Jump to content


Photo

Another Newb Is Drowning - Suggestions?


  • Please log in to reply
3 replies to this topic

#1 counterbeing

counterbeing
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 29 September 2006 - 06:38 PM

Hi. I am relatively new to PHP. Thus far I have done a few small projects. I am currently working on one for uploading photoghaphs via POST, scaling them to size, and publishing them to a website. This tool is intended for potential clients to be able to update the photos section of their website themselves. If this is the right place, and nobody has any objections, I would like to post my project, as far as I am, and hear some suggestions to clean it up.
I currently have  a bit of a bug when I am adding an image. I have to refresh the page before it shows up. It would make sense that I placed something out of order... but I'm through editing the mysql before I have to recall it at all. I can't quite understand why it doesn't show up. Also when the database is empty it struggles and pops out errors.
I've been trying to keep it all on one page, which doesn't make it look very manageable, but it is. It connects to a mysql database to store information, such as ID (just a call number that will also be applied to the uploaded image), caption (allowing captions to be recalled later), and group (allowing images to be grouped and displayed by event or theme.
<?php
$uploadDir = getcwd()."/uploaded/";
//set up general info for re-use
$host = "localhost";
$user = "michaelp_admin";
$database = "michaelp_images";
$password = "••••••";
$link = mysql_connect( $host , $user , $password);
if (!$link) {
	die('Could not connect: ' . mysql_error());
}
mysql_select_db($database) or die( "Unable to select database");
//end select connect

$table = "images";

if($_GET["del"] !== null){
	unlink("$uploadDir$del.jpg");
	$delSQL = "DELETE FROM $table WHERE id=$del";
	mysql_query($delSQL);
}
$query = "SELECT * FROM $table";
$result1 = mysql_query($query);
$num = mysql_numrows($result1);
print "<h1>Num is the number of rows: $num<br>Result1 is: $result1</h1><br>";
$id = $num;
$file = $_FILES['userfile'];


// put file in its correct place
if($file['size'] > 0){
	if(! is_uploaded_file($file['tmp_name'])){
		die('File is not authentic.');
	}
$fileName = basename($file['name']);
$uploadFile = "$uploadDir$id.jpg";
if (move_uploaded_file($file['tmp_name'], $uploadFile)){
$insertSQL = "INSERT INTO `images` (`id`, `cap`, `group`) VALUES ('".$id."', '".$caption."' , '".$group."')";
$result = mysql_query($insertSQL);
echo "File: ". $fileName ." uploaded successfully.\n <br><br>";
$num++;
	}
}

//Display Data
if(0 < $num) {
$i=0;
while ($i< $num) {
$id=mysql_result($result1,$i,"id");
$caption=mysql_result($result1,$i,"cap");
$group=mysql_result($result1,$i,"group");
echo "<a href='./index.php?del=$id'>delete</a><br> id: $id<br>caption: $caption <br>group: $group<br>num: $num<br><hr>";
$i++;
}
}

//close that shiz
mysql_close($link);
?>
<br>

<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="index.php" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="300000" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <br> Caption: <input name="caption" type="text" maxlength="200" >
    <? echo '<input name="id" type="hidden" value="$id">'; ?>
    <input type="submit" value="Send File" />
</form>


Thanks a Bunch.
If I am posting this in the wrong place let me know and I"ll move it.

C.

#2 bholbrook

bholbrook
  • Members
  • PipPipPip
  • Advanced Member
  • 31 posts

Posted 29 September 2006 - 09:19 PM

You're running the query to read images from the db before you are saving it and uploading it

#3 Barand

Barand
  • Moderators
  • Sen . ( ile || sei )
  • 18,017 posts

Posted 29 September 2006 - 11:06 PM

Line 19
$delSQL = "DELETE FROM $table WHERE id=$del";

Either your running with "register_globals" ON - bad idea- or $del isn't defined.


Make the "id" field an auto_increment value instead of setting it to the number of records in the table.

Having uploaded and stored the file on the server, where do store a reference to that file so it can be retrieved?

Where is "$group" given a value before inserting it into table?
If you are still using mysql_ functions, STOP! Use mysqli_ or PDO. The longer you leave it the more you will have to rewrite.

Donations gratefully received






moon.png

|baaGrid| easy data tables - and more
|baaChart| easy line, column and pie charts

#4 counterbeing

counterbeing
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 30 September 2006 - 01:08 AM

Bholbrook: thank you very much... that helped. I obviously have some other things to work out but that was a huge stumbling block for me. I guess I didn't have a great understanding of the "select" statement.

Barand: register_globals is on. Unfortunately I don't have a choice on that, it's not my server. On the fortunate side; this is only to be used by the client, and will be protected by a .htaccess file. There's no real security risk for this client. As for the reference to the file, I am applying the $id variable to each jpg file that is uploaded (i have yet to limit it to just jpg files, but will do that too.) as the title. I then recall the file for display by constructing the file name of $id.jpg. The $group variable will be defined in a form that accesses a different table in my database, exclusively for groups (which are intended to be sort of like photo albums albums).


Thank you very much for the help. I always appreciate it.
C




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users