Jump to content

update dynamically added files or image script....


zenag
 Share

Recommended Posts

::)

page1.php

<?

$con=mysql_connect("localhost","root","");

mysql_select_db("databasename",$con);

$id=$_GET["var"];

echo $id;

 

?>

 

 

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Untitled Document</title><link href="css/admin_style.css" rel="stylesheet" type="text/css" />

 

<script type="text/javascript" src="script.js"></script>

 

</head>

 

<body>

 

 

<form action="page2.php"  name="form1" method="post" enctype="multipart/form-data" onSubmit="return validate_empty(this.form);">

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<div align="center">

  <table width="744" border="0" cellpadding="0" cellspacing="0" >

    <!--DWLayoutTable-->

    <tr>  <?php if($_GET["var"]) {

 

$qryAnnouncement=mysql_query("select * from post_add_picture where add_id ='$_GET[var]'");

 

while($row=mysql_fetch_array($qryAnnouncement)){

?>

   

  <td > File Upload<span style="color:red"> *</span><br />

<input name="file[]" type="file" class="Textfield"  size="42" style="border:1px solid #c2c2c2"/></td>

      </tr><tr><td><? echo $row["ad_picture"]; ?></td></tr>

</td> <?

  }

 

 

 

  ?><?

  $tsv  = array();

$html = array();

$sql = mysql_query("select * from post_add_picture where add_id ='$_GET[var]'");

  while ($rowqw = mysql_fetch_array($sql))

  {

  $value[] = $rowqw["ad_picture"];

  //echo $value;

  $tsv  = implode(",", $value); 

  }

 

 

  ?><?php echo $tsv;?> <input type="hidden" name="new[]" value="<?php echo $tsv;?>" />

                        <input type="hidden" name="id" value="<?php echo $id;?>" />

                        <input type="hidden" name="edit" value="edit" />

  <input type="submit" name="announce_submit" value="Update"  />

      <td width="10" height="96"> </td>

      <td width="316"></td>

      <td width="5">name</td>

      <td width="168"> </td>

      <td width="150"> </td>

      <td width="95"> </td>

      </tr><? }?>

 

    </table>

  <!--   

  <table width="100%" border="0" cellpadding="0" cellspacing="0" id="product"class="maintxt" >

      <tr>

  <td > File Upload<span style="color:red"> *</span><br />

<input name="file[]" type="file" class="Textfield"  size="42"  style="border:1px solid #c2c2c2"/></td>

  <td height="24" colspan="2" align="right" ><input name="increment" type="button" class="mtxt" id="increment" onClick="insert_row('product')" value="Add"/>    

  <input name="decrement" type="button" class="mtxt" id="decrement" onClick="removeRowFromTable('product')" value="Remove"/></td>

  <td> </td>

      <td> </td>

      <td> </td>

      <td> </td>

    <tr>-->

     

      <td colspan="2" valign="top"></td>

      <td colspan="2" valign="top">

        <label>

         

        </label>      </td>

   

 

    </table>

   

   

<table width="100%" border="0" cellpadding="0" cellspacing="0" class="maintxt" id="product">

      <tr>

 

  <td > File Upload<span style="color:red"> *</span><br />

<input name="file[]" type="file" class="Textfield" id="prod_image[]" size="42" style="border:1px solid #c2c2c2"/></td>

      </tr>

<tr>

  <td height="24" colspan="2" align="right" ><input name="increment" type="button" class="mtxt" id="increment" onClick="insert_row('product')" value="Add"/>    

  <input name="decrement" type="button" class="mtxt" id="decrement" onClick="removeRowFromTable('product')" value="Remove"/></td><td >

  <td> </td>

      <td> </td>

      <td> </td>

      <td> </td>

      </tr>

    <tr> 

    </table>

<?

  if(!$_GET["var"])

  {?>

    <tr>  <td >

          <label>

          <div align="center">

            <input type="submit" name="Insert" value="Insert" />

        </div>          </label>    </td> <?

}?></td></tr>

 

 

     

 

 

 

</div></form>

</body>

</html>

-----------------

page2.php

 

<?

$con=mysql_connect("localhost","root","");

mysql_select_db("databasename",$con);

 

$addid=$_POST["add_id"];

 

 

 

 

$fileName=$_FILES['file']['name'];

 

 

while(list($key,$value) = each($_FILES['file']['name']))

{

$folder="/uploads/";

$fil = $value;

$add = $folder.$fil;

             

copy($_FILES['file']['tmp_name'][$key], $add);

 

 

}

 

if($_POST['edit'])

{

$addid=$_POST["id"];

 

$folder="/uploads/";

$filess=implode(",",$_POST['new']);

 

$a = explode(",",$filess);

 

 

foreach($a as $key=>$value)

{

unlink("/uploads/".$value);

 

$image_name=move_uploaded_file($_FILES['new']['tmp_name'],$folder.$_FILES['new']['name']);

}

 

 

$image_name=$_POST['new'];

 

$qry="update post_add_picture set ad_picture='$image_name'where id='$addid'";

  }

 

else{

 

 

while(list($key,$value) = each($_FILES['file']['name']))

{

 

if(!empty($value))

{   

    $folder="/uploads/";

$filename = $value;

$add = $folder.$filename;

echo $add;               

copy($_FILES['file']['tmp_name'][$key], $add);

 

}

}

$fileName = $_FILES['file']['name'];

$file=implode(",",$fileName);

for($i=0;$i<count($fileName);$i++)

    { 

$fileName[$i];

$picture = $newfile;

$size = $_POST[pic_size];

mysql_query("INSERT INTO post_add_picture(add_id,ad_picture,pic_size,created_date)VALUES('$addid','$fileName[$i]','$size', CURDATE())");

}

 

 

 

?>

 

 

<html><body><table><?php

$qryAnnouncement=mysql_query("select * from post_add_picture ");

while($row=mysql_fetch_array($qryAnnouncement))

{

?><tr><td><? echo $row["ad_picture"];?></td></tr><tr><td>

<a href="tas.php?var=<? echo $row["add_id"];?>">go</a></td></tr>

<?

}

 

?></table>

 

</body>

</html>

 

<?

}

?>

---------------------------

script.js

 

var glob;

glob = 1;

function insert_row(tablename)

{

 

var the_table = document.getElementById(tablename);

var new_row_index = the_table.rows.length;

glob = glob + 1;

the_table.insertRow(new_row_index);

the_table.rows[new_row_index].insertCell(0);

the_table.rows[new_row_index].cells[0].innerHTML =(the_table.rows[0].innerHTML);

}

 

function removeRowFromTable(tblSample)

{

  var tbl = document.getElementById(tblSample);

  var lastRow = tbl.rows.length;

  if (lastRow > 1) tbl.deleteRow(lastRow - 1);

}

 

 

Link to comment
Share on other sites

  • 4 weeks later...

You must be an incredibly trusting indvidual, but you should probably go ahead and sanitize your input on your SQL calls and file uploads.  Even if this code is going to be in a "secure" part of your website, you shouldn't leave the keys in the ignition, so to speak. 

 

Link to comment
Share on other sites

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.