[SOLVED] Trying to upload file

djsl · August 17, 2009

Hi

I am trying to set up where members in my site upload files and then all the members to be able to have access to them.

I have gotten the script to upload the file to the proper directory but when I update the the table it does not update the location and name but the actual variable "SELECT * FROM members WHERE username='$username'".

What am I doing wrong?

Also if I want to allow other types of files like a txt or pdf what would be the type for the script to filter where image is "image/gif"

thanks

<?php

require('includes/handler.php'); 
$query="SELECT * FROM members WHERE username='$username'";

$target_path = "upload/$username/";

$appraisalfilelocation=  '. $target_path . $_FILES["file"]["name"]';

if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/doc"))
&& ($_FILES["file"]["size"] < 90000))
  {
  if ($_FILES["file"]["error"] > 0)
    {
   echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
   }
  else
   {
  echo "Upload: " . $_FILES["file"]["name"] . "<br />";
   echo "Type: " . $_FILES["file"]["type"] . "<br />";
   echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
   echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";

    if (file_exists("upload/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      $target_path . $_FILES["file"]["name"]);
      echo "Stored in: " . $target_path . $_FILES["file"]["name"];

      }
    }
}
else
  {
echo "Invalid file";
   }


mysql_query("UPDATE members SET appraisal_file_location = $appraisalfilelocation
WHERE username = '$username'");


?>

flyhoney · August 17, 2009

$appraisalfilelocation =  $target_path . $_FILES["file"]["name"];

djsl · August 17, 2009

ok I changed the line and added the error reporting

thanks for your help

here is what I got for the error

Notice: Undefined index: custom in includes/csecure.php on line 70

csecure.php is the page that tells users that they are banned and line 70 is:

$custom = kry_db_input($_POST['custom']);

here is the code from that page


$_ip = getenv('REMOTE_ADDR');
if (defined('SITE_NAME'))
{
	$custom = kry_db_input($_POST['custom']);
	$result = kry_db_query("select * from banned where banned_ip = '" . $_ip . "' and type = 'M' ");
	if ($myrow = kry_db_fetch_array($result))
	{
			die($_error_message);
	}
	$member_id = $_SESSION['member_id'];
	$accQuery = kry_db_query("select members_email_address from members where members_id = '" . (int)$member_id . "' ");
	$accRes = kry_db_fetch_array($accQuery);
	$email = $accRes['members_email_address'];
	$result = kry_db_query("select * from banned where banned_email = '" . $email . "'");
	if ($myrow = kry_db_fetch_array($result))
	{
			die($_error_message);
	}
}
else
{
	die($_error_message);
}

flyhoney · August 18, 2009

The undefined index notice means that they key 'custom' does not exist in the array $_POST which means that the form you are submitting has no 'custom' element.

djsl · August 18, 2009

I got it working I added ' ' on the target location variable '$appraisalfilelocation'

mysql_query("UPDATE members SET appraisal_file_location = '$appraisalfilelocation'
WHERE username = '$username'");

thanks for your help

Sign In

[SOLVED] Trying to upload file

Recommended Posts

djsl

Link to comment

Share on other sites

flyhoney

Link to comment

Share on other sites

djsl

Link to comment

Share on other sites

flyhoney

Link to comment

Share on other sites

djsl

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information