m00f Posted September 9, 2009 Share Posted September 9, 2009 Hi there, I am quite new to PHP and am trying to develop a registration style page which inserts data from a POST into the database and also (based on one of the form fields) populates a database with images from a folder.... I'm not sure if that makes sense so I'll show you what I have and try and explain further... Couple of things to note: An account is created by an admin The form field 'folder' relates to an image folder created via FTP Page 1 <div id="admin_cont_inset"> <form method="post" action="process_create_user.php" name="createuserform" id="createuserform"> <table width="441"> <td width="113"></tr> <tr> <td valign="top"> <p> <label for="groomname">Groom name:</label> </td> <td width="316" valign="top"> <input type="text" name="groomname" id="groomname" /></p> </tr> <tr> <td valign="top"> <p> <label for="bridename">Bride name:</label> </td> <td valign="top"> <input type="text" name="bridename" id="bridename" /></p> </tr> <tr> <td valign="top"> <p><label for="weddate">Date of wedding:</label> </td> <td valign="top"> <input type="text" name="weddate" id="weddate" /><h3 class="style1"><small>Use format DD-MM-YY. e.g 28-08-09</small></h3></p> </tr> <tr> <td valign="top"> <p><label for="venue">Venue:</label> </td> <td valign="top"> <input type="text" name="venue" id="venue" /></p> <br /> </tr> <tr> <td valign="top"> <p><label for="custemail">Email:</label> </td> <td valign="top"> <input type="text" name="custemail" id="custemail" /></p> <br /> </tr> <tr> <td valign="top"> <p><label for="albumfolder">Album folder:</label> </td> <td valign="top"> <input type="text" name="albumfolder" id="albumfolder" /> <h3 class="style1"><small> Type the folder name you have just created on the FTP server, ensure they are exactly the same</small></h3> </p> <tr> <td colspan="2" style="text-align:center"> <p><input type="submit" name="create" id="create" value="create" /></p> </td> </tr> </table> </form> The second page should call the insert script(to insert data into DB) Display to the user all the data entered plus the fields created automatically (username and password) This is my second page: <?php require_once 'sources/scripts/sess_conf.php'; $Sessconf = New Sessconf(); $Sessconf->conf_Mem(); require 'userprocess.php'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>NIGELG PHOTOGRAPHY</title> <link rel="stylesheet" href="sources/css/styles.css" type="text/css" /> <style type="text/css"> <!-- .style1 {font-size: .8} --> </style> </head> <body> <div id="container"> <div id="header"> </div> <div id="nav"> <ul> <li><a href='admin.php' title='Admin Home'>HOME</a></li> <li><a href='createuser.php' title='Create User'>CREATE USER</a></li> <li><a href='viewedit.php' title='View/Edit Users'>VIEW/EDIT USERS</a></li> <li><a href='admincms.php' title='Pageadmin'>PAGE ADMIN</a></li> <li><a href='marketing.php' title='Marketing Tools'>MARKETING TOOLS</a></li> <li><a href='Businessreports.php' title='Business Reports'>BUSINESS REPORTS</a></li> </ul> </div> <div id="admin_nav"> <h2>Confirm account details</h2> <hr /> <div id="admin_cont_inset"> <!------- display Data passsed from previous form, this will allow the user to confirm the details they have entered---> <table width="441"> <td width="113"></tr> <tr> <td valign="top"> <label for="groomname"><strong>Groom name:</strong></label> </td> <td width="316" valign="top"> <?php echo $groomname; ?> </tr> <tr> <td valign="baseline"> <label for="bridename"><strong>Bride name:</strong></label> </td> <td valign="middle"> <?php echo $bridename; ?> </tr> <tr> <td valign="top"> <label for="weddate"><strong>Date of wedding:</strong></label> </td> <td valign="top"> <?php echo $weddate; ?> </tr> <tr> <td valign="top"> <label for="venue"><strong>Venue:</strong></label> </td> <td valign="top"> <?php echo $venue; ?> </tr> <tr> <td valign="top"> <label for="custemail"><strong>Email:</strong></label> </td> <td valign="top"> <?php echo $custemail; ?> </tr> <tr> <td valign="top"> <label for="albumfolder"><strong>Album folder:</strong></label> </td> <td valign="top"> <?php echo $albumfolder; ?> </tr> <tr> <td valign="top"> <label for="username"><strong>Username:</strong></label> </td> <td valign="top"> <?php echo $username; ?> </tr> <tr> <td valign="top"> <label for="custpassword"><strong>Password:</strong></label> </td> <td valign="top"> <?php echo $custpassword; ?> </td> </tr> </table> </div> </div> <div id="nav_sidebar"> <h4>User Controls</h4> <ul> <?php echo "<li><a href='login.php?status=loggedout'>Log Out</a></li>"; ?> </ul> </div> </div> <div id="footer"> </div> </div> </body> </html> and finally the script <?php //Pass form dataa into variables //Concatonate groomname,bridename and weddate to generate a unique username include 'sources/scripts/password.php'; $generatedpassword = generatePw(); // If user pressed the 'Update' button then-> if(isset($_POST['create'])){ // Do the following code the page's content require("sources/scripts/connection.php"); $groomname = $_POST['groomname']; $bridename = $_POST['bridename']; $weddate = $_POST['weddate']; $venue = $_POST['venue']; $custemail = $_POST['custemail']; $albumfolder = $_POST['albumfolder']; $custpassword = $generatedpassword; $username = $groomname.' '.'&'.' '.$bridename. ' '.'-'.' '.$venue. ' '.'-'.' '.$weddate; $sql = "INSERT INTO cust (groomname, bridename, weddate, venue, email, username, password) VALUES ($groomname, $bridename, $weddate, $venue, $custemail, $custpassword, $username)"; [b]$result = $conn->query($sql) or die(mysqli_error());[/b] if($result){ header("process_create_user.php"); } } ?> I am currently recieving an error on line 24 of script : Warning: mysqli_error() expects exactly 1 parameter, 0 given in C:\wamp\userprocess.php on line 24 (Line bolded above). My next problem, I don't even know where to start: on the next page I want to be able to use the 'foldername' attribute and step through that folder on the server and insert the images in the folder into a 'gal' table. attributes for gal:@ galid custid imgname foldername I understand it will basically be a loop which will more than likely be a: while(isset($foldername){ step through images insert into gal .... dir = $foldername... } else no folder of that name found... } Like I said, I'm kind of at a loss with this, I understand the concepts(I think, but not sure of how to code it) I have looked at the php manual on reading folders but I couldn't make heads of tales of it, if you could help me out I would really appreciate this. Apologies if the explaination is a bit erratic! I hope it makes sense.. Many thanks m Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/ Share on other sites More sharing options...
m00f Posted September 9, 2009 Author Share Posted September 9, 2009 No Joy Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/#findComment-915706 Share on other sites More sharing options...
gevensen Posted September 9, 2009 Share Posted September 9, 2009 populating your database with images? do you mean blobbing the images into the database or uploading images to a directory in jpgs or whatever? Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/#findComment-915708 Share on other sites More sharing options...
gevensen Posted September 9, 2009 Share Posted September 9, 2009 your making a huge security mistake inputting a post directly to your db thats a hackers dream i would at least use htmlspecialchars() for example $variable=htmlspecialchars($_POST['field']); Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/#findComment-915709 Share on other sites More sharing options...
gevensen Posted September 9, 2009 Share Posted September 9, 2009 theres a similar thread http://www.phpfreaks.com/forums/index.php?topic=248238.0 Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/#findComment-915710 Share on other sites More sharing options...
m00f Posted September 10, 2009 Author Share Posted September 10, 2009 Thank you for the replies. Sorry if I wasn't clear in the original post. An admin user will manually upload a folder of images(I couldn't work out a way to upload 200 images using PHP..) The admin will then create a user account, and manually enter the name of the folder uploaded(crude I know but again I couldn't get PHP to populate a dropdown box) the name of the folder will then be inserted into a variable that variable will be used inside a loop to insert the names/urls of the images into my gal table and linked to the user account Ultimately I will end up with a user account and a gallery attached. I know I have probably gona convoluted way about doing this so if anyone could help here I would be most grateful Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/#findComment-915769 Share on other sites More sharing options...
gevensen Posted September 10, 2009 Share Posted September 10, 2009 if you do some searching you can find a way to list all images in a directory use that to make a list of images in an array the use the move_uploaded_file to move the files to your new directory it can all be done automatically i wouldnt blob i was considering that myself but found it taxes the database too much its much easier to upload the file and record the filename and associate it with a user id than to break it down into a blob and then reassemle it Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/#findComment-915798 Share on other sites More sharing options...
gevensen Posted September 10, 2009 Share Posted September 10, 2009 also you need some hacker checks when uploading a trick they use is to upload a htaccess file or a file named picture.php.jpg so you need to check for double file Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/#findComment-915799 Share on other sites More sharing options...
gevensen Posted September 10, 2009 Share Posted September 10, 2009 and you can use a user table where you have an id then another table that has id linked_id filename where id is the id of the table 1,2,3,4 ect and linked_id is the user id from the database for example 12 and the filename picture.jpg then you do a sql search such as select * from picture_database where linked_id = $userid and that will list all the filenames associated with that user there may be some better ways but the is the way my pea brain works here is an actual table i use to track images CREATE TABLE IF NOT EXISTS `sc_expense_images` ( `id` int(11) NOT NULL AUTO_INCREMENT, `expense_id` int(11) NOT NULL, `filename` varchar(75) NOT NULL, PRIMARY KEY (`id`), KEY `sc_expense_id` (`expense_id`,`filename`), KEY `expense_id` (`expense_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=791 ; Link to comment https://forums.phpfreaks.com/topic/173673-create-user-populate-database-function/#findComment-915806 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.