dark22horse Posted May 18, 2007 Author Share Posted May 18, 2007 K, what i have done now is, put it like this $price = $_POST['price'] and then put the variable in. But still no luck Quote Link to comment Share on other sites More sharing options...
suttercain Posted May 18, 2007 Share Posted May 18, 2007 can you please post the CURRENT code? Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 18, 2007 Author Share Posted May 18, 2007 Here you go mate. Still quoting the error at the bottom of the page <? require_once("mysql_config.php"); $target_path = $target_path . basename( $_FILES['photo']['name']); $_FILES['photo']['tmp_name']; $target_path = "uploads/"; $target_path = $target_path . basename( $_FILES['photo']['name']); if(move_uploaded_file($_FILES['photo']['tmp_name'], $target_path)) { $id=$_GET['id']; $price = $_POST['price']; $description = $_POST['description']; $photo = $_FILES['photo']['name']; $photo1 = $_FILES['photo1']['name']; $photo2 = $_FILES['photo2']['name']; $photo3 = $_FILES['photo3']['name']; $car_of_the_week = $_POST['car_of_the_week']; $status1 = $_POST['status1']; echo "The file ". basename( $_FILES['photo']['name']). " has been uploaded"; $sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 =$'status1'"."WHERE id='$id'"; echo "<br/>SQL STRING WE WANT TO RUN: ".$sql_string; echo "db connection: ".$dbconn; echo "table connection: ".$table; $ok = mysql_query($sql_string); echo "OK: ".$ok; if($ok){ echo "<h2>all is good, upload another</h2>"; } else { echo "<h2>check the string".$sql_string."</h2>"; } } else{ echo "There was an error uploading the file, please try again!"; } ?> Quote Link to comment Share on other sites More sharing options...
suttercain Posted May 19, 2007 Share Posted May 19, 2007 Okay replace: $sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 =$'status1'"."WHERE id='$id'"; You have $'status1' instead of '$status1' and also no MySQL Query! With: $sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 ='$status1'"."WHERE id='$id'"; mysql_query($sql_string) OR die(mysql_error());//This will report any errors! I also highly suggest using the mysql_real_escape_string() function BEFORE entering the information into you database to prevent MySQL hacks. This is how you would use is: $price = mysql_real_escape_string($price); Do that for EVERY variable you are entering into your database. $photo, $car_of_the_week, etc. Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 I have it working sort of now. I have it saying that it has uploaded, but it doesnt appear in the database. Ive got a feeling it because of the Where bit in the sql. As it prints out what it is going to put into the database, but nothing appears on that field. Also with your $price = mysql_real_escape_string($price); is that meant to be put in the string, or when im saying what the variable is. I know that the $_Post['id'] is bring back the result, as I have the print_r($_POST); and that is showing that it is posting the number i select. <? require_once("mysql_config.php"); echo "<pre>"; echo "THIS IS THE POST ARRAY"; print_r($_POST); $target_path = $target_path . basename( $_FILES['photo']['name']); $_FILES['photo']['tmp_name']; $target_path = "uploads/"; $target_path = $target_path . basename( $_FILES['photo']['name']); if(move_uploaded_file($_FILES['photo']['tmp_name'], $target_path)) { $id=$_Post['id']; $price = $_POST['price']; $description = $_POST['description']; $photo = $_FILES['photo']['name']; $photo1 = $_FILES['photo1']['name']; $photo2 = $_FILES['photo2']['name']; $photo3 = $_FILES['photo3']['name']; $car_of_the_week = $_POST['car_of_the_week']; $status1 = $_POST['status1']; echo "$id"; $sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 ='$status1'"."WHERE id='$id'"; mysql_query($sql_string) OR die(mysql_error()); echo "<br/>SQL STRING WE WANT TO RUN: ".$sql_string; echo "db connection: ".$dbconn; echo "table connection: ".$table; $ok = mysql_query($sql_string); echo "OK: ".$ok; if($ok){ echo "<h2>all is good, upload another</h2>"; } else { echo "<h2>check the string".$sql_string."</h2>"; } } else{ echo "There was an error uploading the file, please try again!"; } ?> I think im slowly getting this php stuff now. Your help is greatly appreciated. Quote Link to comment Share on other sites More sharing options...
suttercain Posted May 19, 2007 Share Posted May 19, 2007 Hi Darkhorse, Sorry for the slow replies but I have a lot of stuff going on, but I'll keep checking this post till we get you there. For some reason you had a . right before your where statement which messed up the syntax... I have corrected in. Please don't change it again, the syntax I am using is correct. Okay with your WHERE statement. I have two questions: 1. When you echo "$id"; does it output the id number in your browser? 2. If the above answer is yes, and let's say for example it echos 16, do you have that same id already in the id column of your MySQL table? The reason I ask is if you do this: WHERE id='16'; and 16 is not in your database, it has no row to update and WILL NOT WORK. As far as the mysql_real_escape_string(), this prepends certain characters that users may try and place into the database that can cause it to delete or hack records. This is how I suggest running it, but there may be better ways so look around for other suggestions too: <?php require_once("mysql_config.php"); echo "<pre>"; echo "THIS IS THE POST ARRAY"; print_r($_POST); $target_path = $target_path . basename( $_FILES['photo']['name']); $_FILES['photo']['tmp_name']; $target_path = "uploads/"; $target_path = $target_path . basename( $_FILES['photo']['name']); if(move_uploaded_file($_FILES['photo']['tmp_name'], $target_path)) { $id=$_POST['id']; $price = $_POST['price']; $description = $_POST['description']; $photo = $_FILES['photo']['name']; $photo1 = $_FILES['photo1']['name']; $photo2 = $_FILES['photo2']['name']; $photo3 = $_FILES['photo3']['name']; $car_of_the_week = $_POST['car_of_the_week']; $status1 = $_POST['status1']; //ESCAPE THE STRINGS BEFORE PLACING INTO DATABASE $id = mysql_real_escape_string($id); $price = mysql_real_escape_string($price); $description = mysql_real_escape_string($description); $status1 = mysql_real_escape_string($status1); echo "$id"; $sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 ='$status1' WHERE id='$id'"; mysql_query($sql_string) OR die(mysql_error()); echo "<br/>SQL STRING WE WANT TO RUN: ".$sql_string; echo "db connection: ".$dbconn; echo "table connection: ".$table; $ok = mysql_query($sql_string); echo "OK: ".$ok; if($ok){ echo "<h2>all is good, upload another</h2>"; } else { echo "<h2>check the string".$sql_string."</h2>"; } } else{ echo "There was an error uploading the file, please try again!"; } ?> Let me know... Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 thats great mate got it working! This has taken a while and am I very grateful. I just have to add the thing to protect the database! Dont worry bout the late reply, I was asleep ne way Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 Sorry mate, one more question. On the form, <? print_r($_GET); $id=$_GET['id']; //connect to mysql //change user and password to your mySQL name and password mysql_connect("localhost","root",""); //select which database you want to edit mysql_select_db("car"); $query = "select * from car WHERE id = '$id' "; $result = mysql_query($query); $num = mysql_num_rows($result); $i = 0; while ($i<$num) { $price = mysql_result($result, $i, 'price'); //do this for each variable $description= mysql_result($result, $i, 'Description'); $photo= mysql_result($result, $i, 'photo'); $photo1= mysql_result($result, $i, 'photo1'); $photo2= mysql_result($result, $i, 'photo2'); $photo3= mysql_result($result, $i, 'photo3'); $car_of_the_week= mysql_result($result, $i, 'car_of_the_week'); $status1= mysql_result($result, $i, 'status1'); $id=$_GET['id']; ?> <html> <body> <form enctype="multipart/form-data" action="uploader2.php" method="POST"> <table width='100%' border='1'> <tr> <input type="hidden" name="MAX_FILE_SIZE" value="100000" /> <td>ID</td> <td><input type='text' name='id' value='<?php print "$id";?>'> </td> <td>Price</td> <td><input type='text' name='price' value='<?php print "$price";?>'> </td> <td>Description</td> <td><input type='text' name='description' value='<?php print "$description";?>'> </td> <td>Photo</td> <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td> <td>Photo1</td> <td><input name="photo1" type="file" /></td> <td>Photo2</td> <td><input name="photo2" type="file" /></td> <td><input name="photo3" type="file" /></td> <td>Car of the Week</td> <td><input type="text" name="car_of_the_week" length="20" value ='<?php print "$car_of_the_week";?>'></td> <td>Status</td> <td><input type="text" name="status1" length="20" value = "jjjj"/></td> <td><input type="submit" value="Upload Files" /></td> </tr> </table> </form> <? ++$i; } ?> </BODY> </html> I am trying to display the photo name in the form, however it isnt working. Can you actually put the name of it in the value. if so, how Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 19, 2007 Share Posted May 19, 2007 try <?php print_r($_GET); $id=$_GET['id']; //connect to mysql //change user and password to your mySQL name and password mysql_connect("localhost","root",""); //select which database you want to edit mysql_select_db("car"); $query = "select * from car WHERE id = '$id' "; $result = mysql_query($query); $num = mysql_num_rows($result); $i = 0; while ($i<$num) { $row = fetch_array($result); $price = $row['price'] $description= $row['Description']; $photo= $row['Description']; $photo1= $row['photo1']; $photo2= $row['photo2']; $photo3= $row['photo3']; $car_of_the_week= $row['car_of_the_week']; $status1= $row['status1']; $id=$_GET['id']; ?> <html> <body> <form enctype="multipart/form-data" action="uploader2.php" method="POST"> <table width='100%' border='1'> <tr> <input type="hidden" name="MAX_FILE_SIZE" value="100000" /> <td>ID</td> <td><input type='text' name='id' value='<?php print "$id";?>'> </td> <td>Price</td> <td><input type='text' name='price' value='<?php print "$price";?>'> </td> <td>Description</td> <td><input type='text' name='description' value='<?php print "$description";?>'> </td> <td>Photo</td> <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td> <td>Photo1</td> <td><input name="photo1" type="file" /></td> <td>Photo2</td> <td><input name="photo2" type="file" /></td> <td><input name="photo3" type="file" /></td> <td>Car of the Week</td> <td><input type="text" name="car_of_the_week" length="20" value ='<?php print "$car_of_the_week";?>'></td> <td>Status</td> <td><input type="text" name="status1" length="20" value = "jjjj"/></td> <td><input type="submit" value="Upload Files" /></td> </tr> </table> </form> <? ++$i; } ?> </BODY> </html> Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 I have done that, but the fetcharray has a problem Fatal error: Call to undefined function fetch_array() in C:\Program Files\xampp\htdocs\site\Update_car2.php on line 19 <? print_r($_GET); $id=$_GET['id']; //connect to mysql //change user and password to your mySQL name and password mysql_connect("localhost","root",""); //select which database you want to edit mysql_select_db("car"); $query = "select * from car WHERE id = '$id' "; $result = mysql_query($query); $num = mysql_num_rows($result); $i = 0; while ($i<$num) { $row = fetch_array($result); $price= $row['price']; $description= $row['Description']; $photo= $row['photo']; $photo1= $row['photo1']; $photo2= $row['photo2']; $photo3= $row['photo3']; $car_of_the_week= $row['car_of_the_week']; $status1= $row['status1']; $id=$_GET['id']; ?> <html> <body> <form enctype="multipart/form-data" action="uploader2.php" method="POST"> <table width='100%' border='1'> <tr> <input type="hidden" name="MAX_FILE_SIZE" value="100000" /> <td>ID</td> <td><input type='text' name='id' value='<?php print "$id";?>'> </td> <td>Price</td> <td><input type='text' name='price' value='<?php print "$price";?>'> </td> <td>Description</td> <td><input type='text' name='description' value='<?php print "$description";?>'> </td> <td>Photo</td> <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td> <td>Photo1</td> <td><input name="photo1" type="file" /></td> <td>Photo2</td> <td><input name="photo2" type="file" /></td> <td><input name="photo3" type="file" /></td> <td>Car of the Week</td> <td><input type="text" name="car_of_the_week" length="20" value ='<?php print "$car_of_the_week";?>'></td> <td>Status</td> <td><input type="text" name="status1" length="20" value = "jjjj"/></td> <td><input type="submit" value="Upload Files" /></td> </tr> </table> </form> <? ++$i; } ?> </BODY> </html> Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 19, 2007 Share Posted May 19, 2007 opps should be mysql_fetch_array($result, MYSQL_NUM) Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 Nothing is being displayed now. in the form! Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 19, 2007 Share Posted May 19, 2007 Oh Gezzz if this fails shoot me mysql_fetch_array($result, MYSQL_ASSOC) Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 K, that worked in a way! but still the photo one's are not working. do I need to put 'photo' 'name' or something like that. Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 For some reason i couldnt edit my last one. I have echoed the variable out and it works, however do you know if you can echo out a variable in a file form, rather than a text form. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 19, 2007 Share Posted May 19, 2007 what ? Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 This is my form. input type="file" Can you print (echo) the file location into this one as that is my problem. I have echoed the $photo in my php script above and it says the location, however when I try to print (echo) into the input type file box, it doesnt appear. Hopefully that explains it a bit better <form enctype="multipart/form-data" action="uploader2.php" method="POST"> <table width='100%' border='1'> <tr> <input type="hidden" name="MAX_FILE_SIZE" value="100000" /> <td>ID</td> <td><input type='text' name='id' value='<?php print "$id";?>'> </td> <td>Price</td> <td><input type='text' name='price' value='<?php print "$price";?>'> </td> <td>Description</td> <td><input type='text' name='description' value='<?php echo "$description";?>'> </td> <td>Photo</td> <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td> <td>Photo1</td> <td><input name="photo1" type="file" /></td> <td>Photo2</td> <td><input name="photo2" type="file" /></td> <td><input name="photo3" type="file" /></td> <td>Car of the Week</td> <td><input type="text" name="car_of_the_week" length="20" value ='<?php print "$car_of_the_week";?>'></td> <td>Status</td> <td><input type="text" name="status1" length="20" value = "jjjj"/></td> <td><input type="submit" value="Upload Files" /></td> </tr> </table> </form> Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 19, 2007 Share Posted May 19, 2007 echo what ever field you have in the database! Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 What I am asking is whether you can put a text field into <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td> <td>Photo1</td> as this seems to be the problem! I have just changed that type to text and it works. However they can not select another file if i change it, so I need it file type Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 19, 2007 Share Posted May 19, 2007 IF your storing the file (contents ) in the database your need a field for that and one for the name.! Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 I am storing the file name in the database. What I am trying to do is, show all the information in a form, so that the user can update it. So I have the ID, which I hide from them, the price, descripition, photo, photo1, photo2, status1. The form I am displaying them in shows the price and description. My question is that can I display the photo information in a form box with the type set to file. If not, how can I display the photo information so that it can be updated? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 19, 2007 Share Posted May 19, 2007 your need another script to rebuild the image if its stored in the database.. Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 So is it because it is not a file, it is a text field. Any chance of a link to an explation, would it be something like $target_path = "uploads/"; $target_path = $target_path . basename( $_FILES['photo']['name']); Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 19, 2007 Share Posted May 19, 2007 looks ok.. Quote Link to comment Share on other sites More sharing options...
dark22horse Posted May 19, 2007 Author Share Posted May 19, 2007 It didnt work, this is my code. I am trying to change the $photo in a file. (i think that what i need to do) <? print_r($_GET); $id=$_GET['id']; //connect to mysql //change user and password to your mySQL name and password mysql_connect("localhost","root",""); //select which database you want to edit mysql_select_db("car"); $query = "select * from car WHERE id = '$id' "; $result = mysql_query($query); $num = mysql_num_rows($result); $i = 0; while ($i<$num) { $row= mysql_fetch_array($result, MYSQL_ASSOC); $price= $row['price']; $description= $row['description']; $photo= $row['photo']; $photo1= $row['photo1']; $photo2= $row['photo2']; $photo3= $row['photo3']; $car_of_the_week= $row['car_of_the_week']; $status1= $row['status1']; $id=$_GET['id']; echo "$photo"; $target_path = "uploads/"; $photo = $target_path . basename( $_FILES['photo']['name']); ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.