Jump to content

Help with PHP script please


Stevis2002

Recommended Posts

Hi all,

Please could somebody help me out with this script.

I want it to upload all the details into the db, and the image into a folder, storing the image name, size and path on server into db.

For some reason though, it doesn't upload the image, or store any of the image details in db, just the other details.

Here is the code...

[code]<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;   
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$target_path = "../plants/";

$target_path = $target_path . basename( $_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['userfile']['image_name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['userfile']['plant_name'];
$filePlanttype = $_POST['userfile']['plant_type'];
$filePlantmonth = $_POST['userfile']['planting_months'];
$fileBloomseason = $_POST['userfile']['blooming_season'];
$filePlantdesc = $_POST['userfile']['plant_description'];
}

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}


if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
  $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['plant_name'], "text"),
                       GetSQLValueString($_POST['plant_type'], "text"),
                       GetSQLValueString($_POST['planting_months'], "text"),
                       GetSQLValueString($_POST['blooming_season'], "text"),
                       GetSQLValueString($_POST['plant_description'], "text"));

  mysql_select_db($database_localhost, $localhost);
  $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

  $insertGoTo = "plants.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}


?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form action="<?php echo $editFormAction; ?>" method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
  <input type="hidden" name="MM_insert" value="upload">
</form>
<?php
mysql_free_result($Recordset1);
?>
[/code]

Thanks in advance all,
Steve
Link to comment
Share on other sites

[quote]
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
                      GetSQLValueString($_POST['plant_name'], "text"),
                      GetSQLValueString($_POST['plant_type'], "text"),
                      GetSQLValueString($_POST['planting_months'], "text"),
                      GetSQLValueString($_POST['blooming_season'], "text"),
                      GetSQLValueString($_POST['plant_description'], "text"));
[/quote]

The above insert statement has no mention of the uploaded file details
Link to comment
Share on other sites

[code]<?php
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));
?>[/code]
Link to comment
Share on other sites

Also,

These lines
[code]
$filePlantname = $_POST['userfile']['plant_name'];
$filePlanttype = $_POST['userfile']['plant_type'];
$filePlantmonth = $_POST['userfile']['planting_months'];
$fileBloomseason = $_POST['userfile']['blooming_season'];
$filePlantdesc = $_POST['userfile']['plant_description'];
[/code]

should be
[code]
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
[/code]

But as tou never refer to those variables you may as well remove the lines
Link to comment
Share on other sites

Many Thanks for the reply mate,

Now it seems that it isn't even showing the form, just comes up with the error, "There was an error uploading the file, please try again!Error uploading file"
Think i've got something in the wrong place now :(

Here is the code now...

[code]
<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;   
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
    echo "The file ".  basename( $_FILES['userfile']['image_name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
}

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}


if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));
}

  mysql_select_db($database_localhost, $localhost);
  $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

  $insertGoTo = "plants.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));

?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
<?php
mysql_free_result($Recordset1);
?>
[/code]

Thanks again,
Steve
Link to comment
Share on other sites

So it is mean't to be like this...

[code]
if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];
} ?>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
<?php
$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}


if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));
}

  mysql_select_db($database_localhost, $localhost);
  $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

  $insertGoTo = "plants.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));

?>
[/code]
Thanks again,
Steve
Link to comment
Share on other sites

That bit's fine. It's the code above that that gives the error because, until you submit the form there is no uploaded file.

So
[code]$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
    echo "The file ".  basename( $_FILES['userfile']['image_name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}[/code]

also needs to be inside that if() condition
Link to comment
Share on other sites

Ok, so i have now got my form back :) Yey....Thanks!!

But, it comes up with 'error uploading file', and nothing goes into the database, or the folder  ::)
Sorry for being a pain :)

Steve

[code]
<?php require_once('../../Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;   
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}


if(isset($_POST['upload']))
{
$fileImagename = $_FILES['userfile']['image_name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileImagesize = $_FILES['userfile']['image_size'];
$fileImagetype = $_FILES['userfile']['image_type'];
$filePlantname = $_POST['plant_name'];
$filePlanttype = $_POST['plant_type'];
$filePlantmonth = $_POST['planting_months'];
$fileBloomseason = $_POST['blooming_season'];
$filePlantdesc = $_POST['plant_description'];

$uploaddir = '/plants/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
    echo "The file ".  basename( $_FILES['userfile']['image_name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
</html>
<?php

$filePath = $uploadDir . $fileImagename;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}


if(!get_magic_quotes_gpc())
{
$fileImagename = addslashes($fileImagename);
$filePath = addslashes($filePath);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "upload")) {
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));
}

  mysql_select_db($database_localhost, $localhost);
  $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

  $insertGoTo = "plants.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));

?>

<?php
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT plant_name, plant_type, planting_months, blooming_season, plant_description FROM plants";
$Recordset1 = mysql_query($query_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>

<?php
mysql_free_result($Recordset1);
?>
[/code]
Link to comment
Share on other sites

try
[code]<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

      $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;   
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case "double":
          $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
          break;
        case "date":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;
        case "defined":
          $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
          break;
      }
      return $theValue;
    }
}


if(isset($_POST['upload']))
{
    $fileImagename = $_FILES['userfile']['name'];
    $fileImagesize = $_FILES['userfile']['size'];
    $fileImagetype = $_FILES['userfile']['type'];

    $uploaddir = '/plants/';
    $uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

    if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
        echo "The file ".  basename( $_FILES['userfile']['image_name']).
        " has been uploaded";
    } else{
        echo "There was an error uploading the file, please try again!";
    }
   
    $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));


    mysql_select_db($database_localhost, $localhost);
    $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

    $insertGoTo = "plants.php";
    if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
    exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
</html>[/code]
Link to comment
Share on other sites

Thanks for all the help mate!

Got a slight problem....The file has been uploadedUnknown column 'flower.jpg' in 'field list'......And still nothing gets uploaded, either into the folder, or the database.

[code]
<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

      $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;   
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case "double":
          $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
          break;
        case "date":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;
        case "defined":
          $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
          break;
      }
      return $theValue;
    }
}


if(isset($_POST['Submit']))
{
    $fileImagename = $_FILES['userfile']['name'];
    $fileImagesize = $_FILES['userfile']['size'];
    $fileImagetype = $_FILES['userfile']['type'];

    $uploaddir = '/plants/';
    $uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

    if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
        echo "The file ".  basename( $_FILES['userfile']['image_name']).
        " has been uploaded";
    } else{
        echo "There was an error uploading the file, please try again!";
    }
   
    $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
GetSQLValueString($_POST['path'], "text"),
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));


    mysql_select_db($database_localhost, $localhost);
    $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

    $insertGoTo = "plants.php";
    if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
    exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
</html>
[/code]

Sorry to be a pain,
Steve
Link to comment
Share on other sites

Ok, by changing [code]
$fileImagename = $_FILES['userfile']['name'];
    $fileImagesize = $_FILES['userfile']['size'];
    $fileImagetype = $_FILES['userfile']['type'];
[/code]
to
[code]
    $fileImagename = $_FILES['userfile']['image_name'];
    $fileImagesize = $_FILES['userfile']['image_size'];
    $fileImagetype = $_FILES['userfile']['image_type'];
[/code]
I got rid of the error, but now i have an sql error because i don't think it is storing the path, image_name, image_size, or image_type.

How can i change this?

The file has been uploadedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , NULL, 'info', 'info', 'info', 'info', 'info')' at line 1
Link to comment
Share on other sites

The FILES array has indexes name, type, size and not image_name etc, so those need changing back.

The problem was the sprintf() statement - all those %s need to be inside quotes otherwise, if SQL comes across a string value, like flower.jpg, ot assumes it is a column name whereas if it is 'flower.jpg' it assumes it is data.

try this
[code]<?php
require_once('../../Connections/localhost.php');

if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

      $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

      switch ($theType) {
        case "text":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;   
        case "long":
        case "int":
          $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          break;
        case "double":
          $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
          break;
        case "date":
          $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          break;
        case "defined":
          $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
          break;
      }
      return $theValue;
    }
}


if(isset($_POST['upload']))
{
    $fileImagename = $_FILES['userfile']['name'];
    $fileImagesize = $_FILES['userfile']['size'];
    $fileImagetype = $_FILES['userfile']['type'];

    $uploaddir = '/plants/';
    $uploadfile = $uploaddir . basename($_FILES['userfile']['image_name']);

    if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir)) {
        echo "The file ".  basename( $_FILES['userfile']['image_name']).
        " has been uploaded";
    } else{
        echo "There was an error uploading the file, please try again!";
    }
   
    $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));


    mysql_select_db($database_localhost, $localhost);
    $Result1 = mysql_query($insertSQL, $localhost) or die(mysql_error());

    $insertGoTo = "plants.php";
    if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
    exit;

}
?>
<html>
<link href="../../css/stylesheet.css" rel="stylesheet" type="text/css">
<form method="POST" enctype="multipart/form-data" name="upload" id="upload">
  <p align="center"><span class="bottomnav">Plant Name</span><br>
    <input name="plant_name" type="text" class="logintext" id="plant_name" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Plant Type </span><br>
    <input name="plant_type" type="text" class="logintext" id="plant_type" size="20" maxlength="50">
  </p>
  <p align="center"><span class="bottomnav">Planting Month(s)</span><br>
    <input name="planting_months" type="text" class="logintext" id="planting_months" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Blooming Season</span><br>
    <input name="blooming_season" type="text" class="logintext" id="blooming_season" size="20" maxlength="20">
</p>
  <p align="center"><span class="bottomnav">Plant Description</span><br>
    <textarea name="plant_description" cols="40" rows="6" class="logintext" id="plant_description"></textarea>
  </p>
  <p align="center"><span class="bottomnav">Image</span><br>
    <input name="userfile" type="file" class="loginbutton" id="userfile">
  </p>
  <p align="center">
    <input name="Submit" type="submit" class="loginbutton" value="Submit">
  </p>
 
</form>
</html>[/code]
Link to comment
Share on other sites

[quote]image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description[/quote]
= 9 fields.

[quote]    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text")[/quote]
= 8 fields

value missing for path - needs to go after $fileImagesize.

Is it $uploaddir that you want in there?

Link to comment
Share on other sites

Yes, change to

[code]
  $insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    $uploaddir,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));[/code]

Link to comment
Share on other sites

Thanks mate,

Giving me yet another error now, and this time i have absolutely zero idea what's causing it :(

The file has been uploadedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test'', ''test'', ''test'', ''test'', ''test'')' at line 1
Link to comment
Share on other sites

Right then, Here is the output....Hope i placed it in right place!

The file has been uploadedINSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('blush_delieux.jpg', 'image/pjpeg', '4006', '/plants/', ''test'', ''test'', ''test'', ''test'', ''test'')You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test'', ''test'', ''test'', ''test'', ''test'')' at line 1

Thatnks for that btw....didn't know about that little trick :)
Link to comment
Share on other sites

OK I see it.

Dreamweaver's GetSQLValueString() is already putting single quotes around text values, so the last 5 %s in the sprintf() don't need them.

Change to

[code]
$insertSQL = sprintf("INSERT INTO plants (image_name, image_type, image_size, path, plant_name, plant_type, planting_months, blooming_season, plant_description) VALUES ('%s', '%s', '%s', '%s', %s, %s, %s, %s, %s)",
    $fileImagename,
    $fileImagetype,
    $fileImagesize,
    $uploaddir,
    GetSQLValueString($_POST['plant_name'], "text"),
    GetSQLValueString($_POST['plant_type'], "text"),
    GetSQLValueString($_POST['planting_months'], "text"),
    GetSQLValueString($_POST['blooming_season'], "text"),
    GetSQLValueString($_POST['plant_description'], "text"));[/code]
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.