[SOLVED] Upload Default Pic

[greenday]

Hi, I am using a form to upload 5 image names to a database, and store the file in a folder. However, if only 4 or less of the five fields are filled out, the databases default image 'no image to display' is overwritten by nothing.

 

Is there any way to write an if field is blank, use default.gif file, else use uploaded file? Here is the code:

 

mysql_query("UPDATE `listtable` SET

`mainpic` = '".$_FILES['pic']['name'][0]."',

`pic2` = '".$_FILES['pic']['name'][1]."',

`pic3` = '".$_FILES['pic']['name'][2]."',

`pic4` = '".$_FILES['pic']['name'][3]."',

`pic5` = '".$_FILES['pic']['name'][4]."',

`pic6` = '".$_FILES['pic']['name'][5]."'

WHERE `placeid` = '$plid'");

 

Thanks.

[stoker]

something like this perhaps - I only did it on pic 5 and 6 so you can see the diff..

 

$default = 'mypic.png';

mysql_query("UPDATE `listtable` SET
`mainpic` = '".$_FILES['pic']['name'][0]."',
`pic2` = '".$_FILES['pic']['name'][1]."',
`pic3` = '".$_FILES['pic']['name'][2]."',
`pic4` = '".$_FILES['pic']['name'][3]."',
`pic5` = '".( empty($_FILES['pic']['name'][4]) ? $default : $_FILES['pic']['name'][4] )."',
`pic6` = '".( empty($_FILES['pic']['name'][5]) ? $default : $_FILES['pic']['name'][5] )."'
WHERE `placeid` = '$plid'");

On another note, this is extremely insecure - crafted filenames could inject you sql - you really need to clean input and output!

 

[teng84]

pic1=(!empty($_FILES['pic']['name'][5])?$_FILES['pic']['name'][5]:'put the defulat';

 

insert to the db pic1

[greenday]

Thanks guys, great help, managed to get it working just as I wanted 

[greenday]

also

 

@stoker - thanks for pointing the security risk out to me. However, on this occasion its only for an admin area, so only staff could have access to it.