karltanav Posted March 12, 2008 Share Posted March 12, 2008 Hey Im trying to send some files through a form, i was working right in firefox, then tried to check it in explorer and everything was messed up, perhaps there is an error with the code or i dont know, can any one take a look? <? session_start(); include("config.php"); if(isset($_GET['action'])) { $action=addslashes($_GET['action']); } if ( $action == "add_pet" ) { $petname=mysql_real_escape_string($_POST['petname']); $pettype=mysql_real_escape_string($_POST['pettype']); $petage=mysql_real_escape_string($_POST['age']); $petdesc=mysql_real_escape_string($_POST['pet_desc']); $petpic=mysql_real_escape_string($_POST['picture']); echo "<h3>Add a Pet!</h3> <center><img src=\"images/lineo.jpg\" width=\"560\" height=\"9\"></center><br> <center> <table border=\"0\" width=\"590\" cellspacing=\"0\" cellpadding=\"0\"> <tr> <td width=\"10\"> </td> <td width=\"570\">"; if (!$_SESSION["valid_user"]) { echo "<h3>Sorry, this section is restricted only to registered members</h3><Br> <center><b><a href=\"index.php?action=register\"><font color=\"#000000\">Click here to register and get complete access to this site!</font></a></b></center>"; } else { echo " <form action=\"?action=doAdd\" method=\"POST\" enctype=\"multipart/form-data\"> <table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"570\"> <tr> <td width=\"120\">Name:</td> <td width=\"*\"><input type=\"text\" name=\"petname\" value=\"$petname\" class=\"itxt\"></td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">Type:</td> <td width=\"*\"> <select name=\"pettype\"> <option selected> </option>"; $query = " SELECT * FROM categories ORDER BY cat_id ASC"; $result = mysql_query($query) or die('Error, query failed'); while ($getcat= mysql_fetch_array($result)) { echo "<option value=\"$getcat[cat_name]\">$getcat[cat_name]</option>"; } echo " </select> </td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">Age:</td> <td width=\"*\"><input type=\"text\" name=\"age\" value=\"$petage\" class=\"itxt\"></td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">Description:</td> <td width=\"*\"><textarea name=\"pet_desc\" rows=\"3\" cols=\"28\" class=\"tarea\">$petdesc</textarea></td> </tr> <tr> <td colspan=\"2\" height=\"4\"> </td> </tr> <tr> <td width=\"120\">Picture:</td> <td width=\"*\"><input type=\"file\" size=\"15\" name=\"uploadfile\"></td> </tr> <tr> <td colspan=\"2\" height=\"8\"> </td> </tr> <tr> <td colspan=\"2\" height=\"4\"> <input type=\"Submit\" value=\"Submit\" class=\"regb\"> </td> </tr> </table><br> <img src=\"images/lineo.jpg\" width=\"560\" height=\"9\"></center><br> </form>"; } echo " </td> <td width=\"10\"> </td> </tr> </table>"; } if ( $action == "doAdd" ) { $upload=$HTTP_POST_FILES['uploadfile']; $petname=mysql_real_escape_string($_POST['petname']); $pettype=mysql_real_escape_string($_POST['pettype']); $petage=mysql_real_escape_string($_POST['age']); $petdesc=mysql_real_escape_string($_POST['pet_desc']); $petpic=mysql_real_escape_string($_POST['picture']); if ( $_POST['petname']=="" || strlen($_POST['petname'])<1 ) { $errors[] = 'You have to enter your pet name'; } if ( $_POST['pettype']=="" || strlen($_POST['pettype'])<1 ) { $errors[] = 'You have to select your pet type'; } if ( $_POST['age']=="" || strlen($_POST['age'])<1 ) { $errors[] = 'You have to enter your pet age'; } if ( $_POST['pet_desc']=="" || strlen($_POST['pet_desc'])<1 ) { $errors[] = 'You have to enter your pet description'; } echo "<h3>Adding a Pet</h3> <center><img src=\"images/lineo.jpg\" width=\"560\" height=\"9\"></center><br> <center> <table border=\"0\" width=\"590\" cellspacing=\"0\" cellpadding=\"0\"> <tr> <td width=\"10\"> </td> <td width=\"570\">"; if (!$_SESSION["valid_user"]) { echo "<h3>Sorry, this section is restricted only to registered members</h3><Br> <center><b><a href=\"index.php?action=register\"><font color=\"#000000\">Click here to register and get complete access to this site!</font></a></b></center>"; } else { if( is_array($errors) ) { echo "Sorry, but the request couldn't be completed.<br><br>The following errors were found:<ul>"; while (list($key,$value) = each($errors)) { echo "<li type=\"square\">$value</li>"; } echo "</ul><center><form action=\"?action=add_pet\" method=\"POST\"> <input type=\"hidden\" name=\"petname\" value=\"$petname\"> <input type=\"hidden\" name=\"pettype\" value=\"$pettype\"> <input type=\"hidden\" name=\"age\" value=\"$petage\"> <input type=\"hidden\" name=\"petdesc\" value=\"$petdesc\"> <input type=\"Submit\" value=\"Try Again\" class=\"trag\"></center>"; } else { if ( $uploadfile == "" ) { echo " "; } if ( $HTTP_POST_FILES['uploadfile']['type'] == "image/bmp" ) { echo "<h3>ERROR<br>The files extensions for pictures accepted are only JPG, GIF and PNG, please try again</h3> </td> <td width=\"10\"> </td> </tr> </table> </td> <td width=\"10\"> </td> </tr> </td> </tr> <tr> <td colspan=\"3\"> </td> <td width=\"590\" height=\"400\" valign=\"top\" class=\"maintb_endborders\"> <td width=\"10\"> </td> </tr> </table><br> </td> </tr> </table> </tr> </td> </table> <table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"792\" height=\"20\"> <tr> <td bgcolor=\"#000000\"> <div align=\"right\"><font class=\"wh\">Copyright © 2008 - Pet Show Off</font> </div> </td> </tr> </table>"; exit; } else { $getnfiletype = $HTTP_POST_FILES['uploadfile']['type']; $ncuttype=substr($getnfiletype,6,12); if ( $ncuttype == "jpeg" ) { $ncreate = "imagecreatefromjpeg"; $nformat = "jpg"; } if ( $ncuttype == "gif" ) { $ncreate = "imagecreatefromgif"; $nformat = "gif"; } if ( $ncuttype == "png" ) { $ncreate = "imagegreatefrompng"; $nformat = "png"; } $nuploadedfile = $HTTP_POST_FILES['uploadfile']['tmp_name']; $src = $ncreate($nuploadedfile); list($width,$height)=getimagesize($nuploadedfile); $newheight=140; $newwidth=($width/$height)*140; $tmp=imagecreatetruecolor($newwidth,$newheight); imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height); $rand=mt_rand(0, 32); $genra= md5($rand . time()); $magic="$genra"; $replaca=eregi_replace("[^[:alnum:]]", "-", $HTTP_POST_FILES['uploadfile']['name']); $filename = "uploads/members/thumbs/$magic.$replaca.$nformat"; $original = "uploads/members/$magic.$replaca.$nformat"; imagejpeg($tmp,$filename,100); imagejpeg($src,$original,100); imagedestroy($src); imagedestroy($tmp); $petpic = "$magic.$replaca.$nformat"; } $time=date("Y-m-d H:i:s"); $query="INSERT INTO pets VALUES('','$username','$time','$petname','$pettype','$petage','$petdesc','$petpic','5','1')"; $result= mysql_query($query) or die("Error: Couldnt add a pet to the database"); $query="SELECT * FROM pets WHERE pet_added='$time' AND pet_owner='$username' LIMIT 1"; $result= mysql_query($query) or die("Error cant extract pet id"); $thepetid=mysql_result($result,$i,"pet_id"); $query="INSERT INTO pets_pictures VALUES('','$thepetid','$username','$petpic','$time','0')"; $result= mysql_query($query) or die("Error cant insert pic to gallery"); echo "<center>Congratulations, you have added a new pet to your profile!<br><br><a href=\"/$username\"><font color=\"#000000\"><b>Click here to see it updated!</b></font></a><br>"; } } echo " </td> <td width=\"10\"> </td> </tr> </table>"; } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.