Jump to content

If Statement, I think my syntax is wrong


Accurax

Recommended Posts

I dont suppose someone could have a lok at this ... I have a feeling im making some sort of syntax error here.

This If statement is meant to check a certian field in my database and, IF that field has anything in it, it should clear the contents in the database, and delete the corresponding file in my directory structure.

Basically this is part of a picture upload system, whereby users can upload picrures and change them as they wish, all pictures are automatically renamed on upload as:

username(1 - 7).extension

So, i know what the files that relate to the database are called.

I am able to make it delete the file when the If conditional is not presant, but, this causes other issues. For example, when someone uploads a picture for the first time, there will be no file to delete so it throws an error at me.

So, im not sure if im doing this right at all....

Heres the specific If component;

[code]
  if ($exist != "")
{
      unlink("pictures/".$new_filename);
  mysql_query("DELETE picture FROM members WHERE user_name='$username'");
  or die ("could not delete old picture")
}[/code]

and heres the rest of the code in that file;

[code]
<?php
session_start();
include("Vars.inc");
if ( $_SESSION['login'] != "true" ){
  header("location: hacker.php");
}
else {
  if ($_FILES['filename']['type'] != "image/jpeg" && $_FILES['filename']['type'] != "image/pjpeg" && $_FILES['filename']['type'] != "image/gif"){
      echo "Sorry you must upload only files of the type .jpg .jpeg or .gif, Click <a href='picturemanager.php'>Here</a> to try again";
  }
  else{
    $connection=mysql_connect($host, $user, $passwd) or die ("Could not connect !");
      $db = mysql_select_db($database, $connection) or die ("Could not connect to Database");
  $query = "SELECT picture FROM members WHERE user_name='$username'";
      $exist = mysql_query($query) or die ("could not Select Picture.");
 
      preg_match('/\.\w{3,4}$/', $_FILES['filename']['name'], $matches);
      $new_filename = $_SESSION['username']."1".$matches[0];
 

  if ($exist != "")
{
      unlink("pictures/".$new_filename);
  mysql_query("DELETE picture FROM members WHERE user_name='$username'");
  or die ("could not delete old picture")
}
 

      $filepath = "pictures/".$new_filename;
      echo "<h1 align = 'center'>Your File has been uploaded. Click <a href='picturemanager.php'>Here</a>to Return</h1>";

      $source = "pictures";
      move_uploaded_file($_FILES['filename']['tmp_name'],
        "../xxx/xxx/$source/".$new_filename); // this line is for local host
        /*"../xxx/xxx/".$_FILES['filename']['name']);*/ //this line is for remote server


      $query = "UPDATE members SET picture = '$filepath' WHERE user_name='{$_SESSION['username']}'";
      $result = mysql_query($query) or die ("could not add picture.");
  }
}
?>[/code]
Link to comment
https://forums.phpfreaks.com/topic/30738-if-statement-i-think-my-syntax-is-wrong/
Share on other sites

You haven't closed the sql statement properly with a bracket before proceeding to your die

[code=php:0]
      if ($exist != "") {
          unlink("pictures/".$new_filename);
          mysql_query("DELETE picture FROM members WHERE user_name='$username'") or die ("could not delete old picture");
      }
[/code]
Also here is a neater version of your code but I was wondering about your first line for the session login, if this is just a true false value you don't need to quote it unless of course it is a string your using.

[code=php:0]
<?php
session_start();
include("Vars.inc");

if ($_SESSION['login']!="true")    {
  header("location: hacker.php");
} else {
 
  if (($_FILES['filename']['type']!="image/jpeg") && ($_FILES['filename']['type']!="image/pjpeg") && ($_FILES['filename']['type']!="image/gif")) {
     
      echo "Sorry you must upload only files of the type .jpg .jpeg or .gif, Click <a href='picturemanager.php'>Here</a> to try again";
 
  } else {

      $connection = mysql_connect($host, $user, $passwd) or die ("Could not connect !");
      $db = mysql_select_db($database, $connection) or die ("Could not connect to Database");
      $query = "SELECT picture FROM members WHERE user_name='$username'";
      $exist = mysql_query($query) or die ("could not Select Picture.");

      preg_match('/\.\w{3,4}$/', $_FILES['filename']['name'], $matches);
      $new_filename = $_SESSION['username']."1".$matches[0];

      if ($exist != "") {
          unlink("pictures/".$new_filename);
          mysql_query("DELETE picture FROM members WHERE user_name='$username'") or die ("could not delete old picture");
      }

      $filepath = "pictures/".$new_filename;
      echo "<h1 align = 'center'>Your File has been uploaded. Click <a href='picturemanager.php'>Here</a>to Return</h1>";

      $source = "pictures";
      move_uploaded_file($_FILES['filename']['tmp_name'], "../xxx/xxx/$source/".$new_filename); // this line is for local host
        /*"../xxx/xxx/".$_FILES['filename']['name']);*/ //this line is for remote server


      $query = "UPDATE members SET picture = '$filepath' WHERE user_name='{$_SESSION['username']}'";
      $result = mysql_query($query) or die ("could not add picture.");
  }
}
?>
[/code]
I would echo username in your die statement it helps when your trying to debug,

[code=php:0]

      if ($exist != "") {
          unlink("pictures/".$new_filename);
          mysql_query("DELETE picture FROM members WHERE user_name='$username'") or die ("could not delete old picture for username: {$username}");
      }
[/code]

If no username is present in that die statement then you know what the problem is.
The problem is with the actual IF condition ..... i tried echoing out $exist and even through the actual field in the database is empty it sytill echos out:  "Resource id #4" ... as the value for $exist.

Therefore the If statement is allways satidsfied ....... is there another way of checking for this?

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.