Help with PHP script please

Stevis2002 · September 4, 2006

Hi all,

Please could somebody help me out with this script.

I want it to upload all the details into the db, and the image into a folder, storing the image name, size and path on server into db.

For some reason though, it doesn't upload the image, or store any of the image details in db, just the other details.

Here is the code...

[code]<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$target_path = "../plants/";

$target_path = $target_path . basename( $_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['userfile']['image_name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['userfile']['plant_name'];
$filePlanttype = $_POST['userfile']['plant_type'];
$filePlantmonth = $_POST['userfile']['planting_months'];
$fileBloomseason = $_POST['userfile']['blooming_season'];
$filePlantdesc = $_POST['userfile']['plant_description'];
}

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}

if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));

mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

$insertGoTo = "plants.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}

?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form action="<?php echo $editFormAction; ?>" method="POST" enctype="multipart/form-data" name="upload" id="upload">
<p align="center"><span class="bottomnav">Plant Name</span><br>
<input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Plant Type </span><br>
<input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Planting Month(s)</span><br>
<input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Blooming Season</span><br>
<input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Plant Description</span><br>
<textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
</p>
<p align="center"><span class="bottomnav">Image</span><br>
<input name="userfile" type="file" class="loginbutton" id="userfile">
</p>
<p align="center">
<input name="Submit" type="submit" class="loginbutton" value="Submit">
</p>
<input type="hidden" name="MM_insert" value="upload">
</form>
<?php
mysql_free_result($Recordset1);
?>
[/code]

Thanks in advance all,
Steve

Barand · September 4, 2006

[quote]
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));
[/quote]

The above insert statement has no mention of the uploaded file details

Stevis2002 · September 4, 2006

Biut they are stated above with the file pointers....How can i correct this?

thanks for help & reply :)

Barand · September 4, 2006

[code]<?php
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
$fileImagename,
$fileImagetype,
$fileImagesize,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));
?>[/code]

Barand · September 4, 2006

Also,

These lines
[code]
$filePlantname = $_POST['userfile']['plant_name'];
$filePlanttype = $_POST['userfile']['plant_type'];
$filePlantmonth = $_POST['userfile']['planting_months'];
$fileBloomseason = $_POST['userfile']['blooming_season'];
$filePlantdesc = $_POST['userfile']['plant_description'];
[/code]

should be
[code]
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
[/code]

But as tou never refer to those variables you may as well remove the lines

Stevis2002 · September 4, 2006

Many Thanks for the reply mate,

Now it seems that it isn't even showing the form, just comes up with the error, "There was an error uploading the file, please try again!Error uploading file"
Think i've got something in the wrong place now :(

Here is the code now...

[code]
<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
echo "The file ". basename( $_FILES['userfile']['image_name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
}

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}

if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
$fileImagename,
$fileImagetype,
$fileImagesize,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));
}

mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

$insertGoTo = "plants.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));

?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
<p align="center"><span class="bottomnav">Plant Name</span><br>
<input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Plant Type </span><br>
<input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Planting Month(s)</span><br>
<input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Blooming Season</span><br>
<input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Plant Description</span><br>
<textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
</p>
<p align="center"><span class="bottomnav">Image</span><br>
<input name="userfile" type="file" class="loginbutton" id="userfile">
</p>
<p align="center">
<input name="Submit" type="submit" class="loginbutton" value="Submit">
</p>

</form>
<?php
mysql_free_result($Recordset1);
?>
[/code]

Thanks again,
Steve

Barand · September 4, 2006

All processing except form display should be inside

if(isset($_POST['upload']))
{
// processing code here
}

form code here

Stevis2002 · September 4, 2006

So it is mean't to be like this...

[code]
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
} ?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
<p align="center"><span class="bottomnav">Plant Name</span><br>
<input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Plant Type </span><br>
<input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Planting Month(s)</span><br>
<input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Blooming Season</span><br>
<input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Plant Description</span><br>
<textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
</p>
<p align="center"><span class="bottomnav">Image</span><br>
<input name="userfile" type="file" class="loginbutton" id="userfile">
</p>
<p align="center">
<input name="Submit" type="submit" class="loginbutton" value="Submit">
</p>

</form>
<?php
$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}

if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
$fileImagename,
$fileImagetype,
$fileImagesize,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));
}

mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

$insertGoTo = "plants.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));

?>
[/code]
Thanks again,
Steve

Barand · September 4, 2006

That bit's fine. It's the code above that that gives the error because, until you submit the form there is no uploaded file.

So
[code]$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
echo "The file ". basename( $_FILES['userfile']['image_name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}[/code]

also needs to be inside that if() condition

Stevis2002 · September 4, 2006

Ok, so i have now got my form back :) Yey....Thanks!!

But, it comes up with 'error uploading file', and nothing goes into the database, or the folder ::)
Sorry for being a pain :)

Steve

[code]
<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
echo "The file ". basename( $_FILES['userfile']['image_name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
<p align="center"><span class="bottomnav">Plant Name</span><br>
<input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Plant Type </span><br>
<input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Planting Month(s)</span><br>
<input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Blooming Season</span><br>
<input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Plant Description</span><br>
<textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
</p>
<p align="center"><span class="bottomnav">Image</span><br>
<input name="userfile" type="file" class="loginbutton" id="userfile">
</p>
<p align="center">
<input name="Submit" type="submit" class="loginbutton" value="Submit">
</p>

</form>
</html>
<?php

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}

if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
$fileImagename,
$fileImagetype,
$fileImagesize,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));
}

mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

$insertGoTo = "plants.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));

?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>

<?php
mysql_free_result($Recordset1);
?>
[/code]

Barand · September 4, 2006

try
[code]<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['name'];
$fileImagesize = $_FILES['userfile']['size'];
$fileImagetype = $_FILES['userfile']['type'];

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
echo "The file ". basename( $_FILES['userfile']['image_name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}

$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
$fileImagename,
$fileImagetype,
$fileImagesize,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));

mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

$insertGoTo = "plants.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
<p align="center"><span class="bottomnav">Plant Name</span><br>
<input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Plant Type </span><br>
<input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Planting Month(s)</span><br>
<input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Blooming Season</span><br>
<input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Plant Description</span><br>
<textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
</p>
<p align="center"><span class="bottomnav">Image</span><br>
<input name="userfile" type="file" class="loginbutton" id="userfile">
</p>
<p align="center">
<input name="Submit" type="submit" class="loginbutton" value="Submit">
</p>

</form>
</html>[/code]

Stevis2002 · September 4, 2006

No good mate. I don't get the error anymore, but nothing else happens either :(

Steve

Barand · September 4, 2006

Just noticed you don;t post anything named "upload"

Change
if(isset($_POST['upload']))
to
if(isset($_POST['Submit']))

Stevis2002 · September 5, 2006

Thanks for all the help mate!

Got a slight problem....The file has been uploadedUnknown column 'flower.jpg' in 'field list'......And still nothing gets uploaded, either into the folder, or the database.

[code]
<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

if(isset($_POST['Submit']))
{
$fileImagename = $_FILES['userfile']['name'];
$fileImagesize = $_FILES['userfile']['size'];
$fileImagetype = $_FILES['userfile']['type'];

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
echo "The file ". basename( $_FILES['userfile']['image_name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}

$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
$fileImagename,
$fileImagetype,
$fileImagesize,
GetSQLValueString($_POST['path'], "text"),
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));

mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

$insertGoTo = "plants.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
<p align="center"><span class="bottomnav">Plant Name</span><br>
<input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Plant Type </span><br>
<input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Planting Month(s)</span><br>
<input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Blooming Season</span><br>
<input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Plant Description</span><br>
<textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
</p>
<p align="center"><span class="bottomnav">Image</span><br>
<input name="userfile" type="file" class="loginbutton" id="userfile">
</p>
<p align="center">
<input name="Submit" type="submit" class="loginbutton" value="Submit">
</p>

</form>
</html>
[/code]

Sorry to be a pain,
Steve

Stevis2002 · September 5, 2006

Ok, by changing [code]
$fileImagename = $_FILES['userfile']['name'];
$fileImagesize = $_FILES['userfile']['size'];
$fileImagetype = $_FILES['userfile']['type'];
[/code]
to
[code]
$fileImagename = $_FILES['userfile']['image_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
[/code]
I got rid of the error, but now i have an sql error because i don't think it is storing the path, image_name, image_size, or image_type.

How can i change this?

The file has been uploadedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , NULL, 'info', 'info', 'info', 'info', 'info')' at line 1

Stevis2002 · September 5, 2006

Been looking and messing now and still can't fatham it out.
God, i've got a lot to learn still lol

Barand · September 5, 2006

The FILES array has indexes name, type, size and not image_name etc, so those need changing back.

The problem was the sprintf() statement - all those %s need to be inside quotes otherwise, if SQL comes across a string value, like flower.jpg, ot assumes it is a column name whereas if it is 'flower.jpg' it assumes it is data.

try this
[code]<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['name'];
$fileImagesize = $_FILES['userfile']['size'];
$fileImagetype = $_FILES['userfile']['type'];

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
echo "The file ". basename( $_FILES['userfile']['image_name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}

$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
$fileImagename,
$fileImagetype,
$fileImagesize,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));

mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

$insertGoTo = "plants.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
<p align="center"><span class="bottomnav">Plant Name</span><br>
<input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Plant Type </span><br>
<input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
</p>
<p align="center"><span class="bottomnav">Planting Month(s)</span><br>
<input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Blooming Season</span><br>
<input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
<p align="center"><span class="bottomnav">Plant Description</span><br>
<textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
</p>
<p align="center"><span class="bottomnav">Image</span><br>
<input name="userfile" type="file" class="loginbutton" id="userfile">
</p>
<p align="center">
<input name="Submit" type="submit" class="loginbutton" value="Submit">
</p>

</form>
</html>[/code]

Stevis2002 · September 5, 2006

Thanks for that, although it still returns that there are too few arguments in the sprintf function. Is this because there is no information being collected about the image size, path, name etc?

Thanks,
Steve

Barand · September 5, 2006

[quote]image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description[/quote]
= 9 fields.

[quote] $fileImagename,
$fileImagetype,
$fileImagesize,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text")[/quote]
= 8 fields

value missing for path - needs to go after $fileImagesize.

Is it $uploaddir that you want in there?

Stevis2002 · September 5, 2006

Yes, so i would have to add a [code]$uploaddir[/code]?

Barand · September 5, 2006

Yes, change to

[code]
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
$fileImagename,
$fileImagetype,
$fileImagesize,
$uploaddir,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));[/code]

Stevis2002 · September 5, 2006

Thanks mate,

Giving me yet another error now, and this time i have absolutely zero idea what's causing it :(

The file has been uploadedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test'', ''test'', ''test'', ''test'', ''test'')' at line 1

Barand · September 5, 2006

After that sprintf() call I posted above, add

echo $insertSQL ;

and post the output

Stevis2002 · September 5, 2006

Right then, Here is the output....Hope i placed it in right place!

The file has been uploadedINSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('blush_delieux.jpg', 'image/pjpeg', '4006', '/plants/', ''test'', ''test'', ''test'', ''test'', ''test'')You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test'', ''test'', ''test'', ''test'', ''test'')' at line 1

Thatnks for that btw....didn't know about that little trick :)

Barand · September 5, 2006

OK I see it.

Dreamweaver's GetSQLValueString() is already putting single quotes around text values, so the last 5 %s in the sprintf() don't need them.

Change to

[code]
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', %s, %s, %s, %s, %s)",
$fileImagename,
$fileImagetype,
$fileImagesize,
$uploaddir,
GetSQLValueString($_POST['plant_name'], "text"),
GetSQLValueString($_POST['plant_type'], "text"),
GetSQLValueString($_POST['planting_months'], "text"),
GetSQLValueString($_POST['blooming_season'], "text"),
GetSQLValueString($_POST['plant_description'], "text"));[/code]

Sign In

Help with PHP script please

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information