Jump to content

Archived

This topic is now archived and is closed to further replies.

Jurik

PHP code stoping!

Recommended Posts

Hi guys im having a problem with my code and was hoping you could help me out. Basicaly im writing a script that allows the user to set the anme of a movie, select what department it belongs to and finaly allowing the user to upload the file to a folder and add the file name plus extention to a database, the code below works fine but it does not upload the file nor add it to the database. If I have just the upload code it works, it just seems to be stopping short of the uploading code. Any advice? I've posted my code below

[quote]<?php
if (isset($_POST['submit'])) {
$VideoID = $_POST['VideoID'];
$Name = $_POST['Name'];
$submit = $_POST['submit'];
} else {
$VideoID = "";
$Name = "";
$submit = "";
}

$success = 0;


if ($submit == "Save" && $VideoID != NULL && $Name != NULL)
{
$sql = "INSERT INTO videos (VideoID,Name) VALUES ('" . $VideoID . "', '" . $Name . "')";

include "conn.inc.php";

$result = mysql_query($sql) or die (mysql_error ());

if(mysql_affected_rows() == 1)
{
print("New record has been added sucessfuly");
$success = 1;
}
else
{
print("I'm afraid an error has been detected, please check the information entered again. If the problem persists then contact IT support");
}
}
if($success != 1) {
?>
<form action="<?php print($_SERVER['PHP_SELF']); ?>" method="post" enctype="multipart/form-data">
  <div align="center">To add a video to your database enter the details below and click the Save button
    <center>
  </div>
  <p>&nbsp;</p>
<center>

<?php
        echo "Video Catergory : <select name=VideoID><option value='DB_ID'>--Select One--</option>";
        $DepartmentTableQuery = mysql_query ("select * from Departments");
        while ($DepartmentTableRow=mysql_fetch_array($DepartmentTableQuery)) {
        echo "<option value='".$DepartmentTableRow[ID]."'>".$DepartmentTableRow[Department]."</option>\n"; }
        echo "</select>";
?>

</center><br/>
<center>
  Name Of Video:
    <input name="Name" id="Name" type="text" value="<?php print($Name); ?>" /></center><br/>
<center>
<form enctype="multipart/form-data" action="uploader.php" method="POST">
<input type="hidden" id="Videofile" name="MAX_FILE_SIZE" value="100000" />
Choose the file to upload: <input name="uploadedfile" type="file" /><br/>
</center>
<br/>
<center><input name="submit" type="submit" value="Save" /></center>
</form>
<?php
}
?>
<p>&nbsp;</p>
<table width="100%"  border="0">
  <tr>
    <td class="adminwriting"><div align="center"><a href="user_personal.php">Admin Panel</a></div></td>
  </tr>
</table>[/quote]

Share this post


Link to post
Share on other sites
oh sorry I forgot it was in another .php file, heres the code

[quote]<?php


// Where the file is going to be placed
$target_path = "videos/";

/* Add the original filename to our target path. 
Result is "videos/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
$_FILES['uploadedfile']['tmp_name'];


$target_path = "videos/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}

?>[/quote]

Share this post


Link to post
Share on other sites
Edit: Ignore this; I type too slowly. Have you checked the permissions of the upload folder, and are you running in safe mode?
---------------
I looked for the part where you actually upload the file, but couldn't find it. You realize that you need to use [url=http://php.net/manual/en/function.move-uploaded-file.php]move_uploaded_file()[/url] to actually put the file anywhere on the server? Otherwise it stays in the temp directory and is deleted once the script is done.

As for the MySQL, I assume that conn.inc.php actually makes a connection rather than just containing a function that would do so. If it does, then I don't know what is going wrong with that. However, this command prints the last error message returned by mysql:

[code]echo mysql_error();[/code]

Share this post


Link to post
Share on other sites
Does the file upload? Just want to get an idea of where it is failing
Also although silly I will ask that your not using a windows server?

Share this post


Link to post
Share on other sites
Yes the file uploada if I get rid of everything else and just leave

[quote]<center>
  Name Of Video:
    <input name="Name" id="Name" type="text" value="<?php print($Name); ?>" /></center><br/>
<center>
<form enctype="multipart/form-data" action="uploader.php" method="POST">
<input type="hidden" id="Videofile" name="MAX_FILE_SIZE" value="100000" />
Choose the file to upload: <input name="uploadedfile" type="file" /><br/>
</center>
<br/>
<center><input name="submit" type="submit" value="Save" /></center>
</form>[/quote]

I am going to run the pages off a local server running EasyPHP, there is no need for it to run on an internet server, hope this helps

Share this post


Link to post
Share on other sites
im not familar with easy php im sorry to say. I know that when I work on apache my uplaod script works and when I use it on a windows server it doesn't.

I have put the code here. It will take the file name put it in a temporary folder and rename using a random number. It will also make sure that the image name doesn't have spaces etc. It will check the type of file and will only let image files be uploaded. There is a second part that i have not put here so that if the file is ok it will move it from the temp folder to the normal one.

This code does work I use it on a number of sites. It isn't pretty however, i have not cleaned it up and it is as i use it. Don't take to much notice of my comments in it as I don't always update these when I change bits. This should help you though.
[code]
<?php
$error_upload_form=FALSE;
if (isset($_FILES['userfile']['name']))
{
$amount=strlen($_FILES['userfile']['name']); 
}
else
{
$amount=0;
}

if ($amount>0)
{

$file=$_FILES['userfile'];

$pos = strrpos($file["name"], ".");
#echo 'pos is '.$pos;
$file['raw_name'] = substr($file["name"], 0, $pos);
$file["extention"] = substr($file["name"], $pos, strlen($file["name"]));
$file["raw_name"] = ereg_replace("[^a-z0-9._]", "", str_replace(" ", "_", str_replace("%20", "_", strtolower($file["raw_name"]))));
#echo 'the file type is '.$file['type'];
$type = explode("/", $file['type']);
#echo var_dump($file);
if ($type[0]=='image')
{
if ($file['error']==0)
{
$image_error=FALSE; 
}
else
{
$image_error=TRUE;
$image_error_code=$file['error'];
}
}
else
{
#echo 'the error has been activated';
$image_error=TRUE; 
if ($image_error_code==NULL)
{
$image_error_code=$file['error']; 
}


}

if ($image_error==FALSE)
{
$filetype=NULL;

switch($type[1])
{
case 'jpeg':
$filetype='.jpg';
break;
case 'gif':
$filetype='.gif';
break;
case 'pjpeg';
$filetype='.jpg';
case 'bmp';
$filetype='.bmp';
case 'png';
$filetype='.png';
case 'jpg';
$filetype='.jpg';


} // switch

// perhaps see if filetype = null so no match then produce an error with a different error code.
if ($filetype==NULL)
{
if ($image_error_code==NULL)
{
#echo 'error 8';
$image_error_code=8;   
}

$image_error=TRUE;   
}
#echo 'The file type is '.$filetype;
}
if ($image_error==FALSE)
{
$rand=rand(0,9999);
$finished_name=$file['raw_name'].'_'.$rand;
//check the image folder for
$check=file_exists('images/advert/'.$finished_name.$filetype);
if ($check==TRUE)
{
$image_error_code=9;
$image_error=TRUE;   
}
}

if ($image_error==FALSE)
{
$uploaddir = 'tmp/';
$uploadfile = $uploaddir . basename($finished_name.$filetype);

#echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
{
  #echo "File is valid, and was successfully uploaded.\n";
 
}
else
{
  #echo "Possible file upload attack!\n";
  $image_error=TRUE;
  $image_error_code=10;
}
}


//**************************************************************************
// if not error I will set a session varible pointing to the image.
// if it is an error this will not be present. We will also show up a form asking them to enter a pic if error and error message
// on next page if confirm then move image from temp to images and input all information from session to the database

#echo 'Here is some more debugging info:';
#print_r($_FILES);

#print "</pre>";
if ($image_error==TRUE)
{
switch($image_error_code)
{
case 1:
$error_message='The file you have uploaded is to large. Please upload a file of a smaller size.';
break;
case 2:
$error_message='The file you have uploaded is to large. Please upload a file of a smaller size.';
break;
case 3:
$error_message='The file that you uploaded only partially uploaded. Please try to upload this again.';
break;
case 4:
$error_message='No file has been uploaded. Please check and try again.';
break;
case 6:
$error_message='Please try to upload the file again. If this problem continues please contact us.';
break;
case 7:
$error_message='The file type that you have tried to upload is not an image. Please try again. Make sure that your file names end in either .jpg, .png, .gif, .bmp';
break;
case 8:
$error_message='The image file that you have uploaded is not of a type supported by the website. Please select another file that ends with either .jpg, .png, .bmp, .gif';
break;
case 9:
$error_message='Please try to upload the file again. If you get the same error message after you upload the file, please rename the file.';
break;
case 10:
$error_message='There has been an error in uploading your file. Please check the file and try again';
break;

} // switch
if (!isset($error_message))
{
$error_message='The file type that you have tried to upload is not an image. Please try again. Make sure that your file names end in either .jpg, .png, .gif, .bmp';   
}
$error_message='Error: '.$error_message;
$error_upload_form=TRUE;   
}
}
if ($error_upload_form==TRUE)
{

echo Heading('Place an Advert','Upload a photo of your material.',$TotalSteps,'3');
echo '<br>';
error_message($error_message);
echo '<br>';
echo '<form enctype="multipart/form-data" action="'.$place_page.'" name="formMemberRegistration4" id="formMemberRegistration4" method="post" onSubmit="return validateMemberRegistration4()">';
echo '<table width="770" align="center" cellspacing="0" cellpadding="0" border="0">
<tr>
<td>Upload your photo. If you have a photo of your material please click on the "browse" button below and then select the photo from you hard drive (256k Max file size). Once you have done this click on the "continue" button. Please note that if you do not have a photo just click on the "next" button.</td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td><input type="hidden" name="MAX_FILE_SIZE" value="'.FILE_UPLOAD_VALUE.'"></td>
</tr>
<tr>
<td align="center">&nbsp;<input name="userfile" size="60" type="file"></td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td align="right"><input type="submit" name="page4" value="Next &gt;"></td>
</tr>
</table>
</form>';
}
else
{
$show=TRUE;

//no error so this will be the confirm order section
#echo 'The finished name is '.$finished_name;
if ($show==TRUE)
{
if (isset($finished_name))
{
$_SESSION['image_name']=$finished_name;
$_SESSION['filetype']=$filetype;
}

if (isset($_SESSION['image_name']))
{
$size=getimagesize('tmp/'.$_SESSION['image_name'].$_SESSION['filetype']);


$pos1=strpos($size[3],'"');
$pos1=$pos1+1;
$pos2=strpos($size[3],'"',$pos1);
$poswidth=$pos2-$pos1;
$width=substr($size[3], $pos1, $poswidth);



$pos3=strpos($size[3],'"',$pos2+2);
$pos3=$pos3+1;
$pos4=strpos($size[3],'"',$pos3);
$poswidth=$pos4-$pos3;
$height=substr($size[3], $pos3, $poswidth);


#echo '<br>The height is '.$height.'<br>';
$image_size=display_image(510,360,$width,$height );
#echo '<pre>';
#echo var_dump($image_size);

#echo var_dump($size);
#echo '</pre>';
}
}
}

?>[/code]

MOD EDIT: Use code tags

Share this post


Link to post
Share on other sites
It looks like you are trying to illegally nest forms. You have a form which has action to call same page enclosing a form for the file data.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.