Newbie - needs help with reg form

hoponhiggo · April 15, 2011

Hi Guys

I am totally new to php and html and currently working on a project which is probably far to big for me!

For reference - i am using dreamweaver and phpmyadmin.

I have already created a regisration page and linked it to a database which works fine. But what i want to do now is to allow the user to upload a picture which will become the users profile picture and im really struggling.

I had two seperate peices of code..

The first peice is the usual registration code which sends the data to the database and the second allows a user to upload an image to a folder on my server - both work fine on their own.

What i THINK i need to do is try to merge the two peices of code and add an extra line somewhere which sends the file name and location to the users record on the database.

the code i have so far is:

<form action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1">
  <table align="center">
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Username:</td>
      <td><input type="text" name="username" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Password:</td>
      <td><input type="text" name="password" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">First Name:</td>
      <td><input type="text" name="fname" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Surname:</td>
      <td><input type="text" name="sname" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Email:</td>
      <td><input type="text" name="email" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
    <?php
//define a maxim size for the uploaded images in Kb
define ("MAX_SIZE","100"); 

//This function reads the extension of the file. It is used to determine if the file  is an image by checking the extension.
function getExtension($str) {
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
}

//This variable is used as a flag. The value is initialized with 0 (meaning no error  found)  
//and it will be changed to 1 if an errro occures.  
//If the error occures the file will not be uploaded.
$errors=0;
//checks if the form has been submitted
if(isset($_POST['Submit'])) 
{
	//reads the name of the file the user submitted for uploading
	$image=$_FILES['image']['name'];
	//if it is not empty
	if ($image) 
	{
	//get the original name of the file from the clients machine
		$filename = stripslashes($_FILES['image']['name']);
	//get the extension of the file in a lower case format
  		$extension = getExtension($filename);
		$extension = strtolower($extension);
	//if it is not a known extension, we will suppose it is an error and will not  upload the file,  
//otherwise we will do more tests
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) 
		{
	//print error message
			echo '<h1>Unknown extension!</h1>';
			$errors=1;
		}
		else
		{
//get the size of the image in bytes
//$_FILES['image']['tmp_name'] is the temporary filename of the file
//in which the uploaded file was stored on the server
$size=filesize($_FILES['image']['tmp_name']);

//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*1024)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}

//we will give an unique name, for example the time in unix time format
$image_name=time().'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="profpics/".$image_name;

//Writes the information to the database
mysql_query("INSERT INTO users (prof_pic)
VALUES ('$image_name')");

//we verify if the image has been uploaded, and print error instead
$copied = copy($_FILES['image']['tmp_name'], $newname);
if (!$copied) 
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}}}}

//If no errors registred, print the success message
if(isset($_POST['Submit']) && !$errors) 
{
	echo "<h1>File Uploaded Successfull! </h1>";
}

?>
      <td nowrap="nowrap" align="right">Picture:</td>
      <td>
            <input type="file" name="photo"></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right"> </td>
      <td><input name="Submit" type="submit" id="Submit" value="Submit" /></td>
    </tr>
  </table>
  <input type="hidden" name="MM_insert" value="form1" />
</form>

When a new user registers - the data is sent to the database but the image isnt uploaded or referenced in the DB

Can anybody please help...Sorry if this is all mddled up but im pretty confused at the minute

Thanks in advance

hoponhiggo · April 15, 2011

Just realised i missed this bit of... This is the code that sends the reg data

<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO users (username, password, fname, sname, email) VALUES (%s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['username'], "text"),
                       GetSQLValueString($_POST['password'], "text"),
                       GetSQLValueString($_POST['fname'], "text"),
                       GetSQLValueString($_POST['sname'], "text"),
                       GetSQLValueString($_POST['email'], "text"));

  mysql_select_db($database_pwnedbook, $pwnedbook);
  $Result1 = mysql_query($insertSQL, $pwnedbook) or die(mysql_error());

  $insertGoTo = "login.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}
?>

dcro2 · April 15, 2011

Notice the name of your file input:

<input type="file" name="photo">

Its name is photo, but you're using $_FILES['image']. They have to match.

$image=$_FILES['photo']['name'];

Also, I don't see the logic in this:

mysql_query("INSERT INTO users (prof_pic)
VALUES ('$image_name')");

This will insert a completely NEW row into the users table with JUST the prof_pic. You should be using UPDATE instead:

UPDATE users SET prof_pic = '$image_name' WHERE username = '$username'

Or something like that.

hoponhiggo · April 16, 2011

dcro2 - your an absoloute legend! Thank you very much. The two changes you suggested worked perfectly!

Thanks

hoponhiggo

hoponhiggo · April 19, 2011

Now this has been sorted, i need to echo the uploaded image of the logged in user on my home page.

To make this happen i am trying to use code like:

<?php
//to display image from source
$dir = "profpics/";

//opening directory
if ($opendir = opendir($dir))
{
//reading directory
while (($file = readdir($opendir)) !== FALSE)
{
	if ($file!="."&&$file!="..")
	echo "<img src = '$dir/$file' img width='88' img height='88'><br>";
}
}

?>

The problem with this code is that it displays all images in the directory and not the one that relates to the logged in user.

Im did try to add something along the lines of

Select * from prof_pics where userid=$_SESSION['MM_Username']

But as you can probably guess this hasnt worked.

Any suggestions?

dcro2 · April 19, 2011

Unless you changed some table fields around...

//to display image from source
$dir = "profpics";

$sql = "SELECT prof_pic FROM users WHERE username = '{$_SESSION['MM_Username']}'";
$res = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($res) == 0) die("Username not found in database.");

$row = mysql_fetch_array($res);
echo "<img src='$dir/{$row['prof_pic']}' width='88' height='88'><br>";

hoponhiggo · April 19, 2011

Cheers mate. Your a top guy!

I really need to get my head around this PHP. My SQL isnt to bad, but my PHP is terrible!

hoponhiggo · April 29, 2011

dcro2 - could you help me adapt this code even further??

Currently, i use it to display the profile picture of a logged in user. I would like to change it to display the profile picture of a user who left a message on a wall post system.

When a message is left, it is displayed on my home page.

The message, messageid and userid is stored in a message table. the userid and profile pic is stored in a users table.

Sign In

Newbie - needs help with reg form

Recommended Posts

hoponhiggo

Link to comment

Share on other sites

hoponhiggo

Link to comment

Share on other sites

dcro2

Link to comment

Share on other sites

hoponhiggo

Link to comment

Share on other sites

hoponhiggo

Link to comment

Share on other sites

dcro2

Link to comment

Share on other sites

hoponhiggo

Link to comment

Share on other sites

hoponhiggo

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information