Jump to content

Using server behavior to upload


Recommended Posts

I have the following problem:

I have an insert server behavior (the one build in Dreamweaver 8) witch is inserting new record in the database

I want to upload an image and save its filename in the database. I used is_uploaded_file and move_uploaded_file to upload it. If i use them in a separate script file the upload works fine. But when i add them to the page where insert server behavior is it wont upload. Pls help me fix it. Thx in advance.

THIS IS THE CODE:

 

<?php require_once('../Connections/connection1.php'); ?>

<?php

if (!isset($_SESSION)) {

session_start();

}

$MM_authorizedUsers = "admin";

$MM_donotCheckaccess = "false";

 

// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {

// For security, start by assuming the visitor is NOT authorized.

$isValid = False;

 

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.

// Therefore, we know that a user is NOT logged in if that Session variable is blank.

if (!empty($UserName)) {

// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.

// Parse the strings into arrays.

$arrUsers = Explode(",", $strUsers);

$arrGroups = Explode(",", $strGroups);

if (in_array($UserName, $arrUsers)) {

$isValid = true;

}

// Or, you may restrict access to only certain users based on their username.

if (in_array($UserGroup, $arrGroups)) {

$isValid = true;

}

if (($strUsers == "") && false) {

$isValid = true;

}

}

return $isValid;

}

 

$MM_restrictGoTo = "login.php";

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {

$MM_qsChar = "?";

$MM_referrer = $_SERVER['PHP_SELF'];

if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)

$MM_referrer .= "?" . $QUERY_STRING;

$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

header("Location: ". $MM_restrictGoTo);

exit;

 

}

?>

 

<?php

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")

{

$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

 

switch ($theType) {

case "text":

$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

break;

case "long":

case "int":

$theValue = ($theValue != "") ? intval($theValue) : "NULL";

break;

case "double":

$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";

break;

case "date":

$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

break;

case "defined":

$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

break;

}

return $theValue;

}

 

$editFormAction = $_SERVER['PHP_SELF'];

if (isset($_SERVER['QUERY_STRING'])) {

$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "Promo_new")) {

 

$uploaded = is_uploaded_file($_FILES['Image']['tmp_name']);

if($uploaded == true){

echo'File uploaded to tmp directory<br>';

}

else

{

echo'File not uploaded to tmp directory!';

exit();

}

$file = $_FILES['Image']['name'];

$uploaddir = '/www/ortis28.com/www/root/Images/';

$uploadfile = $uploaddir.basename($file);

 

$tmpfile = $_FILES['Image']['tmp_name'];

 

$move = move_uploaded_file($tmpfile, $uploadfile);

if($move){

echo 'File uploaded!';

}else{

echo 'Unable to move file from tmp directory! Please check that the folder has CHMOD value of 777!';

}

 

$insertSQL = sprintf("INSERT INTO promo (title, imgfile, text, price) VALUES (%s, %s, %s, %s)",

GetSQLValueString($_POST['TITLE'], "text"),

GetSQLValueString($_FILES['Image']['name'], "text"),

GetSQLValueString($_POST['TEXT'], "text"),

GetSQLValueString($_POST['PRICE'], "text"));

 

mysql_select_db($database_connection1, $connection1);

$Result1 = mysql_query($insertSQL, $connection1) or die(mysql_error());

 

$insertGoTo = "Promotions.php";

if (isset($_SERVER['QUERY_STRING'])) {

$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";

$insertGoTo .= $_SERVER['QUERY_STRING'];

}

header(sprintf("Location: %s", $insertGoTo));

}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Untitled Document</title>

</head>

 

<body>

<form id="Promo_new" name="Promo_new" method="POST" action="<?php echo $editFormAction; ?>">

<table width="150" cellspacing="5">

<tr>

<td><div align="center">Заглавие</div></td>

<td><input name="TITLE" type="text" id="TITLE" /> </td>

</tr>

<tr>

<td><div align="center">Текст</div></td>

<td><textarea name="TEXT" cols="40" rows="4" wrap="virtual" id="TEXT"></textarea></td>

</tr>

<tr>

<td><div align="center">Снимка</div></td>

<td><p>

<input name="Image" type="file" id="Image"/>

</p></td>

</tr>

<tr>

<td><div align="center">Цена</div></td>

<td><input name="PRICE" type="text" id="PRICE" /></td>

</tr>

<tr>

<td><div align="left">

<input type="submit" name="Submit" value="Въведи" />

</div></td>

<td><div align="right">

<input type="reset" name="Submit22" value="Изчисти" />

</div>

</td>

</tr>

</table>

<p><input type="hidden" name="MM_insert" value="Promo_new"></p>

</form>

</body>

</html>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.