Jump to content


Photo

Using server behavior to upload


  • Please log in to reply
2 replies to this topic

#1 nkkrustev

nkkrustev
  • Members
  • Pip
  • Newbie
  • 2 posts

Posted 05 December 2005 - 08:39 PM

I have the following problem:
I have an insert server behavior (the one build in Dreamweaver 8) witch is inserting new record in the database
I want to upload an image and save its filename in the database. I used is_uploaded_file and move_uploaded_file to upload it. If i use them in a separate script file the upload works fine. But when i add them to the page where insert server behavior is it wont upload. Pls help me fix it. Thx in advance.
THIS IS THE CODE:

<?php require_once('../Connections/connection1.php'); ?>
<?php
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "admin";
$MM_donotCheckaccess = "false";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && false) {
$isValid = true;
}
}
return $isValid;
}

$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;

}
?>

<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "Promo_new")) {

$uploaded = is_uploaded_file($_FILES['Image']['tmp_name']);
if($uploaded == true){
echo'File uploaded to tmp directory<br>';
}
else
{
echo'File not uploaded to tmp directory!';
exit();
}
$file = $_FILES['Image']['name'];
$uploaddir = '/www/ortis28.com/www/root/Images/';
$uploadfile = $uploaddir.basename($file);

$tmpfile = $_FILES['Image']['tmp_name'];

$move = move_uploaded_file($tmpfile, $uploadfile);
if($move){
echo 'File uploaded!';
}else{
echo 'Unable to move file from tmp directory! Please check that the folder has CHMOD value of 777!';
}

$insertSQL = sprintf("INSERT INTO promo (title, imgfile, text, price) VALUES (%s, %s, %s, %s)",
GetSQLValueString($_POST['TITLE'], "text"),
GetSQLValueString($_FILES['Image']['name'], "text"),
GetSQLValueString($_POST['TEXT'], "text"),
GetSQLValueString($_POST['PRICE'], "text"));

mysql_select_db($database_connection1, $connection1);
$Result1 = mysql_query($insertSQL, $connection1) or die(mysql_error());

$insertGoTo = "Promotions.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR...nsitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<form id="Promo_new" name="Promo_new" method="POST" action="<?php echo $editFormAction; ?>">
<table width="150" cellspacing="5">
<tr>
<td><div align="center">Заглавие</div></td>
<td><input name="TITLE" type="text" id="TITLE" /> </td>
</tr>
<tr>
<td><div align="center">Текст</div></td>
<td><textarea name="TEXT" cols="40" rows="4" wrap="virtual" id="TEXT"></textarea></td>
</tr>
<tr>
<td><div align="center">Снимка</div></td>
<td><p>
<input name="Image" type="file" id="Image"/>
</p></td>
</tr>
<tr>
<td><div align="center">Цена</div></td>
<td><input name="PRICE" type="text" id="PRICE" /></td>
</tr>
<tr>
<td><div align="left">
<input type="submit" name="Submit" value="Въведи" />
</div></td>
<td><div align="right">
<input type="reset" name="Submit22" value="Изчисти" />
</div>
</td>
</tr>
</table>
<p><input type="hidden" name="MM_insert" value="Promo_new"></p>
</form>
</body>
</html>

#2 morpheus.100

morpheus.100
  • Members
  • PipPipPip
  • Advanced Member
  • 145 posts

Posted 07 December 2005 - 10:28 AM

Is the upload folder on the server writable?

#3 nkkrustev

nkkrustev
  • Members
  • Pip
  • Newbie
  • 2 posts

Posted 07 December 2005 - 02:42 PM

yes it is. If i use the same upload script separaetly it works like a blast.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users