Jump to content

multiple image ulpoad problem

haris244808

By haris244808
in PHP Coding Help

 Share

Recommended Posts

haris244808 Member

haris244808

Posted
Posted

im trying to upload multiple images to a sppecified directory and the image  names in db.

I am not getting any error, but pictures doesnt move to the specified directory also the name of the picture in the db is not appearing..>

any help will be greatfull ..

THNX

 

 

Here is the function that im using for upload:

 


public function placeGallery_upload($placeGalleryPhoto){
		  
	foreach($placeGalleryPhoto['tmp_name'] as $key => $tmp_name){	  

		// Perform error checking on the form parameters
		if(!$tmp_name || empty($tmp_name) || !is_array($tmp_name)){
		  // error: nothing uploaded or wrong argument usage
		  $this->errors[] = "No file was uploaded.";
		  return false;
			}
		elseif($tmp_name['error'] != 0){
		  // error: placeGalleryPhoto what PHP says went wrong
		  $this->errors[] = $this->file_errors[$tmp_name['error']];
		  return false;
			}
		else{
		  // Set object attributes to the form parameters.
		  $this->placeGallery_temp_path  = $tmp_name['tmp_name'];
		  $this->extension  = strtolower(strrchr($tmp_name['name'], '.'));
		  $today = getdate();
		  $filename = $_SESSION['random']."-".$today;
		  $this->placeGallery_photo_name = $filename . $this->extension . "[".$key."]" ;
		  
		  // Can't save without filename and temp location
		  if(empty($this->placeGallery_photo_name) || empty($this->placeGallery_temp_path)){
		   $this->errors[] = "The file location was not available.";
		   return false;
		   }	
		   
		 // Check file extension
		 if(!in_array($extension, $this->valid_extensions)){
			$this->errors[] = "File format is invalid. Can only be png, gif, jpeg and jpg";
			return false;
			} 
		   
		 //target directory + picture name
		 $placeGallery_UploadDir = $this->placeGallery_Dir . $this->placeGallery_photo_name;		

		 //thumbs directory + picture name 
		 $placeGallery_UploadThumbDir= $this->placeGallery_thumbsDir . $this->placeGallery_photo_name;

		 // Make sure a file doesn't already exist in the target location
		 if(file_exists($placeGallery_UploadDir) || file_exists($placeGallery_UploadThumbDir)){
		   $this->errors[] = "The file: ".$this->placeGallery_photo_name." already exists.";
		   return false;
		   } 

			// Move file into the directory. Insert picture name and other values to the database 
			if(move_uploaded_file($this->placeGallery_temp_path, $placeGallery_UploadDir)){
				if(copy($placeGallery_UploadDir, $placeGallery_UploadThumbDir)){
					if($this->placeGallery_create()) {
						// We are done with pg_temp_path, the file isn't there anymore
						unset($this->pg_temp_path);
						return true;
					}
				else{
					$this->error[] = "Could not copy picture.";
					return false;
					}	
				}
			else{
				$this->error[] = "Could not upload picture.Check read/write permissions on directory";
				return false;
				}	
			}			  
		  return true;
		}
	}//end of foreach loop
}//end of placeGallery_upload function

 

And here is the code where im getting the values from:

if(isset($_POST['populatePlaceGallery'])){
//trim() removes whitespaces and other predefined characters from both sides of a string.
$placeGallery->p_id = trim($_POST['place']);
if($placeGallery->placeGallery_upload($_FILES['pg_photo_name'])){//success

	}
else{//failure
	//The join() function returns a string from the elements of an array.
	$message = join("<br />", $placeGallery->errors);
	}	
}

Link to comment
Share on other sites
haris244808 Member

haris244808

Posted
  • Author
Posted

copy from what i have read takes too long to execute. you are better off using move_uploaded_file but i hear the fastest way is by using CURL.

 

 

Using CURL to upload images

 

im not familiar with CURL() .

i saw it a little, it looked hard to me...

 

I need to modify this function (that i posted) to validate and upload multiple images only... I cannot figure it out...

if someone can help me pls do so...

 

btw: thnx  darkfreaks

Link to comment
Share on other sites
Christian F. Member

Christian F.

Posted
Posted

I wouldn't use that thread for anything but a loose reference, to be honest. It doesn't handle errors or any kind of security, and thus it's very brittle and open for attackers. Also, from what I could see of your code it should be working, bar from one issue:

if(!in_array($extension, $this->valid_extensions)){

 

That's the first occurrence of the $extension variable, something you'd been told if you had error reporting turned on.

 

PS: You really should reconsider your naming-convention for the variables and function, especially if your class is named "PlaceGallery". Having names such as PlaceGallery::placeGalleryUpload ()::placeGallery_Photo_Name is not only wasteful, but it also makes the code harder to read. It would be much better to just have PlaceGallery::Upload ()::Photo_Name.

After all, the less code/text you have, the less chances of there being something wrong. ;)

Link to comment
Share on other sites
haris244808 Member

haris244808

Posted
  • Author
Posted

I wouldn't use that thread for anything but a loose reference, to be honest. It doesn't handle errors or any kind of security, and thus it's very brittle and open for attackers. Also, from what I could see of your code it should be working, bar from one issue:

if(!in_array($extension, $this->valid_extensions)){

 

That's the first occurrence of the $extension variable, something you'd been told if you had error reporting turned on.

 

PS: You really should reconsider your naming-convention for the variables and function, especially if your class is named "PlaceGallery". Having names such as PlaceGallery::placeGalleryUpload ()::placeGallery_Photo_Name is not only wasteful, but it also makes the code harder to read. It would be much better to just have PlaceGallery::Upload ()::Photo_Name.

After all, the less code/text you have, the less chances of there being something wrong. ;)

 

 

thank u man for Naming Convention. It really helps>>

 

about the 

if(!in_array($extension, $this->valid_extensions))

 

i have an array $valid extensions which holds the extentions allowed for upload... I thought checking this way itll be good for security (as i see im wrong). So How can i manage this validation to prevent from any attack ??

Link to comment
Share on other sites
haris244808 Member

haris244808

Posted
  • Author
Posted

i changed also my code trying with for loop...

it uploads now only the last picture....

 

here is the code:

<?php

require_once('../includes/sql_connection.class.php');

require_once('includes/functions.php');

class PlaceGallery{
protected $db_table = "placegallery";
public $id;
public $photo_name; //place gallery picture name
public $place_id; //place_id of placedetails got from selectbox

public $max_photo_size = 1048576; // 1MB 
public $max_files = 5; //max files allowed to select at once
private $temp_path; //Server hold here the file before moving to its directory.
public $dir = "../images/places/";
public $thumbsDir = "../images/places/thumbs/";
public $extension;//extension of place_main_photo_name
public $valid_extensions = array('.png', '.gif', '.jpg', '.jpeg');
public $errors = array(); //all error messages are stored here for display

protected $file_errors = array(
  // http://www.php.net/manual/en/features.file-upload.errors.php
  UPLOAD_ERR_OK 		=> "No errors.",
  UPLOAD_ERR_INI_SIZE  	=> "Larger than upload_max_filesize.",
  UPLOAD_ERR_FORM_SIZE 	=> "Picture is too Large. (Max = 1MB)",
  UPLOAD_ERR_PARTIAL 	=> "Partial upload.",
  UPLOAD_ERR_NO_FILE 	=> "No File. Please insert a Picture",
  UPLOAD_ERR_NO_TMP_DIR => "No temporary directory.",
  UPLOAD_ERR_CANT_WRITE => "Can't write to disk.",
  UPLOAD_ERR_EXTENSION 	=> "File upload stopped by extension."
);


  	public function placeGallery_upload($placeGalleryPhoto){	  

	for ($i = 0; $i < count($placeGalleryPhoto['name']); $i++) {
		// Perform error checking on the form parameters
		if($placeGalleryPhoto['name'][$i] == ""){
		  // error: nothing uploaded or wrong argument usage
		  $this->errors[] = "No file was uploaded.";
		  return false;
			}
			elseif($placeGalleryPhoto['error'][$i] != 0){
			  // error: placeGalleryPhoto what PHP says went wrong
			  $this->errors[] = $this->file_errors[$placeGalleryPhoto['error'][$i]];
			  return false;
			}
		else{
		  // Set object attributes to the form parameters.
		  $this->temp_path  = $placeGalleryPhoto['tmp_name'][$i];
		  $this->photo_name = $placeGalleryPhoto['name'][$i];
		  
		  // Can't save without filename and temp location
		  if(empty($this->photo_name) || empty($this->temp_path)){
		   $this->errors[] = "The file location was not available.";
		   return false;
		   }	
		   
		   
		 //target directory + picture name
		 $uploadDir = $this->dir . $this->photo_name;		

		 //thumbs directory + picture name 
		 $uploadThumbDir = $this->thumbsDir .$this->photo_name;

		 // Make sure a file doesn't already exist in the target location
		 if(file_exists($uploadDir) || file_exists($uploadThumbDir)){
		   $this->errors[] = "The file: ".$this->photo_name." already exists.";
		   return false;
		   } 

			// Move file into the directory. Insert picture name and other values to the database 
			if(move_uploaded_file($this->temp_path, $uploadDir)){
				if(copy($uploadDir, $uploadThumbDir)){
					if($this->create()) {
						// We are done with temp_path, the file isn't there anymore
						unset($this->temp_path);
						return true;
					}
				else{
					$this->error[] = "Could not copy picture.";
					return false;
					}	
				}
			else{
				$this->error[] = "Could not upload picture.Check read/write permissions on directory";
				return false;
				}	
			}			  
		  return true;
		}
	}//end for loop
}//end of upload function

	public function create(){
		global $db;
		$sql = "INSERT INTO ".$this->db_table."(place_id, pg_photo_name, pg_date) 
				VALUES(
					 '".$db->escape_value($this->place_id)."',
					 '".$db->escape_value($this->photo_name)."',
					 now())";

				 if($db->query($sql)){
					$this->id = $db->insert_id(); //store also id to $admin_id object.
					header("Location: adminPanel.php?msg=pg_success");
					}//end of if query is successfull
				 else{
				  	 $this->error[] = "Error in inserting your informations to database";
					 return false;
					 } 	
		}//end of create function

	public function delete(){
	global $db;
	$uploadDir = $this->dir . $this->photo_name;		
	$uploadThumbDir = $this->thumbsDir . $this->photo_name;
	if(unlink($uploadDir)){
		if(unlink($uploadThumbDir)){
			$sql = $db->query("DELETE FROM ".$this->db_table." WHERE place_id=". $db->escape_value($this->place_id). " LIMIT 1");
	  		return ($db->affected_rows() == 1) ? true : false;
			}
		else{
			return false;
			}	
		}
	else{
		return false;
		}	
	 }//end of delete function

public function find_by_id($id=0){
	 global $db;
	 $sql = $db->query( "SELECT * FROM ".$this->db_table." WHERE place_id = ".$db->escape_value($id). " LIMIT 1 ");
	 $result = $db->fetch_assoc($sql);
	 $this->id = $id; 
	 $this->photo_name = $result[pg_photo_name];
	 return $result;
	 }	//end of find_by_id function


}//End of class PlaceGallery
$placeGallery = new PlaceGallery();		
?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.