Jump to content

Archived

This topic is now archived and is closed to further replies.

Stevis2002

Help with PHP script please

Recommended Posts

Hi all,

Please could somebody help me out with this script.

I want it to upload all the details into the db, and the image into a folder, storing the image name, size and path on server into db.

For some reason though, it doesn't upload the image, or store any of the image details in db, just the other details.

Here is the code...

[code]<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;   
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$target_path = "../plants/";

$target_path = $target_path . basename( $_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['userfile']['image_name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['userfile']['plant_name'];
$filePlanttype = $_POST['userfile']['plant_type'];
$filePlantmonth = $_POST['userfile']['planting_months'];
$fileBloomseason = $_POST['userfile']['blooming_season'];
$filePlantdesc = $_POST['userfile']['plant_description'];
}

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}


if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
  $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['plant_name'], "text"),
                       GetSQLValueString($_POST['plant_type'], "text"),
                       GetSQLValueString($_POST['planting_months'], "text"),
                       GetSQLValueString($_POST['blooming_season'], "text"),
                       GetSQLValueString($_POST['plant_description'], "text"));

  mysql_select_db($database_localhost, $localhost);
  $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

  $insertGoTo = "plants.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}


?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form action="<?php echo $editFormAction; ?>" method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
  <input type="hidden" name="MM_insert" value="upload">
</form>
<?php
mysql_free_result($Recordset1);
?>
[/code]

Thanks in advance all,
Steve

Share this post


Link to post
Share on other sites
[quote]
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
                      GetSQLValueString($_POST['plant_name'], "text"),
                      GetSQLValueString($_POST['plant_type'], "text"),
                      GetSQLValueString($_POST['planting_months'], "text"),
                      GetSQLValueString($_POST['blooming_season'], "text"),
                      GetSQLValueString($_POST['plant_description'], "text"));
[/quote]

The above insert statement has no mention of the uploaded file details

Share this post


Link to post
Share on other sites
[code]<?php
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));
?>[/code]

Share this post


Link to post
Share on other sites
Also,

These lines
[code]
$filePlantname = $_POST['userfile']['plant_name'];
$filePlanttype = $_POST['userfile']['plant_type'];
$filePlantmonth = $_POST['userfile']['planting_months'];
$fileBloomseason = $_POST['userfile']['blooming_season'];
$filePlantdesc = $_POST['userfile']['plant_description'];
[/code]

should be
[code]
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
[/code]

But as tou never refer to those variables you may as well remove the lines

Share this post


Link to post
Share on other sites
Many Thanks for the reply mate,

Now it seems that it isn't even showing the form, just comes up with the error, "There was an error uploading the file, please try again!Error uploading file"
Think i've got something in the wrong place now :(

Here is the code now...

[code]
<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;   
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
    echo "The file ".  basename( $_FILES['userfile']['image_name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
}

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}


if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));
}

  mysql_select_db($database_localhost, $localhost);
  $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

  $insertGoTo = "plants.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));

?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
<?php
mysql_free_result($Recordset1);
?>
[/code]

Thanks again,
Steve

Share this post


Link to post
Share on other sites
All processing except form display should be inside

if(isset($_POST['upload']))
{
          // processing code here
}

form code here

Share this post


Link to post
Share on other sites
So it is mean't to be like this...

[code]
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
} ?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
<?php
$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}


if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));
}

  mysql_select_db($database_localhost, $localhost);
  $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

  $insertGoTo = "plants.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));

?>
[/code]
Thanks again,
Steve

Share this post


Link to post
Share on other sites
That bit's fine. It's the code above that that gives the error because, until you submit the form there is no uploaded file.

So
[code]$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
    echo "The file ".  basename( $_FILES['userfile']['image_name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}[/code]

also needs to be inside that if() condition

Share this post


Link to post
Share on other sites
Ok, so i have now got my form back :) Yey....Thanks!!

But, it comes up with 'error uploading file', and nothing goes into the database, or the folder  ::)
Sorry for being a pain :)

Steve

[code]
<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;   
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}


if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
    echo "The file ".  basename( $_FILES['userfile']['image_name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
</html>
<?php

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}


if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));
}

  mysql_select_db($database_localhost, $localhost);
  $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

  $insertGoTo = "plants.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));

?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>

<?php
mysql_free_result($Recordset1);
?>
[/code]

Share this post


Link to post
Share on other sites
try
[code]<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

      $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;   
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case "double":
          $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
          break;
        case "date":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;
        case "defined":
          $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
          break;
      }
      return $theValue;
    }
}


if(isset($_POST['upload']))
{
    $fileImagename = $_FILES['userfile']['name'];
    $fileImagesize = $_FILES['userfile']['size'];
    $fileImagetype = $_FILES['userfile']['type'];

    $uploaddir = '/plants/';
    $uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

    if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
        echo "The file ".  basename( $_FILES['userfile']['image_name']).
        " has been uploaded";
    } else{
        echo "There was an error uploading the file, please try again!";
    }
   
    $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));


    mysql_select_db($database_localhost, $localhost);
    $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

    $insertGoTo = "plants.php";
    if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
    exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
</html>[/code]

Share this post


Link to post
Share on other sites
Just noticed you don;t post anything named "upload"

Change
if(isset($_POST['upload']))
to
if(isset($_POST['Submit']))

Share this post


Link to post
Share on other sites
Thanks for all the help mate!

Got a slight problem....The file has been uploadedUnknown column 'flower.jpg' in 'field list'......And still nothing gets uploaded, either into the folder, or the database.

[code]
<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

      $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;   
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case "double":
          $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
          break;
        case "date":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;
        case "defined":
          $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
          break;
      }
      return $theValue;
    }
}


if(isset($_POST['Submit']))
{
    $fileImagename = $_FILES['userfile']['name'];
    $fileImagesize = $_FILES['userfile']['size'];
    $fileImagetype = $_FILES['userfile']['type'];

    $uploaddir = '/plants/';
    $uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

    if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
        echo "The file ".  basename( $_FILES['userfile']['image_name']).
        " has been uploaded";
    } else{
        echo "There was an error uploading the file, please try again!";
    }
   
    $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
GetSQLValueString($_POST['path'], "text"),
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));


    mysql_select_db($database_localhost, $localhost);
    $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

    $insertGoTo = "plants.php";
    if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
    exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
</html>
[/code]

Sorry to be a pain,
Steve

Share this post


Link to post
Share on other sites
Ok, by changing [code]
$fileImagename = $_FILES['userfile']['name'];
    $fileImagesize = $_FILES['userfile']['size'];
    $fileImagetype = $_FILES['userfile']['type'];
[/code]
to
[code]
    $fileImagename = $_FILES['userfile']['image_name'];
    $fileImagesize = $_FILES['userfile']['image_size'];
    $fileImagetype = $_FILES['userfile']['image_type'];
[/code]
I got rid of the error, but now i have an sql error because i don't think it is storing the path, image_name, image_size, or image_type.

How can i change this?

The file has been uploadedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , NULL, 'info', 'info', 'info', 'info', 'info')' at line 1

Share this post


Link to post
Share on other sites
The FILES array has indexes name, type, size and not image_name etc, so those need changing back.

The problem was the sprintf() statement - all those %s need to be inside quotes otherwise, if SQL comes across a string value, like flower.jpg, ot assumes it is a column name whereas if it is 'flower.jpg' it assumes it is data.

try this
[code]<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

      $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;   
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case "double":
          $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
          break;
        case "date":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;
        case "defined":
          $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
          break;
      }
      return $theValue;
    }
}


if(isset($_POST['upload']))
{
    $fileImagename = $_FILES['userfile']['name'];
    $fileImagesize = $_FILES['userfile']['size'];
    $fileImagetype = $_FILES['userfile']['type'];

    $uploaddir = '/plants/';
    $uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

    if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
        echo "The file ".  basename( $_FILES['userfile']['image_name']).
        " has been uploaded";
    } else{
        echo "There was an error uploading the file, please try again!";
    }
   
    $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));


    mysql_select_db($database_localhost, $localhost);
    $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

    $insertGoTo = "plants.php";
    if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
    exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
</html>[/code]

Share this post


Link to post
Share on other sites
Thanks for that, although it still returns that there are too few arguments in the sprintf function. Is this because there is no information being collected about the image size, path, name etc?

Thanks,
Steve

Share this post


Link to post
Share on other sites
[quote]image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description[/quote]
= 9 fields.

[quote]    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text")[/quote]
= 8 fields

value missing for path - needs to go after $fileImagesize.

Is it $uploaddir that you want in there?

Share this post


Link to post
Share on other sites
Yes, change to

[code]
  $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    $uploaddir,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));[/code]

Share this post


Link to post
Share on other sites
Thanks mate,

Giving me yet another error now, and this time i have absolutely zero idea what's causing it :(

The file has been uploadedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test'', ''test'', ''test'', ''test'', ''test'')' at line 1

Share this post


Link to post
Share on other sites
After that sprintf() call I posted above, add

echo $insertSQL ;

and post the output

Share this post


Link to post
Share on other sites
Right then, Here is the output....Hope i placed it in right place!

The file has been uploadedINSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('blush_delieux.jpg', 'image/pjpeg', '4006', '/plants/', ''test'', ''test'', ''test'', ''test'', ''test'')You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test'', ''test'', ''test'', ''test'', ''test'')' at line 1

Thatnks for that btw....didn't know about that little trick :)

Share this post


Link to post
Share on other sites
OK I see it.

Dreamweaver's GetSQLValueString() is already putting single quotes around text values, so the last 5 %s in the sprintf() don't need them.

Change to

[code]
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    $uploaddir,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));[/code]

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.