Jump to content

Strange bahavior with file upload system...

yathrakaaran

By yathrakaaran
in PHP Coding Help

 Share
Go to solution Solved by kicken,

Recommended Posts

yathrakaaran Newbie

yathrakaaran

Posted
Posted

Hi Everyone, this is a very old code. I know I have to change the 'addslashes' method in this code. I also just changed the code using 'mysqli'. There are two files to upload the images to a gallery, preexport.php and export.php. The upload works up to five images. if I choose 6 or more and press add images, the browser refreshes itself and the upload won't happen. All the fields on the form clears itself and no errors shows up...can you please take a look and help me correct this problem? Here are the two files...

 

export.php

<?php
include("config.inc.php");

if ($_SERVER['REQUEST_METHOD'] == "POST") 
{

 include("config.inc.php");
    if(!$_POST) {
    header("Location: preexport.php");
    exit();
} 

 
    // initialization
    $result_final = "";
    $counter = 0;

// List of our known photo types
    $known_photo_types = array(
                        'image/pjpeg' => 'jpg',
                        'image/jpeg' => 'jpg',
                        'image/gif' => 'gif',
                        'image/bmp' => 'bmp',
                        'image/x-png' => 'png'
                    );
   
// GD Function List
    $gd_function_suffix = array(
                        'image/pjpeg' => 'JPEG',
                        'image/jpeg' => 'JPEG',
                        'image/gif' => 'GIF',
                        'image/bmp' => 'WBMP',
                        'image/x-png' => 'PNG'
                    );
 
// Fetch the photo array sent by preexport.php
    $photos_uploaded = $_FILES['photo_filename'];
    $filename[]= $photos_uploaded['name'][$counter];
	//print_r($photos_uploaded);
  $photo_caption = $_POST['photo_caption'];

// Fetch the photo caption array
    $photo_description = $_POST['photo_description'];

// Fetch the photo caption array
    $photo_keyword = $_POST['photo_keyword'];
     
    while( $counter <count($_FILES['photo_filename']['tmp_name']) ) 
{
        if($photos_uploaded['size'][$counter] > 0)
        {
            if(!array_key_exists($photos_uploaded['type'][$counter], $known_photo_types))
            {
                $result_final .= "File ".($counter+1)." is not a photo<br />";
            }
            else
            {
			
			/*print "HHHHHH\n";
			print "Counter is $counter : ";
			print $photos_uploaded['name'][0];
			print $photos_uploaded['name'][1];
			print "Photo caption is $photo_caption[$counter]"; */
                mysqli_query(
                    $mysqli,"INSERT INTO
                        gallery_photos (
                    `photo_filename`,
		    `photo_caption`,
                    `photo_description`,
		    `photo_keywords`,
                    `category_name`
                    ) VALUES(
		        '".addslashes($photos_uploaded['name'][$counter])."',
                        '".addslashes($photo_caption[$counter])."',
                        '".addslashes($photo_description[$counter])."',
                        '".addslashes($photo_keyword[$counter])."',
                        '".addslashes($_POST['category'])."')"
                    ) or die(mysqli_error() . 'Photo not uploaded');
                   
               // $new_id = mysqli_insert_id();
                $filetype = $photos_uploaded['type'][$counter];
				
                $extention = $known_photo_types[$filetype];
                //$filename = $photo_filename[$counter].".".$extention;
		//$filename = $new_id.".".$extention;
 
              //  mysqli_query( "UPDATE gallery_photos SET photo_filename='".addslashes($filename)."' WHERE photo_id='".addslashes($new_id)."'" );
 
                // Store the orignal file
				
                copy($photos_uploaded['tmp_name'][$counter], $images_dir."/".$photos_uploaded['name'][$counter]);
 
                // Let's get the Thumbnail size
                $size = GetImageSize( $images_dir."/".$photos_uploaded['name'][$counter] );
                if($size[0] > $size[1])
                {
                    $thumbnail_width = 200;
                    $thumbnail_height = (int)(200 * $size[1] / $size[0]);
                }
                else
                {
                    $thumbnail_width = (int)(200 * $size[0] / $size[1]);
                    $thumbnail_height = 200;
                }
           
                // Build Thumbnail with GD 1.x.x, you can use the other described methods too
                $function_suffix = $gd_function_suffix[$filetype];
                $function_to_read = "ImageCreateFrom".$function_suffix;
                $function_to_write = "Image".$function_suffix;
 
                // Read the source file
                $source_handle = $function_to_read ( $images_dir."/".$photos_uploaded['name'][$counter] );
				
				$sharpenMatrix = array
                (
                    array(-1.2, -1, -1.2),
                    array(-1, 8, -1),
                    array(-1.2, -1, -1.2)
                );
 
                // calculate the sharpen divisor
                $divisor = array_sum(array_map('array_sum', $sharpenMatrix));          
 
                $offset = 0;
               
                if($source_handle)
                {
                    // Let's create an blank image for the thumbnail
                        $destination_handle = ImageCreateTrueColor ( $thumbnail_width, $thumbnail_height );
               
                    // Now we resize it
                    ImageCopyResized( $destination_handle, $source_handle, 0, 0, 0, 0, $thumbnail_width, $thumbnail_height, $size[0], $size[1] );
                }
 
                // Let's save the thumbnail
                $function_to_write( $destination_handle, $images_dir."/tb_".$photos_uploaded['name'][$counter], 100 );
                ImageDestroy($destination_handle );
                //

           
               
 
                $result_final .= "<img src='".$images_dir. "/tb_".$photos_uploaded['name'][$counter]."' /> File ".($counter+1)." Added<br />";
            }
        }
    $counter++;
    }
 
    // Print Result
echo <<<__HTML_END
 
<html>
<head>
    <title>Photos uploaded</title>
</head>
<body>
    $result_final
</body>
</html>
 
__HTML_END;

}
?>

preexport.php

<?php
 include 'config.inc.php';
 
  $photo_category_list = '';
 $photo_upload_fields = '';
 $counter = 1;
 
 // If we want more fields, then use, preexport.php?number_of_fields=9
 $number_of_fields = (isset($_GET['number_of_fields'])) ?
   (int)($_GET['number_of_fields']) : 9;
 
 // Firstly Lets build the Category List
 $result = mysqli_query($mysqli,'SELECT category_name FROM gallery_category');
 /*if($result === FALSE) {
    die(mysqli_error()); // TODO: better error handling
}*/
 while($row = mysqli_fetch_array($result)) {
   $photo_category_list .= <<<__HTML_END
<option value="$row[0]">$row[0]</option>\n
__HTML_END;
 }
 mysqli_free_result( $result ); 
 
 // Lets build the Image Uploading fields
 while($counter <= $number_of_fields) {
   $photo_upload_fields .= <<<__HTML_END
<tr><td>
 Photo {$counter}:
 <input name="photo_filename[]"
type="file" />
</td></tr>
<tr><td>
 Caption:
 <textarea name="photo_caption[]" cols="50"
   rows="1"></textarea>
</td></tr>
<tr><td>
 Description:
 <textarea name="photo_description[]" cols="50"
   rows="4"></textarea>
</td></tr>
<tr><td>
 Keyword:
 <textarea name="photo_keyword[]" cols="50"
   rows="4"></textarea>
</td></tr>
__HTML_END;
   $counter++;
 }
 
 // Final Output
 echo <<<__HTML_END
<html>
<head>
<title> Rajeev lets upload photos!! </title>
</head>
<body>
<form enctype="multipart/form-data"
 action="export.php" method="post"
 name="export_form">
 <table width="90%" border="0"
   align="center" style="width: 90%;">
   <tr><td>
     Select Category
     <select name="category">
     $photo_category_list
     </select>
   </td></tr>
   <!—Insert the image fields here -->
   $photo_upload_fields
   <tr><td>
     <input type="submit" name="submit"
       value="Add Photos" />
   </td></tr>
 </table>
</form>
</body>
</html>
__HTML_END;
?>
Link to comment
Share on other sites
yathrakaaran Newbie

yathrakaaran

Posted
  • Author
Posted

kicken, your answer led me to php.ini but the value was set high there. Though I changed it to a higher value it didn't work. But what worked for me was setting these values in .htaccess. Thank you for helping me.

php_value upload_max_filesize 10M
php_value post_max_size 10M
Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

no matter how high you set the values, someone can and will come along and try to upload larger files than the settings allow. your code should test for upload errors and report back to the visitor when individual files (determined by the upload_max_filesize setting) and when all the form data (determined by the post_max_size setting) has been exceeded.

Link to comment
Share on other sites
rajeevthomas Member

rajeevthomas

Posted
Posted

no matter how high you set the values, someone can and will come along and try to upload larger files than the settings allow. your code should test for upload errors and report back to the visitor when individual files (determined by the upload_max_filesize setting) and when all the form data (determined by the post_max_size setting) has been exceeded.

 Thank you Mac_gyver,

 

I will be the only one uploading. But I will learn how to report back the errors... thanks again...

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.