isValid = false; } // domain not found in DNS } return $isValid; } ?>

I am using this script for image uploads. https://www.w3schools.com/php/php_file_upload.asp I noticed that with some of the image uploads, I would get the error "Sorry, only JPG, JPEG, PNG & GIF files are allowed." The images i upload are one of the file types listed above. So I am wondering why i would get an error for some images but not others despite all them of being the same file types? Can you tell why judging from the script?

I'm not amazing with PhP, so excuse me if it looks terrible xD I've taken tutorials, edited them to fit my wanting and tried it out, it seems to deny anything other than an image type, but could it be abused? <div id="image-upload"> <h2>Upload your image</h2> <form action="upload.php" method="post" enctype="multipart/form-data"> Upload:<br><br> <input type="file" name="image"><br><br> Image Title:<br><br> <input type="text" name="image_title"><br><br> <input type="submit" name="submit" value="Upload"> </form> <?php include("upload_file.php"); function GetImageExtension($imagetype) { if(empty($imagetype)) return false; switch($imagetype) { case 'image/bmp': return '.bmp'; case 'image/jpeg': return '.jpg'; case 'image/png': return '.png'; default: return false; } } if ($_FILES['image']['error'] !== UPLOAD_ERR_OK) { die(); } $extension = getimagesize($_FILES['image']['tmp_name']); if ($extension === FALSE) { die("<br><font color='#8B0000'>Unable to determine image typeof uploaded file</font>"); } if (($extension[2] !== IMAGETYPE_GIF) && ($extension[2] !== IMAGETYPE_JPEG) && ($extension[2] !== IMAGETYPE_PNG)) { die("<br><font color='#8B0000'>Only images are allowed!</font>"); } if (!empty($_FILES["image"]["name"])) { $file_name=$_FILES["image"]["name"]; $temp_name=$_FILES["image"]["tmp_name"]; $imgtype=$_FILES["image"]["type"]; $ext= GetImageExtension($imgtype); $imagename=$_FILES["image"]["name"]; $target_path = "../../images/upload/".$imagename; $title = $_POST["image_title"]; if(move_uploaded_file($temp_name, $target_path)) { $query_upload="INSERT into `images_tbl` (`images_path`,`submission_date`,`image_title`) VALUES ('".$target_path."','".date("Y-m-d")."','".$title."')"; mysql_query($query_upload) or die("error in $query_upload == ----> ".mysql_error()); echo '<br>Image uploaded!'; }else{ echo '<br><font color="#8B0000">Only images are allowed!</font>'; } } ?>

Say I am uploading an image that gets resized. The resized image is a thumb. I have it's file path saved in the database and the image itself saved in a folder. Originally I was saving both to the database and folder. But now that I think about it, do I have to save the orginal image? Wouldn't I be saving up a lot of space if I only save the thumb image? What do you think?

I was wondering if there is a way to add an progress bar to this script that uploads files to a sql database <!DOCTYPE html> <head> <title>MySQL file upload</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> </head> <body> <form action="add_file.php" method="post" enctype="multipart/form-data"> <input type="file" name="uploaded_file"><br> <input type="submit" value="Upload file"> </form> <p> <a href="list_files.php">See all files</a> </p> <p> <a href="search.php">Search Database</a> </p> </body> </html> If so, how would i go about doing that?

The code works but it puts the files into /uploadir/. The users directories go by their email addresses ($email). Using the error reporting it tells me: ! ) Notice: Undefined variable: email in /var/www/html/Lab5/uploadfile.php on line 10 Call Stack # Time Memory Function Location 1 0.0010 129288 {main}( ) ../uploadfile.php:0 Any help is much appreciated!! <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors','1'); session_start(); if ($_COOKIE["auth"] == "1") { $file_dir = "/var/www/html/uploaddir/$email"; foreach($_FILES as $file_name => $file_array) { echo "path: ".$file_array["tmp_name"]."<br/>\n"; echo "name: ".$file_array["name"]."<br/>\n"; echo "type: ".$file_array["type"]."<br/>\n"; echo "size: ".$file_array["size"]."<br/>\n"; if (is_uploaded_file($file_array["tmp_name"])) { move_uploaded_file($file_array["tmp_name"], "$file_dir/".$file_array["name"]) or die ("Couldn't copy"); echo "File was moved!<br/>"; } } } else { //redirect back to login form if not authorized header("Location: userlogin.html"); exit; } ?>

I receive files/images and loop through an array as follows: $files=rearrfiles( $_FILES['image']); foreach($files as $key=>$item) { if(is_array($item) && !empty($item['name']) && !empty($item['tmp_name'])){ //$_POST['imageFile']=$item['name']; //echo $item['name']; if($error!=true && !uploadImageB(array('image'=>'image'), DB_EXTENTION."mod_projects_images", $naming, $search = $editId, $dir, 'photo')) { $error=true; $action='Edit'; $message.='<br>Images were unable to be uploaded.'; } } } The function uploadImageB() is as follows: function uploadImageB($info, $table, $naming, $search, $path, $add='uploaded', $maxw=1280, $maxh=1280, $dynamic=true, $id='Id', $thumbMaxWidth = 120) { global $connection; if(!$_POST){ global $HTTP_POST_VARS; @$_POST=$HTTP_POST_VARS;} if(!$_FILES){ global $HTTP_POST_FILES; @$_FILES=$HTTP_POST_FILES;} if(is_array($info) && !empty($info) && $table!='' && !empty($path)) { $error=false; $d=$naming; foreach($info as $key=>$val) { $names[$val]=$dynamic==true?$add.'_'.$result[$id].'_'.$d.'_.'.strtolower(mygetext($_FILES[$val]['name'])):$add.strtolower(mygetext($_FILES[$val]['name'])); if(is_array(@$_FILES[$val]) && !empty($_FILES[$val]['name']) && !empty($names[$val])) { if(!singMove($path, $names[$val], $_FILES[$val], array(), array('gif', 'jpeg', 'jpg', 'png', 'bmp', 'svg'))) { $error=true; break; } else{ $valid[$val]=$names[$val]; resizeImage($path.$names[$val], $maxw, $maxh); make_thumb($path.$names[$val],$names[$val], $path, $thumbMaxWidth); } } } if($error==true) return false; elseif(!empty($valid)) { $connection->info=$info; $connection->input=$valid; $connection->id=array('field'=>$id, 'val'=>addslashes($result[$id])); $connection->makenew($table); $connection->return_db($connection->query); } } return true; } I get the error: Images were unable to be uploaded. Any help?

Hello all, I dont know why I'm getting this error with calculating the duration for the video, everything works fine with uploading, file is going in my database and folder, the duration of my video is ok. ​http://prnt.sc/e59i4f here is my code: // video duration ob_start(); passthru("ffmpeg -i $tmp 2>&1"); $duration = ob_get_contents(); ob_end_clean(); $search='/Duration: (.*?)[.]/'; $duration=preg_match($search, $duration, $matches, PREG_OFFSET_CAPTURE); //error is on this line botom $duration = $matches[1][0]; ​//error is on this line botom list($hours, $mins, $secs) = split('[:]', $duration); //echo "Hours: ".$hours." Minutes: ".$mins." Seconds: ".$secs; $duration=$hours.':'.$mins.':'.$secs;

I've written a script to store images in my database. The images have a caption that is also uploaded and stored. This was fairly easy to get working. I have a jquery function setup to add a new file input and caption input every time I click a button. This also works. What is not working is my PHP is not uploading multiple files for some reason. Could someone tell me what I have done wrong? Thanks HTML: <form id="uploadMultiple" method="post" action="/scripts/php/imageUploadTest" enctype="multipart/form-data"> <table class="fileUploadTable" id="uploadArea" cellspacing="0"> <tr> <td> <label for="imageFile">Image:</label> <input type="file" name="imageFile" accept=".jpg,.jpeg,.png,.gif"> </td> <td> <label for="imageCaption">Image Caption:</label> <input type="text" name="imageCaption"> </td> <td width="150px"> </td> </tr> <tr id="uploadSubmission"> <td> <input type="submit" value="Upload More" id="uploadMore"> </td> <td> <input type="submit" value="Submit" name="addImage"> </td> <td width="150px"> </td> </tr> </table> </form> JQuery for adding new elements: $(function() { var scntDiv = $('#uploadArea'); var i = $('#p_scents tr td').size() + 1; $('#uploadMore').live('click', function() { $('<tr><td><label for="imageFile">Image:</label> <input type="file" name="imageFile" accept=".jpg,.jpeg,.png,.gif"></td><td><label for="imageCaption">Image Caption:</label> <input type="text" name="imageCaption"></td><td><a href="#" class="removeUpload" width="150px" style="text-align: center">Remove</a></td></tr>').insertBefore( $('#uploadSubmission') ); i++; return false; }); $('.removeUpload').live('click', function() { if( i > 1 ) { $(this).parents('tr').remove(); i--; } return false; }); }); And finally the PHP: require($_SERVER['DOCUMENT_ROOT'].'/settings/globalVariables.php'); require($_SERVER['DOCUMENT_ROOT'].'/settings/mysqli_connect.php'); $db_name = 'imageUploads'; $tbl_name = 'gallery'; if(!$conn) { die('Could not connect: ' . mysqli_error()); } mysqli_select_db($conn, "$db_name")or die("cannot select DB"); foreach($_FILES['imageFile'] as $file){ $caption = $_POST['imageCaption']; $uploadDir = 'http://www.example.com/images/'.'gallery/'; $fileName = $_FILES['imageFile']['name']; $filePath = $uploadDir . $fileName; if(move_uploaded_file($_FILES["imageFile"]["tmp_name"],$_SERVER['DOCUMENT_ROOT']."/images/gallery/".$_FILES["imageFile"]["name"])) { $query_image = "INSERT INTO $tbl_name(filename,path,caption) VALUES ('$fileName','$uploadDir','$caption')"; if(mysqli_query($conn, $query_image)) { echo "Stored in: " . "gallery/" . $_FILES["imageFile"]["name"]; } else { echo 'File name not stored in database'; } } } I was hoping I had it working properly for multiple images with my `foreach` loop but it only uploads one image even if I have 4 selected. EDIT: I've tried modifying my code to this and it's not working either but looking at tutorials this seems to be more on the right track than my previous code: r equire($_SERVER['DOCUMENT_ROOT'].'/settings/globalVariables.php'); require($_SERVER['DOCUMENT_ROOT'].'/settings/mysqli_connect.php'); $db_name = 'imageUploads'; $tbl_name = 'gallery'; if(!$conn) { die('Could not connect: ' . mysqli_error()); } mysqli_select_db($conn, "$db_name")or die("cannot select DB"); foreach($_FILES['imageFile'] as $key => $name){ $caption = $_POST['imageCaption']; $uploadDir = 'http://www.example.com/images/'.'gallery/'; $fileName = $key.$_FILES['imageFile']['name'][$key]; $file_size = $_FILES['files']['size'][$key]; $file_tmp = $_FILES['files']['tmp_name'][$key]; $file_type= $_FILES['files']['type'][$key]; $filePath = $uploadDir . $fileName; if(move_uploaded_file($file_tmp,$_SERVER['DOCUMENT_ROOT']."/images/gallery/".$fileName)) { $query_image = "INSERT INTO $tbl_name(filename,path,caption) VALUES ('$fileName','$uploadDir','$caption')"; if(mysqli_query($conn, $query_image)) { echo "Stored in: " . "gallery/" . $_FILES["imageFile"]["name"]; } else { echo 'File name not stored in database'; } } } I've also added `[]` in the names of the HTML input elements that needed them.

I am trying out a new script that lets me resize an image before uploading. It is based on this script. http://www.w3bees.com/2013/03/resize-image-while-upload-using-php.html Basically what happens is, it resizes and makes 3 thumbnails and puts them in their relative folder. That works. The part that's giving me the problem is when inserting it into the database. Error says the "image_path" cannot be null. Since it's creating an array of 3 different thumbnails, should I create 2 more fields in the database tabel to account for that? If so, how would I insert the 3 different thumbnail paths into the query? What would it look like? Below is my code. <?php $db_userid = intval($row['user_id']); $get_item_id = intval($row['item_id']); // settings $max_file_size = 5242880; // 5mb $valid_exts = array('jpeg', 'jpg', 'png', 'gif'); // thumbnail sizes $sizes = array(100 => 100, 150 => 150, 250 => 250); // dir paths $target_dir = 'images/'.$db_userid.'/items/'.$get_item_id.'/'; if ($_SERVER['REQUEST_METHOD'] == 'POST' AND isset($_FILES['image'])) { if(!empty($_FILES['image']['name'])) { if($_FILES['image']['size'] < $max_file_size ){ // get file extension $ext = strtolower(pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION)); if(in_array($ext, $valid_exts)) { function resize($width, $height){ global $db_userid; global $get_item_id; /* Get original image x y*/ list($w, $h) = getimagesize($_FILES['image']['tmp_name']); /* calculate new image size with ratio */ $ratio = max($width/$w, $height/$h); $h = ceil($height / $ratio); $x = ($w - $width / $ratio) / 2; $w = ceil($width / $ratio); /* new file name */ $path = 'images/'.$db_userid.'/items/'.$get_item_id.'/'.$width.'x'.$height.'_'.$_FILES['image']['name']; /* read binary data from image file */ $imgString = file_get_contents($_FILES['image']['tmp_name']); /* create image from string */ $image = imagecreatefromstring($imgString); $tmp = imagecreatetruecolor($width, $height); imagecopyresampled($tmp, $image, 0, 0, $x, 0, $width, $height, $w, $h); /* Save image */ switch ($_FILES['image']['type']) { case 'image/jpeg': imagejpeg($tmp, $path, 100); break; case 'image/png': imagepng($tmp, $path, 0); break; case 'image/gif': imagegif($tmp, $path); break; default: exit; break; } return $path; /* cleanup memory */ imagedestroy($image); imagedestroy($tmp); } /* resize image */ foreach($sizes as $w => $h) { if(!is_dir($target_dir)){ mkdir($target_dir, 0775, true); } $files[] = resize($w, $h); } $insert_image = $db->prepare("INSERT INTO images(user_id, item_id, image_path, date_added) VALUES(:user_id, :item_id, :image_path, :date_added)"); $insert_image->bindParam(':user_id', $db_userid); $insert_image->bindParam(':item_id', $get_item_id); $insert_image->bindParam(':image_path', $path); $insert_image->bindParam(':date_added', $item_date_added); if(!$insert_image->execute()) { $errors[] = 'There was a problem uploading the image!'; } else { if(empty($errors)) { $db->commit(); $success = 'Your item has been saved.'; } else { $db->rollBack(); } } } else { $errors[] = 'Unsupported file'; } } else{ $errors[] = 'Please upload image smaller than 5mb'; } } else { $errors[] = 'An image is required!'; } }

I am using this for multi image upload. https://github.com/CreativeDream/jquery.filer Since it doesn't show example of how to use it with a database, I am having a bit of an issue. The following is my code. Couple things. 1. It won't insert into database with the "tokens". If I remove the token code, then it'll work. The same token works in other forms that I use. 2. Yes It inserts into the database. The issue is that it inserts only 1 file at a time and not all the selected files. <?php require_once ($_SERVER['DOCUMENT_ROOT'] . '/home/templates/header.php'); if(isset($_POST['submit'])) { if($_POST['token'] === $_SESSION['token']) { if(isset($_FILES['files'])){ $date_added = date('Y-m-d H:i:s'); // Setting up folder for images $user_dir = $_SERVER['DOCUMENT_ROOT'] .'/home/members/images/'.$db_userid.'/records/'; if(!is_dir($user_dir)){ mkdir($_SERVER['DOCUMENT_ROOT'] .'/home/members/images/'.$db_userid.'/records/', 0775, true); } else { $uploader = new Uploader(); $data = $uploader->upload($_FILES['files'], array( 'limit' => 10, //Maximum Limit of files. {null, Number} 'maxSize' => 10, //Maximum Size of files {null, Number(in MB's)} 'extensions' => null, //Whitelist for file extension. {null, Array(ex: array('jpg', 'png'))} 'required' => false, //Minimum one file is required for upload {Boolean} 'uploadDir' => '../uploads/', //Upload directory {String} 'title' => array('auto', 10), //New file name {null, String, Array} *please read documentation in README.md 'removeFiles' => true, //Enable file exclusion {Boolean(extra for jQuery.filer), String($_POST field name containing json data with file names)} 'perms' => null, //Uploaded file permisions {null, Number} 'onCheck' => null, //A callback function name to be called by checking a file for errors (must return an array) | ($file) | Callback 'onError' => null, //A callback function name to be called if an error occured (must return an array) | ($errors, $file) | Callback 'onSuccess' => null, //A callback function name to be called if all files were successfully uploaded | ($files, $metas) | Callback 'onUpload' => null, //A callback function name to be called if all files were successfully uploaded (must return an array) | ($file) | Callback 'onComplete' => null, //A callback function name to be called when upload is complete | ($file) | Callback 'onRemove' => 'onFilesRemoveCallback' //A callback function name to be called by removing files (must return an array) | ($removed_files) | Callback )); if($data['isComplete']){ $files = $data['data']; print_r($files); } if($data['hasErrors']){ $errors = $data['errors']; print_r($errors); } function onFilesRemoveCallback($removed_files){ foreach($removed_files as $key=>$value){ $file = '../uploads/' . $value; if(file_exists($file)){ unlink($file); } } return $removed_files; } for($i = 0; $i < count($_FILES['files']['name']); $i++) { $name = $_FILES['files']['name'][$i]; $temp = $_FILES['files']['tmp_name'][$i]; $ext = pathinfo($name, PATHINFO_EXTENSION); $upload = md5( rand( 0, 1000 ) . rand( 0, 1000 ) . rand( 0, 1000 ) . rand( 0, 1000 )); $image_thumb_path = $user_dir . 'thumb_' . $upload . $ext; try { $insert_image = $db->prepare("INSERT INTO images(user_id, image_path, date_added) VALUES(:user_id, :image_path, :date_added)"); $insert_image->bindParam(':user_id', $db_userid); $insert_image->bindParam(':image_path', $image_thumb_path); $insert_image->bindParam(':date_added', $date_added); $result_image = $insert_image->execute(); if($result_image == false) { $error = 'There was a problem inserting images!'; } else { move_uploaded_file($temp, $image_thumb_path); $success = 'Your images has been saved.'; } } catch(Exception $e) { $error = die($e->getMessage()); } } } } } } ?> <h1>Upload Images</h1> <?php include_once ($dir_path . '/home/snippets/success-errors.php'); ?> <form action="" method="post" enctype="multipart/form-data"> <fieldset> <input type="file" multiple="multiple" name="files[]" id="input2"> <fieldset> <input type="hidden" name="token" value="<?php echo $_SESSION['token'] = md5(rand(time (), true)); ?>" /> <input type="submit" name="submit" class="red-btn" value="upload" /> </fieldset> </form> <?php require_once ($_SERVER['DOCUMENT_ROOT'] . '/home/templates/footer.php');

I have this script from http://lampload.com/component/option,com_jdownloads/Itemid,382/cid,69/task,view.download/ (I am not using a database) I can upload images fine, I can view files, but I want to delete them. When I press the delete button, nothing happens http://www.jayg.co.uk/gallery6/upload_gallery.php <form> <?php $dir = dirname(__FILENAME__)."/images/gallery" ; $files1 = scandir($dir); foreach($files1 as $file){ if(strlen($file) >=3){ $foil = strstr($file, 'jpg'); // As of PHP 5.3.0 $foil = $file; $pos = strpos($file, 'css'); if ($foil==true){ echo '<input type="checkbox" name="filenames[]" value="'.$foil.'" />'; echo "<img width='130' height='38' src='images/gallery/$file' /><br/>"; // for live host //echo "<img width='130' height='38' src='/ABOOK/SORTING/gallery-dynamic/images/gallery/ $file' /><br/>"; } } }?> <input type="submit" name="mysubmit2" value="Delete"> </form> any ideas please? thanks