Jump to content

Recommended Posts

Ok this is not making scene to me can any one help?

 

Ok the following code will not display the username it says undefine as it is right here?

$username = $_POST['username'];

$username = stripslashes($username);
$username = mysql_real_escape_string($username);

//Require approval from flash and handling from flash for files
$sql = mysql_query("SELECT avatar FROM accounts WHERE username = '$username'");
$rows = mysql_num_rows($sql);
if($rows > 0)
{
function cleanFileName($str)
{	

    $cleaner = array();
$cleaner[] = array('expression'=>"/[àáäãâª]/",'replace'=>"a");
$cleaner[] = array('expression'=>"/[èéêë]/",'replace'=>"e");
$cleaner[] = array('expression'=>"/[ìíîï]/",'replace'=>"i");
$cleaner[] = array('expression'=>"/[òóõôö]/",'replace'=>"o");
$cleaner[] = array('expression'=>"/[ùúûü]/",'replace'=>"u");
$cleaner[] = array('expression'=>"/[ñ]/",'replace'=>"n");
$cleaner[] = array('expression'=>"/[ç]/",'replace'=>"c");
$cleaner[] = array('expression'=>"/[ß]/",'replace'=>"ss");

$ext_point = strpos($str,".");

if ($ext_point===false) return false;

$ext = substr($str,$ext_point,strlen($str));
$str = substr($str,0,$ext_point); 
foreach($cleaner as $cv)
{ 	$str = preg_replace($cv["expression"],$cv["replace"],$str);

}
//if($rows > 0)
   // {
$fix = str_replace(" ","_",$str).$ext;
// OK RIGHT HERE IS WHERE IT SAYS UNDEFINED
 echo "&msgText=$username!\n"; <----------------------------------------------------------------------------------
//=======================================================================================
    $setavatar = mysql_query("UPDATE accounts SET avatar = 'http://wiistream.net/users/$username/images/$fix' WHERE username = '$username'");

return str_replace(" ","_",$str).$ext;
}
// BUT IF I PUT IT HERE IT IS NOT UNDEFINED AND IT DISPLAYS THE USERNAME
//echo "&msgText=$username!\n"; 
//BUT IT NEEDS TO BE UP THERE BECASUE IS YOU SEE THE UPDATE SQL THE USER NAME NEEDS TO BE DEFINED AS TO UPLOAD INTO THE CORRECT FOLDER.
//  $setavatar = mysql_query("UPDATE accounts SET avatar = 'http://wiistream.net/users/$username/images/$fix' WHERE username = '$username'");
//
}

 

Link to comment
https://forums.phpfreaks.com/topic/215441-any-one-know-why-this-is-undefined/
Share on other sites

It's a scope issue.  Your function cannot see $username since it's defined outside of your function.  You need to pass it into your function.

 

You also seem to be having a problem understanding the difference between defining a function and invoking/executing a function.  Your function definitions shouldn't be placed within control structures (if/else conditionals, loops, etc.).  You need to define it separately from where you want to run it.

 

In other words, your function code only defines how the function should work.  It doesn't actually execute it.  And, again, since $username is defined elsewhere, your function cannot 'see' it.

 

add

global $username;

 

right after the function. (The function does not know to include the var when executing)

 

NO.  Do NOT use 'global' for this.  It's a crutch that leads to bad design and major problems with code maintainability.  Learn to write good code.

Im not really understanding global where can you show me a example?

 

Here is the whole thing

<?php
include "../php/connect.php";



if(@!empty($_FILES))
{	//sanitize filename
$_FILES['Filedata']['supplied_name'] = $_FILES['Filedata']['name'];
$_FILES['Filedata']['name'] = cleanFileName(utf8_decode($_FILES['Filedata']['name']));
if($fp = fopen("log.txt","a+"))
{	$contents = fwrite($fp, "===================================================\r\n");
	$contents = fwrite($fp, "$ _FILES['filedata']: \r\n");
	$contents = fwrite($fp, "FILES: ".print_r($_FILES['Filedata'],true));
	$contents = fwrite($fp, "$ _GET: \r\n");
	$contents = fwrite($fp, "PROPERTIES: ".print_r($_GET,true));
	fclose($fp);
}

if(@isset($_GET['d']))	//simple flag to spoof attemptive hacks (unreliable)
{	$_SESSION['movedfileprops'] = array();
	$_SESSION['movedfileprops']['type'] = $_GET['type'];
	$_SESSION['movedfileprops']['name'] = $_GET['name'];
	$_SESSION['movedfileprops']['size'] = $_GET['size'];
	$_SESSION['movedfileprops']['dir'] = $_GET['dir'];
	$_SESSION['movedfileprops']['a'] = $_GET['a'];
	$_SESSION['movedfileprops']['ft']   = explode(",",$_GET['ft']);
	$_SESSION['movedfileprops']['allowed'] = (in_array(LTRIM(strtolower($_SESSION['movedfileprops']['type']),"."),$_SESSION['movedfileprops']['ft']) ? "yes" : ($_GET['a'] == true ? "yes" : "no"));

	if($fp = fopen("log.txt","a+"))
	{	$contents = fwrite($fp, "$ _SESSION['movedfileprops']: \r\n");
		$contents = fwrite($fp, "SESSION: ".print_r($_SESSION['movedfileprops'],true));
		fclose($fp);
	}
	if($_SESSION['movedfileprops']['allowed'] == "yes")
	{	$filepath = getcwd()."/".$_GET['dir']."/";
		if(!file_exists($filepath)) mkdir($filepath,0777);
		chmod($filepath,0777);

		if(move_uploaded_file($_FILES['Filedata']['tmp_name'], $filepath . $_FILES['Filedata']['name'])) chmod($filepath.$_FILES['Filedata']['name'], 0777);
	}
	if($fp = fopen("log.txt","a+"))
	{	if(file_exists($filepath . $_FILES['Filedata']['name'])){ $contents = fwrite($fp, "Upload Success: ".$filepath.$_FILES['Filedata']['name']." \r\n"); }
		else { $contents = fwrite($fp, "Could not upload to: ".$filepath.$_FILES['Filedata']['name']." and I don't know why."); }
		fclose($fp);
	}
}

}
$username = $_POST['username'];

$username = stripslashes($username);
$username = mysql_real_escape_string($username);
$sql = mysql_query("SELECT avatar FROM accounts WHERE username = '$username'");
$rows = mysql_num_rows($sql);
if($rows > 0)
{
function cleanFileName($str)
{	

    $cleaner = array();
$cleaner[] = array('expression'=>"/[àáäãâª]/",'replace'=>"a");
$cleaner[] = array('expression'=>"/[èéêë]/",'replace'=>"e");
$cleaner[] = array('expression'=>"/[ìíîï]/",'replace'=>"i");
$cleaner[] = array('expression'=>"/[òóõôö]/",'replace'=>"o");
$cleaner[] = array('expression'=>"/[ùúûü]/",'replace'=>"u");
$cleaner[] = array('expression'=>"/[ñ]/",'replace'=>"n");
$cleaner[] = array('expression'=>"/[ç]/",'replace'=>"c");
$cleaner[] = array('expression'=>"/[ß]/",'replace'=>"ss");

$ext_point = strpos($str,".");

if ($ext_point===false) return false;

$ext = substr($str,$ext_point,strlen($str));
$str = substr($str,0,$ext_point); 
foreach($cleaner as $cv)
{ 	$str = preg_replace($cv["expression"],$cv["replace"],$str);

}


//Require approval from flash and handling from flash for files

$fix = str_replace(" ","_",$str).$ext;

 echo "&msgText=$username!\n";  <--------------------------- THIS UNDEFINED                      
    $setavatar = mysql_query("UPDATE accounts SET avatar = 'http://wiistream.net/users/$username/images/$fix' WHERE username = '$username'"); <-- ALL THIS IS UNDEFINED


return str_replace(" ","_",$str).$ext;

}
/// BUT IF THE USERNAME WAS HERE ITS DEFINED AS USERNAME WHATS THE FIX?
    
}


?>

 

I need these $usernames defined can some one show me a example how i can get it to work

 

Try this... you had username being echoed, and your query being run from inside the function... but you're not doing anything with them inside the function. :)

 

<?php
include "../php/connect.php";



if(@!empty($_FILES))
{	//sanitize filename
$_FILES['Filedata']['supplied_name'] = $_FILES['Filedata']['name'];
$_FILES['Filedata']['name'] = cleanFileName(utf8_decode($_FILES['Filedata']['name']));
if($fp = fopen("log.txt","a+"))
{	$contents = fwrite($fp, "===================================================\r\n");
	$contents = fwrite($fp, "$ _FILES['filedata']: \r\n");
	$contents = fwrite($fp, "FILES: ".print_r($_FILES['Filedata'],true));
	$contents = fwrite($fp, "$ _GET: \r\n");
	$contents = fwrite($fp, "PROPERTIES: ".print_r($_GET,true));
	fclose($fp);
}

if(@isset($_GET['d']))	//simple flag to spoof attemptive hacks (unreliable)
{	$_SESSION['movedfileprops'] = array();
	$_SESSION['movedfileprops']['type'] = $_GET['type'];
	$_SESSION['movedfileprops']['name'] = $_GET['name'];
	$_SESSION['movedfileprops']['size'] = $_GET['size'];
	$_SESSION['movedfileprops']['dir'] = $_GET['dir'];
	$_SESSION['movedfileprops']['a'] = $_GET['a'];
	$_SESSION['movedfileprops']['ft']   = explode(",",$_GET['ft']);
	$_SESSION['movedfileprops']['allowed'] = (in_array(LTRIM(strtolower($_SESSION['movedfileprops']['type']),"."),$_SESSION['movedfileprops']['ft']) ? "yes" : ($_GET['a'] == true ? "yes" : "no"));

	if($fp = fopen("log.txt","a+"))
	{	$contents = fwrite($fp, "$ _SESSION['movedfileprops']: \r\n");
		$contents = fwrite($fp, "SESSION: ".print_r($_SESSION['movedfileprops'],true));
		fclose($fp);
	}
	if($_SESSION['movedfileprops']['allowed'] == "yes")
	{	$filepath = getcwd()."/".$_GET['dir']."/";
		if(!file_exists($filepath)) mkdir($filepath,0777);
		chmod($filepath,0777);

		if(move_uploaded_file($_FILES['Filedata']['tmp_name'], $filepath . $_FILES['Filedata']['name'])) chmod($filepath.$_FILES['Filedata']['name'], 0777);
	}
	if($fp = fopen("log.txt","a+"))
	{	if(file_exists($filepath . $_FILES['Filedata']['name'])){ $contents = fwrite($fp, "Upload Success: ".$filepath.$_FILES['Filedata']['name']." \r\n"); }
		else { $contents = fwrite($fp, "Could not upload to: ".$filepath.$_FILES['Filedata']['name']." and I don't know why."); }
		fclose($fp);
	}
}

}
$username = $_POST['username'];

$username = stripslashes($username);
$username = mysql_real_escape_string($username);
$sql = mysql_query("SELECT avatar FROM accounts WHERE username = '$username'");
$rows = mysql_num_rows($sql);
if($rows > 0)
{
function cleanFileName($str)
{	

    $cleaner = array();
$cleaner[] = array('expression'=>"/[àáäãâª]/",'replace'=>"a");
$cleaner[] = array('expression'=>"/[èéêë]/",'replace'=>"e");
$cleaner[] = array('expression'=>"/[ìíîï]/",'replace'=>"i");
$cleaner[] = array('expression'=>"/[òóõôö]/",'replace'=>"o");
$cleaner[] = array('expression'=>"/[ùúûü]/",'replace'=>"u");
$cleaner[] = array('expression'=>"/[ñ]/",'replace'=>"n");
$cleaner[] = array('expression'=>"/[ç]/",'replace'=>"c");
$cleaner[] = array('expression'=>"/[ß]/",'replace'=>"ss");

$ext_point = strpos($str,".");

if ($ext_point===false) return false;

$ext = substr($str,$ext_point,strlen($str));
$str = substr($str,0,$ext_point); 
foreach($cleaner as $cv)
{ 	$str = preg_replace($cv["expression"],$cv["replace"],$str);

}


//Require approval from flash and handling from flash for files

$fix = str_replace(" ","_",$str).$ext;

return str_replace(" ","_",$str).$ext;

}
/// BUT IF THE USERNAME WAS HERE ITS DEFINED AS USERNAME WHATS THE FIX?

echo "&msgText=$username!\n";
$setavatar = mysql_query("UPDATE accounts SET avatar = 'http://wiistream.net/users/$username/images/$fix' WHERE username = '$username'");
    
}


?>

man i been working on this for 15 hours and im at the end every thing works but this one last thing.

I can upload a image to my personal folder on the server.

I can update where username is if username is set

But its not working yet.

 

I dont need to worry about the images being name wrong for website it adds the correct _ when a space is involded.

This is upsetting. Im giving up for today 14 hours is to long to have the same problem.

 

if any one can solve this your the shit,, as for me im very sick of trying to solve it.

Try this

 

<?php
include "../php/connect.php";



if(@!empty($_FILES))
{	//sanitize filename
$_FILES['Filedata']['supplied_name'] = $_FILES['Filedata']['name'];
$_FILES['Filedata']['name'] = cleanFileName(utf8_decode($_FILES['Filedata']['name']));
if($fp = fopen("log.txt","a+"))
{	$contents = fwrite($fp, "===================================================\r\n");
	$contents = fwrite($fp, "$ _FILES['filedata']: \r\n");
	$contents = fwrite($fp, "FILES: ".print_r($_FILES['Filedata'],true));
	$contents = fwrite($fp, "$ _GET: \r\n");
	$contents = fwrite($fp, "PROPERTIES: ".print_r($_GET,true));
	fclose($fp);
}

if(@isset($_GET['d']))	//simple flag to spoof attemptive hacks (unreliable)
{	$_SESSION['movedfileprops'] = array();
	$_SESSION['movedfileprops']['type'] = $_GET['type'];
	$_SESSION['movedfileprops']['name'] = $_GET['name'];
	$_SESSION['movedfileprops']['size'] = $_GET['size'];
	$_SESSION['movedfileprops']['dir'] = $_GET['dir'];
	$_SESSION['movedfileprops']['a'] = $_GET['a'];
	$_SESSION['movedfileprops']['ft']   = explode(",",$_GET['ft']);
	$_SESSION['movedfileprops']['allowed'] = (in_array(LTRIM(strtolower($_SESSION['movedfileprops']['type']),"."),$_SESSION['movedfileprops']['ft']) ? "yes" : ($_GET['a'] == true ? "yes" : "no"));

	if($fp = fopen("log.txt","a+"))
	{	$contents = fwrite($fp, "$ _SESSION['movedfileprops']: \r\n");
		$contents = fwrite($fp, "SESSION: ".print_r($_SESSION['movedfileprops'],true));
		fclose($fp);
	}
	if($_SESSION['movedfileprops']['allowed'] == "yes")
	{	$filepath = getcwd()."/".$_GET['dir']."/";
		if(!file_exists($filepath)) mkdir($filepath,0777);
		chmod($filepath,0777);

		if(move_uploaded_file($_FILES['Filedata']['tmp_name'], $filepath . $_FILES['Filedata']['name'])) chmod($filepath.$_FILES['Filedata']['name'], 0777);
	}
	if($fp = fopen("log.txt","a+"))
	{	if(file_exists($filepath . $_FILES['Filedata']['name'])){ $contents = fwrite($fp, "Upload Success: ".$filepath.$_FILES['Filedata']['name']." \r\n"); }
		else { $contents = fwrite($fp, "Could not upload to: ".$filepath.$_FILES['Filedata']['name']." and I don't know why."); }
		fclose($fp);
	}
}

}
$username = $_POST['username'];

$username = stripslashes($username);
$username = mysql_real_escape_string($username);
$sql = mysql_query("SELECT avatar FROM accounts WHERE username = '$username'");
$rows = mysql_num_rows($sql);
if($rows > 0)
{
function cleanFileName($str)
{	

    $cleaner = array();
$cleaner[] = array('expression'=>"/[àáäãâª]/",'replace'=>"a");
$cleaner[] = array('expression'=>"/[èéêë]/",'replace'=>"e");
$cleaner[] = array('expression'=>"/[ìíîï]/",'replace'=>"i");
$cleaner[] = array('expression'=>"/[òóõôö]/",'replace'=>"o");
$cleaner[] = array('expression'=>"/[ùúûü]/",'replace'=>"u");
$cleaner[] = array('expression'=>"/[ñ]/",'replace'=>"n");
$cleaner[] = array('expression'=>"/[ç]/",'replace'=>"c");
$cleaner[] = array('expression'=>"/[ß]/",'replace'=>"ss");

$ext_point = strpos($str,".");

if ($ext_point===false) return false;

$ext = substr($str,$ext_point,strlen($str));
$str = substr($str,0,$ext_point); 
foreach($cleaner as $cv)
{ 	$str = preg_replace($cv["expression"],$cv["replace"],$str);

}


//Require approval from flash and handling from flash for files

$fix = str_replace(" ","_",$str).$ext;
$setavatar = mysql_query("UPDATE accounts SET avatar = 'http://wiistream.net/users/$username/images/$fix' WHERE username = '$username'");

return $fix;

}

echo "&msgText=$username!\n";
    
}


?>

Looking over your code, I think you need to take a step back and think about your design.  There's some repeated code here.  Also, the fact that you place a function definition within a conditional shows a lot of confusion.  Good code reads well.  A lot of this is gibberish.

 

Take a look at your function - it does too much.  You're trying to both fix a filename and do some database work with it.  You're also assuming that the function will automatically know the context in which it was invoked, which is simply not true.

 

I've done a bit to help your overall structure.  More can, and should, be done.  Also, read my comments.  Finally, do your best to do things right.  I get the feeling you're trying to rush, and you're learning bad habits because of it.  Structure, clarity, no repeated code... these are what you should strive for.  Getting proper output does not mean you're writing good code.

 

<?php
    include "../php/connect.php";
    
    /* cleanFilename
    *  @params:
    *  $str - string, filename to be cleaned
    *  $username - string, username for the avatar
    *
    *  @return value:
    *  string, cleaned filename
    */
    
    // function tries to do too much.  It shouldn't both clean a file name AND set an avatar
    function cleanFileName($str, $username)
    {
        $cleaner = array();
        $cleaner[] = array('expression'=>"/[àáäãâª]/",'replace'=>"a");
        $cleaner[] = array('expression'=>"/[èéêë]/",'replace'=>"e");
        $cleaner[] = array('expression'=>"/[ìíîï]/",'replace'=>"i");
        $cleaner[] = array('expression'=>"/[òóõôö]/",'replace'=>"o");
        $cleaner[] = array('expression'=>"/[ùúûü]/",'replace'=>"u");
        $cleaner[] = array('expression'=>"/[ñ]/",'replace'=>"n");
        $cleaner[] = array('expression'=>"/[ç]/",'replace'=>"c");
        $cleaner[] = array('expression'=>"/[ß]/",'replace'=>"ss");
        $ext_point = strpos($str,".");
    
        if ($ext_point===false) return false;
    
        $ext = substr($str,$ext_point,strlen($str));
        $str = substr($str,0,$ext_point); 

        foreach($cleaner as $cv)
        { 
            $str = preg_replace($cv["expression"], $cv["replace"],$str);
        }
    
        //Require approval from flash and handling from flash for files
        $fix = str_replace(" ","_",$str).$ext;
        $setavatar = mysql_query("UPDATE accounts SET avatar = 'http://wiistream.net/users/$username/images/$fix' WHERE username = '$username'");
        return $fix;
    }

    if(!empty($_FILES))
    {
        //sanitize filename
        $_FILES['Filedata']['supplied_name'] = $_FILES['Filedata']['name'];
        $_FILES['Filedata']['name'] = cleanFileName(utf8_decode($_FILES['Filedata']['name']), $username); // $username doesn't exist yet
        
        if($fp = fopen("log.txt","a+"))
        {
            $contents = fwrite($fp, "===================================================\r\n");
            $contents = fwrite($fp, "$ _FILES['filedata']: \r\n");
            $contents = fwrite($fp, "FILES: ".print_r($_FILES['Filedata'],true));
            $contents = fwrite($fp, "$ _GET: \r\n");
            $contents = fwrite($fp, "PROPERTIES: ".print_r($_GET,true));
            fclose($fp);
        }
        
        if(isset($_GET['d'])) // note how I removed the '@' - don't squelch errors.  Test for them, and write your code appropriately
        {
            $_SESSION['movedfileprops'] = array();
            $_SESSION['movedfileprops']['type'] = $_GET['type'];
            $_SESSION['movedfileprops']['name'] = $_GET['name'];
            $_SESSION['movedfileprops']['size'] = $_GET['size'];
            $_SESSION['movedfileprops']['dir'] = $_GET['dir'];
            $_SESSION['movedfileprops']['a'] = $_GET['a'];
            $_SESSION['movedfileprops']['ft'] = explode(",",$_GET['ft']);
            $_SESSION['movedfileprops']['allowed'] = (in_array(LTRIM(strtolower($_SESSION['movedfileprops']['type']),"."), $_SESSION['movedfileprops']['ft']) ? "yes" : ($_GET['a'] == true ? "yes" : "no"));
            
            if($fp = fopen("log.txt","a+")) 
            {
                $contents = fwrite($fp, "$ _SESSION['movedfileprops']: \r\n");
                $contents = fwrite($fp, "SESSION: ".print_r($_SESSION['movedfileprops'],true));
                fclose($fp);
            }
            
            if($_SESSION['movedfileprops']['allowed'] == "yes")
            {
                $filepath = getcwd()."/".$_GET['dir']."/";
                
                if(!file_exists($filepath)) mkdir($filepath,0777);
                
                chmod($filepath,0777);
                
                if(move_uploaded_file($_FILES['Filedata']['tmp_name'], $filepath . $_FILES['Filedata']['name'])) chmod($filepath.$_FILES['Filedata']['name'], 0777);
            }
            
            if($fp = fopen("log.txt","a+")) // repeated conditional.  Consolidate your code
            {
                if(file_exists($filepath . $_FILES['Filedata']['name'])){ $contents = fwrite($fp, "Upload Success: ".$filepath.$_FILES['Filedata']['name']." \r\n"); }
                else { $contents = fwrite($fp, "Could not upload to: ".$filepath.$_FILES['Filedata']['name']." and I don't know why."); }
                fclose($fp);
            }
        }
    }

    $username = $_POST['username'];
    $username = stripslashes($username);
    $username = mysql_real_escape_string($username);
    
    $sql = mysql_query("SELECT avatar FROM accounts WHERE username = '$username'");
    $rows = mysql_num_rows($sql);
    
    if($rows > 0)
    {
        // why were you trying to write your function definition here?
        echo "&msgText=$username!\n";
    }
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.