Jump to content

[PHP/MySQL] File upload - Store info in MySQL


jay7981

Recommended Posts

Hey all, having an issue with this form processor.

 

The user fills out form and then submits the info what is suppose to happen is it valadates the info, uploads the image to a folder on the server, then stores the URL of the image in a database that is already created.

 

Below is the form, processor, and database table that i have setup.

 

The issue that i am getting at the moment ( and i am sure there will be more) is when the form is submitted with good information (steamid is in the database, pin matches what is in database for that steamid, and image is a 51KB .jpg ) I keep getting my error "Please select an image that is 100KB or less in size and its type is .jpg, .gif, or .png BACK3" {noted in code} i numbered the error messages so that i can see were it is erroring at. and it seems to be the file type valadation. I have also double and triple checked the DB connection info as well. *has been removed for safety*

 

The Form avatar_upload.php:

<form action="avatar_process.php" method="post" enctype="multipart/form-data" name="avatar_up">
  <p>SteamID:
    <input name="steamid" type="text" size="20" maxlength="20" />
    <span class="hints">(ex: STEAM_0:0:00000000)</span></p>
  <p>Pin Code:
    <input name="pin" type="text" size="12" maxlength="12" />
      <a href="#">Need a pin?</a></p>
  <p>Avatar Image:
    <input name="avatar" type="file" size="15" />
    <br />
    <span class="hints">Allowed types are .jpg, .gif, or .png only / Max file size is 100KB</span></p>
  <p>
    <input name="submit" type="submit" value="Upload" />
  </p>
</form>

 

The Processor avatar_process.php:

<?php

// Receiving variables
@$steamid = addslashes($_POST['steamid']);
@$pin = addslashes($_POST['pin']);
@$avatar_Name = $_FILES['avatar']['name'];
@$avatar_Size = $_FILES['avatar']['size'];
@$avatar_Temp = $_FILES['avatar']['tmp_name'];
@$avatar_Mime_Type = $_FILES['avatar']['type'];

//Checking/Making Folder
function RecursiveMkdir($path)
{
   if (!file_exists($path)) 
   { 
      RecursiveMkdir(dirname($path));
      mkdir($path, 0777);
    }
  }


// Validation
if (strlen($steamid) <15)
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>");
}
if (strlen($steamid) >20)
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>");
}

if (strlen($steamid) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>");
}

if (strlen($pin) !=12)
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid pin<br>Dont have a pin? click <a href='#'>here</a></font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>");
}

if (strlen($pin) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid pin<br>Dont have a pin? click <a href='#'>here</a></font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>");
}

if( $avatar_Size == 0)
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please select an image that is 100KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK1</a></p>");
}
if( $avatar_Size >1000000)
{

//delete file 
unlink($avatar_Temp);
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please select an image that is 100KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK2</a></p>");
}

//###############################
//#####   This is the Error i am reciveing  ###
//###############################
if( $avatar_Mime_Type != "image/gif" AND $avatar_Mime_Type != "image/jpeg" AND $avatar_Mime_Type != "image/png" )
{
unlink($avatar_Temp);
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please select an image that is 100KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK3</a></p>");
//###############################
//########      End Error Mark      ###
//###############################
}
$uploadFile = "avatars/".$avatar_Name ;
if (!is_dir(dirname($uploadFile)))
  {
    @RecursiveMkdir(dirname($uploadFile)); 
  }
else
  {
  @chmod(dirname($uploadFile), 0777);
  }
@move_uploaded_file( $avatar_Temp , $uploadFile); 
chmod($uploadFile, 0644);
$avatar_URL = "http://mysite.com/uploads/avatars/".$avatar_Name ;

//saving record to MySQL database
@$ava_strQuery = "INSERT INTO `clan_members`(`avatar`)VALUES ('$avatar_Name') WHERE authid='$steamid' AND private_pin='$pin' ON DUPLICATE KEY UPDATE avatar='$avatar_Name'" ;
@$ava_host = "**********";
@$ava_user = "**********";
@$ava_pw = "**********";
@$ava_db = "**********";
$ava_link = mysql_connect($ava_host, $ava_user, $ava_pw);
if (!$ava_link) {
die('Could not connect: ' . mysql_error());
}
$ava_db_selected = mysql_select_db($ava_db, $ava_link);
if (!$ava_db_selected) {
die ('Can not use $ava_db : ' . mysql_error());
}

//insert new record
$ava_result = mysql_query($ava_strQuery);
if (!$ava_result) {
die('Invalid query: ' . mysql_error());
}
mysql_close($ava_link);

echo("<p align='center'><font face='Arial' size='3' color='#FF0000'>Image uploaded OK!</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>");
?>

 

The Database:

authid = varchar 36 Primary key
rank = varchar 33 
name = varchar 33 
email = varchar 255 
fid = varchar 255 
avatar = varchar 255 
private_pin = varchar 255 

 

 

Any ideas as to why its not valadating the image type correctly?

Link to comment
Share on other sites

this could be the issue

 

if( $avatar_Mime_Type != "image/gif" AND $avatar_Mime_Type != "image/jpeg" AND $avatar_Mime_Type != "image/png" )

it is not supposed to be and over there it should be or condition, an image cannot be of all the three types..

:P

Link to comment
Share on other sites

this could be the issue

 

if( $avatar_Mime_Type != "image/gif" AND $avatar_Mime_Type != "image/jpeg" AND $avatar_Mime_Type != "image/png" )

it is not supposed to be and over there it should be or condition, an image cannot be of all the three types..

:P

 

OK, i changed the code to :

if( $avatar_Mime_Type != "image/gif" OR $avatar_Mime_Type != "image/jpeg" OR $avatar_Mime_Type != "image/png" )

 

and still same error is present.....

 

You can test it here ... http://bringitonclan.org/clan_new/avatar_upload.php

 

use the steamid STEAM:0:0:1234567890

and the Pin : 123456789100

Link to comment
Share on other sites

Change your  @$avatar_Mime_Type to some thing like this

@$avatar_Mime_Type=strtolower(substr($_FILES['txt_file']['name'],strrpos($_FILES['txt_file']['name'],'.')+1));

 

now change the condition like this

if( $avatar_Mime_Type != "gif" OR $avatar_Mime_Type != "jpeg" OR $avatar_Mime_Type != "png" )

 

for your reference i am uploading one script i have done some time back..

 

u need to have an sql like this

insert into `filetype` (`type_name`) values('doc');
insert into `filetype` (`type_name`) values('gif');
insert into `filetype` (`type_name`) values('jpg');
insert into `filetype` (`type_name`) values('pdf');
insert into `filetype` (`type_name`) values('png');

 

 

[attachment deleted by admin]

Link to comment
Share on other sites

after looking at your code and mine i finally figured out why mine wasnt working, i forgot there are more than jsut jpg, png types ... there are x-png and pjpg as well and i didnt have those included as allowed so now my code looks like this ...

 

if( $avatar_Mime_Type != "image/gif" AND $avatar_Mime_Type != "image/jpeg" AND $avatar_Mime_Type != "image/pjpeg" AND $avatar_Mime_Type != "image/png" AND $avatar_Mime_Type != "image/x-png")

 

but now i am getting a sql error.... guess i have to move this post to the MySQL area ugh!

 

for reference and just incase you can help here is the error i am getting, i was sure that they sql query was right ....

 

@$ava_strQuery = "INSERT INTO `clan_members`(`avatar`)VALUES ('$avatar_Name') WHERE authid='$steamid' AND private_pin='$pin' ON DUPLICATE KEY UPDATE avatar='$avatar_Name'" ;

 

the error i am getting is ..

Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE authid='STEAM:0:0:1234567890' AND private_pin='123456789100' ON DUPLICATE ' at line 1

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.