herghost Posted September 28, 2009 Share Posted September 28, 2009 Hi all, I have the below form which almost works fine. The problem I have is that the userfile that the user can upload is always coming back as an error saying it is not included. As nothing is actually posted until the script is complete I can see why this happens, I just dont know how you would go about changing this for a file instead of text. <?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta name="Description" content="" /> <meta name="Keywords" content="" /> <meta name="Robots" content="index,follow" /> <link rel="stylesheet" href="images/CoolWater.css" type="text/css" /> <title>Project</title> <script type="text/javascript" src="js/prototype.js"></script> <script type="text/javascript" src="js/scriptaculous.js?¬ load=builder,effects"></script> <script type="text/javascript" src="js/modalbox.js"></script> </head> <body> <div id="wrap"> <?php include('include/header.php'); include ('include/dbconnect.php');?> <!-- content-wrap starts here --> <div id="content-wrap"> <div id="main"> <!--If user not logged in--> <?php if (!isset($_SESSION['logged'])) { ?> <center><img src="images/oops.jpg" alt="oops" /><br /> <p><h3>You need to login before you can start posting</h3></p> </div> <?php include('include/sidebar_0.php'); include('include/footer.php'); echo "</body></html>"; } //if user is logged in. else { // filter incoming values $cat = (isset($_POST['cat'])) ? trim($_POST['cat']) : ''; $os = (isset($_POST['os'])) ? $_POST['os'] : ''; $ram = (isset($_POST['ram'])) ? trim($_POST['ram']) : ''; $harddrive = (isset($_POST['harddrive'])) ? trim($_POST['harddrive']) : ''; $graphics = (isset($_POST['graphics'])) ? trim($_POST['graphics']) : ''; $title = (isset($_POST['title'])) ? trim($_POST['title']) : ''; $detail = (isset($_POST['detail'])) ? trim($_POST['detail']) : ''; $keywords = (isset($_POST['keywords'])) ? trim($_POST['keywords']) : ''; $userfile = (isset($_POST['userfile'])) ? trim($_POST['userfile']) : ''; $datetime=date("d/m/y h:i:s"); if (isset($_POST['submit']) && $_POST['submit'] == 'Post') { $errors = array(); // make sure manditory fields have been entered if (empty($cat)) { $errors[] = 'Category cannot be blank.'; } if (empty($os)) { $errors[] = 'Operating System cannot be blank.'; } if (empty($ram)) { $errors[] = 'Ram cannot be blank.'; } if (empty($harddrive)) { $errors[] = 'Harddrive cannot be blank.'; } if (empty($graphics)) { $errors[] = 'Graphics Card cannot be blank.'; } if (empty($title)) { $errors[] = 'Post Title cannot be blank.'; } if (empty($detail)) { $errors[] = 'Post Details cannot be blank.'; } if (empty($keywords)) { $errors[] = 'Keywords cannot be blank.'; } if (empty($userfile)) { $errors[] = 'Please add your DXDIAG file.'; } if (count($errors) > 0) { echo '<p><strong style="color:#FF000;">Unable to submit your ' . 'post.</strong></p>'; echo '<p>Please fix the following:</p>'; echo '<ul>'; foreach ($errors as $error) { echo '<li>' . $error . '</li>'; } echo '</ul>'; } else { $query = 'INSERT INTO forum_question (title, cat, os, ram, harddrive, graphics, detail, username, keywords) VALUES (' . $title . ', ' . '"' . mysql_real_escape_string($cat, $conn) . '", ' . '"' . mysql_real_escape_string($os, $conn) . '", ' . '"' . mysql_real_escape_string($ram, $conn) . '", ' . '"' . mysql_real_escape_string($harddrive, $conn) . '", ' . '"' . mysql_real_escape_string($graphics, $conn) . '", ' . '"' . mysql_real_escape_string($detail, $conn) . '", ' . '"' . mysql_real_escape_string($username, $conn) . '", ' . '"' . mysql_real_escape_string($keywords, $conn) . '")'; $result = mysql_query($query, $conn) or die(mysql_error()); $post_no = mysql_insert_id(); if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) { $fileName = $_SESSION['username'] ; $tmpName = $_FILES['userfile']['tmp_name']; $fileSize = $_FILES['userfile']['size']; $fileType = $_FILES['userfile']['type']; $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); $content = addslashes($content); $query = 'INSERT INTO upload (name, size, type, content, post_no) VALUES (' . $fileName . ', ' . '"' . mysql_real_escape_string($fileSize, $conn) . '", ' . '"' . mysql_real_escape_string($fileType, $conn) . '", ' . '"' . mysql_real_escape_string($content, $conn) . '", ' . '"' . mysql_real_escape_string($post_no, $conn) . '") ' ; $result = mysql_query($query, $conn) or die(mysql_error()); $query = "UPDATE users_credits SET credits = credits - 1 WHERE username = '$username'"; mysql_query($query) or die('Error, insert query failed'); $result = mysql_query($query, $conn) or die(mysql_error()); $_SESSION['logged'] = 1; $_SESSION['username'] = $username; header('Refresh: 3; URL=account.php'); ?> <p><strong>Thank you <?php echo $username; ?> for your post</strong></p> <p>Your post has been submitted! You will be redirected shortly, <a href="account.php">click here</a>.</p> <?php } } } ?> <?php { $query = 'SELECT userlevel, credits FROM users_info u JOIN users_credits i ON u.user_id = i.user_id WHERE username = "' . mysql_real_escape_string($_SESSION['username'], $conn) . '"'; $result = mysql_query($query, $conn) or die(mysql_error($conn)); $row = mysql_fetch_array($result); extract($row); mysql_free_result($result); } if ($credits > 0) { ?> <h1>Welcome to the Question Forum.</h1> <p> <h3>Post New Topic</h3></p> <form enctype="multipart/form-data" action="post.php" method="POST"> <p> <label for = "Catergory">Category</label> <label for="Hardware"> <input type="radio" name="cat" value="Hardware" id="Hardware" /> Hardware</label> <label for="Software"> <input type="radio" name="cat" value="Software" id="Software" /> Software</label> <label for="Peripheral"> <input type="radio" name="cat" value="Peripheral" id="Peripheral" /> Peripheral</label> <br /> <label for="os">Operating System</label> <input name="os" type="text" id="os" /> <label for="ram">MB of RAM</label> <input name="ram" type="text" id="ram" /> <label for="harddrive">Type & Size of Harddrive</label> <input name="harddrive" type="text" id="harddrive" /> <label for="graphics">Graphics Card</label> <input name="graphics" type="text" id="graphics" /> <label for="title">Post Title</label> <input name="title" type="text" id="title" /> <label for="detail">Your Problem Details</label> <textarea rows="20" cols="5" name="detail" id="detail"></textarea> <label for="keywords">Keywords (Seperate by , )</label> <textarea rows="20" cols="3" name="keywords" id="keywords"></textarea> <input type="hidden" name="MAX_FILE_SIZE" value="2000000"> <label for="userfile">Please upload your DXDIAG as a txt file (.txt) <a href="include/dxdiag.php" title="DXDIAG Infomation" onclick=" Modalbox.show(this.href, {title: this.title, width: 600}); return false; "> Whats This?</a> </label> <input name="userfile" id="userfile" type="file" /><br /> <input type="submit" name="submit" value="Post" class="button"/> </p> </form> </div> <?php } ?> <?php if ($credits == 0) { ?> <center> <img src="images/oops.jpg" width="305" height="179" alt="oops" /> <?php echo "<p>"; echo "<h3>"; echo "To post a question you need to have at least one posting credit available, you can purchase posting credits "; echo "<a href='../users/buycredits.php'>By Clicking Here</a>"; echo "</h3>"; echo "</p>"; echo "</center>"; } ?> </div> <?php if (isset($_SESSION['logged']) && $_SESSION['logged'] == 1) { include('include/sidebar_1.php'); } else { include('include/sidebar_0.php'); } ?> <!-- content-wrap ends here --> <?php include('include/footer.php'); }?> <!-- wrap ends here --> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.