I am creating a social site and I give people the option to upload one or more posts. That part works fine.
My problem is if someone uploads a post without pictures, then it gets submitted to a function and everything is fine. But if someone submits a post with pictures the only thing that's wrong is, I can't get the id of the post so I can put it in one of the columns for the image(s).
I know what the problem is. When I try to use procedural programming to upload the post and images, I get the id and everything is fine. But when I use OOP to upload the post and then try to get the id it doesn't work. No errors or anything the value in the column just comes out to 0. Can someone help me please ?
$post = new Post($con, $userLoggedIn);
$title = trim(strip_tags(filter_var($_POST['title_post'], FILTER_SANITIZE_STRING )));
$body = trim(strip_tags(filter_var($_POST['post_text'], FILTER_SANITIZE_STRING )));
$post->submitPost($title, $body, 'none', $imageName);
if (!$errors) {
$id = mysqli_insert_id($con);
$stmt = $con->prepare("INSERT INTO post_images (image, post_id) VALUES (?, ?)");
$stmt->bind_param('si', $file_path, $id);
// Loop through each file
for( $i=0; $i < $file_count; $i++ ) {
$file_name = $_FILES['files']['name'][$i];
$file_size = $_FILES['files']['size'][$i];
$file_tmp = $_FILES['files']['tmp_name'][$i];
$imageFileType = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));
if ($file_size >= $maxsize) {
$errors = "Your file is too large";
} elseif ($imageFileType != "jpeg" && $imageFileType != "jpg" &&
$imageFileType != "png" && $imageFileType != "gif") {
$errors = "File type not allowed.";
}
//Make sure we have a file path
if (!$errors /* && $file_tmp != "" */) {
$picToUpload = $date_time . " -#- " . md5($file_name) . " -#- " . $_FILES['files']['name'][$i];
$uploadPicture = move_uploaded_file($file_tmp, "uploads/" . $picToUpload);
$file_path = "uploads/" . $picToUpload;
$stmt->execute();
}
}
}
Post.php:
public function submitPost($title, $body, $user_to, $imageName) {
$title = trim(strip_tags(filter_var($_POST['title_post'], FILTER_SANITIZE_STRING)));
$body = trim(strip_tags(filter_var($body, FILTER_SANITIZE_STRING)));
$check_empty = preg_replace('/\s+/', '', $body); //Deletes all spaces
$check_empty_title = preg_replace('/\s+/', '', $title); //Deletes all spaces
if($check_empty != "" || $check_empty_title != "" || $imageName != "") {
$body_array = preg_split("/\s+/", $body);
$title_array = preg_split("/\s+/", $title);
$body = implode(" ", $body_array);
$title = implode(" ", $title_array);
//Current date and time
$date_added = date("Y-m-d H:i:s");
//Get username
$added_by = $this->user_obj->getUsername();
//If user is on own profile, user_to is 'none'
if($user_to == $added_by) {
$user_to = "none";
}
//insert post
$query = $this->con->prepare("INSERT INTO posts (title, body, added_by, user_to, image)
VALUES (?, ?, ?, ?, ?)");
$query->bind_param("sssss", $title, $body, $added_by, $user_to, $imageName);
$query->execute();
$returned_id = mysqli_insert_id($this->con);
//Insert notification
if($user_to != 'none') {
$notification = new Notification($this->con, $added_by);
$notification->insertNotification($returned_id, $user_to, "profile_post");
}
//Update post count for user
$num_posts = $this->user_obj->getNumPosts();
$num_posts++;
$update_query = $this->con->prepare('UPDATE users SET num_posts = ? WHERE username = ?');
$update_query->bind_param("is", $num_posts, $added_by );
$update_query->execute();
$stopWords = "i you are gay am a about above brandon tisson";
$stopWords = preg_split("/[\s,]+/", $stopWords);
$no_punctuation = preg_replace("/[^a-zA-Z 0-9] +/", "", $body);
if (strpos($no_punctuation, "height") === false && strpos($no_punctuation, "width")
=== false && strpos($no_punctuation, "http") === false) {
$no_punctuation = preg_split("/[\s,]+/", $no_punctuation);
foreach ($stopWords as $value ) {
foreach ($no_punctuation as $key => $value2) {
if (strtolower($value) == strtolower($value2) ) {
$no_punctuation[$key] = "";
}
}
}
foreach ($no_punctuation as $value) {
$this->calculateTrend(ucfirst($value));
}
}
}
}
So in conclusion I'm trying to get the id of the post from a function in procedure style code.
You should return the post ID from submitPost(). Otherwise, if there are other inserts (such as in $notification->insertNotification()) they'll overwrite the ID returned by mysqli_insert_id($con).
It's also a little better to use $query->insert_id rather than mysqli_insert_id($this->con); since it's specific to that INSERT query, rather than the most recent INSERT on the same connection.
$post = new Post($con, $userLoggedIn);
$title = trim(strip_tags(filter_var($_POST['title_post'], FILTER_SANITIZE_STRING )));
$body = trim(strip_tags(filter_var($_POST['post_text'], FILTER_SANITIZE_STRING )));
$id = $post->submitPost($title, $body, 'none', $imageName);
if (!$errors) {
$stmt = $con->prepare("INSERT INTO post_images (image, post_id) VALUES (?, ?)");
$stmt->bind_param('si', $file_path, $id);
// Loop through each file
for( $i=0; $i < $file_count; $i++ ) {
$file_name = $_FILES['files']['name'][$i];
$file_size = $_FILES['files']['size'][$i];
$file_tmp = $_FILES['files']['tmp_name'][$i];
$imageFileType = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));
if ($file_size >= $maxsize) {
$errors = "Your file is too large";
} elseif ($imageFileType != "jpeg" && $imageFileType != "jpg" &&
$imageFileType != "png" && $imageFileType != "gif") {
$errors = "File type not allowed.";
}
//Make sure we have a file path
if (!$errors /* && $file_tmp != "" */) {
$picToUpload = $date_time . " -#- " . md5($file_name) . " -#- " . $_FILES['files']['name'][$i];
$uploadPicture = move_uploaded_file($file_tmp, "uploads/" . $picToUpload);
$file_path = "uploads/" . $picToUpload;
$stmt->execute();
}
}
}
public function submitPost($title, $body, $user_to, $imageName) {
$title = trim(strip_tags(filter_var($_POST['title_post'], FILTER_SANITIZE_STRING)));
$body = trim(strip_tags(filter_var($body, FILTER_SANITIZE_STRING)));
$check_empty = preg_replace('/\s+/', '', $body); //Deletes all spaces
$check_empty_title = preg_replace('/\s+/', '', $title); //Deletes all spaces
if($check_empty != "" || $check_empty_title != "" || $imageName != "") {
$body_array = preg_split("/\s+/", $body);
$title_array = preg_split("/\s+/", $title);
$body = implode(" ", $body_array);
$title = implode(" ", $title_array);
//Current date and time
$date_added = date("Y-m-d H:i:s");
//Get username
$added_by = $this->user_obj->getUsername();
//If user is on own profile, user_to is 'none'
if($user_to == $added_by) {
$user_to = "none";
}
//insert post
$query = $this->con->prepare("INSERT INTO posts (title, body, added_by, user_to, image)
VALUES (?, ?, ?, ?, ?)");
$query->bind_param("sssss", $title, $body, $added_by, $user_to, $imageName);
$query->execute();
$returned_id = $query->insert_id;
//Insert notification
if($user_to != 'none') {
$notification = new Notification($this->con, $added_by);
$notification->insertNotification($returned_id, $user_to, "profile_post");
}
//Update post count for user
$num_posts = $this->user_obj->getNumPosts();
$num_posts++;
$update_query = $this->con->prepare('UPDATE users SET num_posts = ? WHERE username = ?');
$update_query->bind_param("is", $num_posts, $added_by );
$update_query->execute();
$stopWords = "i you are gay am a about above brandon tisson";
$stopWords = preg_split("/[\s,]+/", $stopWords);
$no_punctuation = preg_replace("/[^a-zA-Z 0-9] +/", "", $body);
if (strpos($no_punctuation, "height") === false && strpos($no_punctuation, "width")
=== false && strpos($no_punctuation, "http") === false) {
$no_punctuation = preg_split("/[\s,]+/", $no_punctuation);
foreach ($stopWords as $value ) {
foreach ($no_punctuation as $key => $value2) {
if (strtolower($value) == strtolower($value2) ) {
$no_punctuation[$key] = "";
}
}
}
foreach ($no_punctuation as $value) {
$this->calculateTrend(ucfirst($value));
}
}
}
return $returned_id;
}
Related
I am trying to save a picture into my database along with the path file. But what it does now is incorrect. It only saves the image into the database and not the entire image path. What's wrong?
I do the exact same thing with this code in another project and can't wrap my head around the problem here.
$userPic = '';
$date_time = date('Y-m-d_H-i-s');
if(!empty($userLoggedIn)) {
if (isset($_FILES['fileToUpload'])) {
$errors = array();
$file_name = $_FILES['fileToUpload']['name'];
$file_size = $_FILES['fileToUpload']['size'];
$width = 1500;
$height = 1500;
$file_tmp = $_FILES['fileToUpload']['tmp_name'];
$file_type = $_FILES['fileToUpload']['type'];
$tmp = explode('.', $_FILES['fileToUpload']['name']);
$file_ext = strtolower (end ($tmp));
$extensions = array("jpeg", "jpg", "png", "gif");
if(in_array($file_ext, $extensions) === false) {
$errors[] = "extension not allowed. Please choose a JPEG or PNG file.";
}
if ($file_size > 8097152) {
$errors[] = 'File size must be 2 MB';
}
if ($width > 1500 || $height > 1500) {
echo"File is to large";
}
if(!$errors) {
$userPic = md5($_FILES["fileToUpload"]["name"]) . $date_time . " " . $file_name;
move_uploaded_file($file_tmp, "assets/images/profile_pics/" . $userPic);
$stmt = $con->prepare("UPDATE users SET profile_pic = ? WHERE username = ?");
$stmt->bind_param('ss', $userPic, $username);
$stmt->execute();
$stmt->close();
}
}
}
else {
echo "Invalid Username";
}
You can assign another variable that contains both the path and the variable for the image you used, and then use that variable in your query:
$file_path = "assets/images/profile_pics/".$userPic;
Your code:
if(!$errors) {
$userPic = md5($_FILES["fileToUpload"]["name"]) . $date_time . " " . $file_name;
move_uploaded_file($file_tmp,"assets/images/profile_pics/" . $userPic);
$imag_path = "assets/images/profile_pics/" . $userPic;
$stmt = $con->prepare("UPDATE users SET profile_pic = ? WHERE username = ?");
$stmt->bind_param('ss', $imag_path, $username);
$stmt->execute();
$stmt->close();
}
Try this:
You save only the new image name, not path.
I am trying to make my two file uploads optional when inserting data into mySQL db, and uploading the files to my server. When I uploading both files to a new entry, the upload is successful. If I don't upload 1 or both files, I receive an error. Thank you so much for your help.
<?php require_once($_SERVER['DOCUMENT_ROOT']."/includes/session.php");?>
<?php require_once($_SERVER['DOCUMENT_ROOT']."/includes/db_connection.php");?>
<?php
session_start();
if($_SESSION["login_user"] != true) {
echo("Access denied!");
exit();
}
?>
<?php require_once($_SERVER['DOCUMENT_ROOT']."/includes/functions.php");?>
<?php require_once($_SERVER['DOCUMENT_ROOT']."/includes/validation_functions.php");?>
<?php
if (isset($_POST['submit'])) {
// Process the form
$visible = mysqli_prep($_POST["visible"]);
$homepage = mysqli_prep($_POST["homepage"]);
$type = mysqli_prep($_POST["type"]);
$publication_name = mysqli_prep($_POST["publication_name"]);
$publication_url = mysqli_prep($_POST["publication_url"]);
$month = mysqli_prep($_POST["month"]);
$date = mysqli_prep($_POST["date"]);
$year = mysqli_prep($_POST["year"]);
$title = mysqli_prep($_POST["title"]);
$author = mysqli_prep($_POST["author"]);
$summary = mysqli_prep($_POST["summary"]);
$full_text = mysqli_prep($_POST["full_text"]);
$tag_1 = mysqli_prep($_POST["tag_1"]);
$tag_2 = mysqli_prep($_POST["tag_2"]);
$tag_3 = mysqli_prep($_POST["tag_3"]);
$tag_4 = mysqli_prep($_POST["tag_4"]);
$tag_5 = mysqli_prep($_POST["tag_5"]);
$tag_6 = mysqli_prep($_POST["tag_6"]);
$tag_7 = mysqli_prep($_POST["tag_7"]);
$image = rand(1000,100000)."-".$_FILES['image']['name'];
$image_loc = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_type = $_FILES['image']['type'];
$image_folder="images/";
$file = rand(1000,100000)."-".$_FILES['file']['name'];
$file_loc = $_FILES['file']['tmp_name'];
$file_size = $_FILES['file']['size'];
$file_type = $_FILES['file']['type'];
$file_folder="files/";
$image_new_size = $image_size/1024;
$file_new_size = $file_size/1024;
$new_image_name = strtolower($image);
$new_file_name = strtolower($file);
$final_image=str_replace(' ','-',$new_image_name);
$final_file=str_replace(' ','-',$new_file_name);
if(move_uploaded_file($image_loc,$image_folder.$final_image))
if(move_uploaded_file($file_loc,$file_folder.$final_file))
$query = "INSERT INTO `news` (";
$query .= "visible, homepage, type, publication_name, publication_url, month, date, year, title, author, summary, full_text, tag_1, tag_2, tag_3, tag_4, tag_5, tag_6, tag_7, image, image_type, image_size, file, file_type, file_size ";
$query .= ") VALUES (";
$query .= " '{$visible}', '{$homepage}', '{$type}', '{$publication_name}', '{$publication_url}', '{$month}', '{$date}', '{$year}', '{$title}', '{$author}', '{$summary}', '{$full_text}', '{$tag_1}', '{$tag_2}', '{$tag_3}', '{$tag_4}', '{$tag_5}', '{$tag_6}', '{$tag_7}', '{$final_image}','{$image_type}','{$image_new_size}', '{$final_file}','{$file_type}','{$file_new_size}'";
$query .= ")";
$result = mysqli_query($connection, $query);
if ($result) {
// Success
$_SESSION["message"] = "Item created.";
redirect_to("manage_content.php");
} else {
// Failure
//$_SESSION["message"] = "Item creation failed.";
//redirect_to("new_news.php");
echo "Error: " . $query . "<br>" . $result->error;
}
} else {
// This is probably a GET request
redirect_to("new_news.php");
}
?>
<?php
if (isset($connection)) { mysqli_close($connection); }
?>
you can use this and hence get rid of your error.Hope this helps you.
$final_image = $image_type = $image_new_size = $final_file = $file_type = $file_new_size = "";
if($_FILES) {
$image = rand(1000,100000)."-".$_FILES['image']['name'];
$image_loc = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_type = $_FILES['image']['type'];
$image_folder="images/";
$file = rand(1000,100000)."-".$_FILES['file']['name'];
$file_loc = $_FILES['file']['tmp_name'];
$file_size = $_FILES['file']['size'];
$file_type = $_FILES['file']['type'];
$file_folder="files/";
$image_new_size = $image_size/1024;
$file_new_size = $file_size/1024;
$new_image_name = strtolower($image);
$new_file_name = strtolower($file);
$final_image=str_replace(' ','-',$new_image_name);
$final_file=str_replace(' ','-',$new_file_name);
if(move_uploaded_file($image_loc,$image_folder.$final_image))
if(move_uploaded_file($file_loc,$file_folder.$final_file))
}
I would be glad if you help me with this PHP code .
I made an upload form which only supports .pdf , .docx and .rtf files .
the file gets uploaded but it can't determine if the file type is pdf , docx or rtl or just non of them . Any solutions to fix this?
well I did a few searches in stackoverflow , some of the members did same as i do but mine still doesn't work.
This code gets a file from an input . It uploads the file to server , on a specific folder , and then it saves the file's name on database.
<?php
function query($q)
{
$dbconnection = mysql_connect('127.0.0.1' , 'root' , '');
$database = mysql_select_db('hire_requests');
mysql_set_charset("utf8",$dbconnection);
$res = mysql_query($q,$dbconnection);
mysql_close($dbconnection);
return $res;
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$error = '';
$alarm = false;
$success = false;
$changedname = '';
$name = '';
$lastname = '';
$phonenumber;
$nnumber;
$type ='';
$mail = '';
$resume;
$type = '';
$notify = '';
$nameErr= "";
$mailErr = "";
$resumeErr = "";
$nnumberErr = "";
$lastnameErr = "";
$phonenumberErr = "";
$notsentErr = "";
$sizeErr = "";
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
$name = mysql_real_escape_string($_POST['name']);
$lastname = mysql_real_escape_string($_POST['lastname']);
$phonenumber = mysql_real_escape_string($_POST['phonenumber']);
$nnumber = mysql_real_escape_string($_POST['nnumber']);
$mail = mysql_real_escape_string($_POST['mail']);
if(isset($_FILES['resume']))
{
$filename = $_FILES['resume']['name'];
$filesize = $_FILES['resume']['size'];
$filetype = $_FILES['resume']['type'];
$filetmp = $_FILES['resume']['tmp_name'];
if($_FILES['resume']['error'] !== 0)
{
$alarm = true;
}
$AllowedTypesArray = array('docx' , 'rtf' , 'pdf');
$changedname = 'Rayka_' . rand(1000,9000) . '_' . '5SV4DFS_A245DFA' . '_' . time() . '_' . $name;
$info = pathinfo($filename , PATHINFO_EXTENSION);
if($alarm = true)
{
}
if($filetype == 'application/pdf' )
{
$type = '.pdf';
}
if($filetype == 'application/msword' )
{
$type = '.docx';
}
if($filetype == 'application/rtf')
{
$type = '.rtf';
}
if(!$type)
{
$resumeErr = "file's type is not supported";
}
if(!in_array($info , $AllowedTypesArray)) //checks if filetype is pdf , rtl or docx and also , checks if the file is less than 2 mbs or not .
{
$error = "file's type is not supported";
$alarm = true;
}
if($filesize > 2097152)
{
$sizeErr ="Your file must be less than 2 Mbs";
}
$path = dirname(__FILE__).'/_ufile/'.$changedname . $type;
var_dump($path);
if(!move_uploaded_file($_FILES['resume']['tmp_name'] , $path) )
{
$alarm = true;
$notsentErr = 'File was not sent';
}
}
if(!isset($_FILES['resume']))
{
$resumeErr = 'attachment is not chosen';
$alarm = true;
}
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
if (empty($_POST["name"]))
{
$nameErr = "Enter your name";
}
else
{
$name = test_input($_POST["name"]);
}
}
if(empty($_POST['lastname']))
{
$lastnameErr = "Enter your last name";
}
else {
$lastname = test_input($_POST['lastname']);
}
if(empty($_POST['phonenumber']))
{
$phonenumberErr = "Enter your phone number";
}
else
{
$phonenumber = test_input($_POST['phonenumber']);
}
if(empty($_POST['nnumber']))
{
$nnumberErr = "Enter your second phone number";
}
else
{
$nnumber = test_input($_POST['nnumber']);
}
if(empty($_POST['mail']))
{
$mailErr = "enter your email address";
}
else
{
$mail = test_input($_POST['mail']);
}
if((!$nameErr) && (!$lastnameErr) && (!$mailErr) && (!$phonenumberErr) && (!$nnumberErr) && (!$notsentErr) && (!$sizeErr))
{
$query = "INSERT INTO users (`id`,`name`, `lastname`, `phonenumber`, `nnumber`, `mail`, `resume`) VALUES (NULL , \"$name\",\"$lastname\",\"$phonenumber\",\"$nnumber\",\"$mail\",\"$changedname\")";
$notify = "Successful";
$success = true;
$insert = query($query);
$error2 = mysql_error();
}
}
?>
Here what i use (i changed for you needs) :
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($finfo, $_FILES['resume']['tmp_name']);
$ok = false;
switch ($mime) {
case 'application/pdf':
case 'application/msword':
case 'text/pdf':
case 'application/rtf':
case 'application/x-rtf':
case 'text/richtext':
case 'application/vnd.openxmlformats-officedocument.wordprocessingml.document':
$ok = true;
break;
default:
die();
}
Here the complete mime type list : https://www.sitepoint.com/web-foundations/mime-types-complete-list/
I readed all about this in PHP.net but i can't find the solution. I know how to upload files into a new row in Mysql and PHP, but I don't know how to UPDATE a row and not delete the previous uploaded file if I don't upload anything.
For example, I have this form:
LOGO
Name of Business
Image 1
For example: I have this in MYSQL:
LOGO: /img/logo1.png
NAME: business1
IMAGE 1: ""
I want to do if I don't upload anything in LOGO and I'm editing this business (leaving in blank the input file of LOGO), do not upload my logo and SET a blank one ("").
This is the code of PHP:
define("MAX_SIZE", "2000");
function getExtension($str) {
$i = strrpos($str, ".");
if (!$i) {
return "";
}
$l = strlen($str) - $i;
$ext = substr($str, $i + 1, $l);
return $ext;
}
$errors = 0;
$image = $_FILES['foto0']['name'];
$image1 = $_FILES['foto1']['name'];
if ($image) {
$filename = stripslashes($_FILES['foto0']['name']);
$extension = getExtension($filename);
$extension = strtolower($extension);
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {
$errors = 1;
$falloExtension = true;
} else {
$size = filesize($_FILES['foto0']['tmp_name']);
if ($size > MAX_SIZE * 2024) {
$errors = 1;
$falloLimite = true;
}
$image_name = uniqid() . '.' . $extension;
$newname = "img/detalles/" . $image_name;
$newname2 = "img/detalles/" . $image_name;
$copied = copy($_FILES['foto0']['tmp_name'], $newname2);
if($copied) {
$copiar = "UPDATE negocios SET logo='$newname' WHERE id=$numNegocio";
$resultado = $mysqli->query($copiar);
//header("location: ../anunciate.php");
} else {
//header("location: ../anunciate.php?fallo=true");
}
}
}
if ($image1) {
$filename = stripslashes($_FILES['foto1']['name']);
$extension = getExtension($filename);
$extension = strtolower($extension);
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {
$errors = 1;
$falloExtension = true;
} else {
$size = filesize($_FILES['foto1']['tmp_name']);
if ($size > MAX_SIZE * 2024) {
$errors = 1;
$falloLimite = true;
}
$image_name = uniqid() . '.' . $extension;
$newname = "img/detalles/" . $image_name;
$newname2 = "img/detalles/" . $image_name;
$copied = copy($_FILES['foto1']['tmp_name'], $newname2);
if($copied) {
$copiar = "UPDATE galerias SET imagen1='$newname' WHERE negocios_id=$numNegocio";
$resultado = $mysqli->query($copiar);
//header("location: ../anunciate.php");
} else {
//header("location: ../anunciate.php?fallo=true");
}
}
}
if(isset($_POST['modificanegocio'])) {
$nombrePOST = $_POST['nombre'];
$categoriaPOST = $_POST['categoria'];
$direccionPOST = $_POST['direccion'];
$telefonoPOST = $_POST['telefono'];
$correoPOST = $_POST['correo'];
$descripcionPOST = $_POST['descripcion'];
$horarioPOST = $_POST['horario'];
$paginawebPOST = $_POST['paginaweb'];
$keywordsPOST = $_POST['keywords'];
$latPOST = $_POST['lat'];
$longPOST = $_POST['long'];
$facebookPOST = $_POST['facebook'];
$googlePOST = $_POST['google'];
$twitterPOST = $_POST['twitter'];
$insagramPOST = $_POST['insagram'];
$logoPOST = $_POST['logo'];
if($modificaNegocio = $mysqli->query("UPDATE negocios SET name = '$nombrePOST, logo = '$logoPOST', image1 = $image1POST WHERE id = $id")) {
$modifica = true;
} else {
$modifica = false;
}
}
I solved this spliting the MYSQL code:
$query = "UPDATE negocios SET nombre = '$nombrePOST'";
if($image != "" || $image != null) {
//NOW I WILL UPLOAD THE IMAGE HERE AND UPLOAD THE QUERY
}
$query .= " WHERE id = $id";
if($modificaNegocio = $mysqli->query($query)) {
$modifica = true;
} else {
$modifica = false;
}
}
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I can't figure out what's causing this error:
Parse error: syntax error, unexpected T_PUBLIC
It says the error is occuring on the second line of this code (public function upload($uid = 'public').
//--> Uploads the file
public function upload($uid = 'public')
{
//Get file details
if(isset($_GET['ajax']))
{
if(!$_SERVER['HTTP_X_FILE_SIZE'] > 0) return false;
$filename = strip_tags($_SERVER['HTTP_X_FILE_NAME']);
$file_type = $_SERVER['HTTP_X_FILE_TYPE'];
$size = round($_SERVER['HTTP_X_FILE_SIZE']/1000, 3);
}
else
{
if($_FILES["files"]["error"] > 0 or empty($_FILES)) return false;
$filename = strip_tags($_FILES['files']['name']);
$file_type = $_FILES['files']['type'];
$size = round($_FILES['files']['size']/1000, 3);
}
//FF null type fix
if( $file_type == null || strlen($file_type) == 0 ) $file_type = "unknown";
//Reduce filename to < 255 char
if(strlen( $filename ) > 255 )
{
$filename = urldecode($filename);
$filename = substr($filename, 0, 36) . '--.' . pathinfo($filename, PATHINFO_EXTENSION);
$filename = urlencode($filename);
}
//Check file size
if($size > (maxFileSize/1000))
{
$this->errorMessage = "file too large";
return false;
}
//Check file type
if( limitFileTypes and !in_array($file_type, explode(',', allowedFileTypes)) )
{
$this->errorMessage = "file type not allowed";
return false;
}
$db = $this->connectDB();
$share = isset($_GET['ajax'])?$_SERVER['HTTP_BITDROPSHARE']:$_POST['bitdrop_share'];
$share = ($share == 'true' || $share == 'share' )? 1 : 0;
$password = isset($_GET['ajax'])?$_SERVER['HTTP_BITDROPPASS']:$_POST['bitdrop_password'];
//Find an available shortURL
$res = $db->prepare("select count(shortURL) from share where binary shortURL = ?;");
do
{
$shortURL = $this->shortURL();
$res->execute(array($shortURL));
$data = $res->fetchAll(PDO::FETCH_COLUMN, 0);
}
while($data[0] != 0);
$password = ( is_null($password) or strlen($password)==0 ) ? 0 : sha1($password . $shortURL) ;
$q = "insert into details (date, name, size, type, public, password) values (now(), ?, ?, ?, ?, ?)";
$data = array($filename, $size, $file_type, $share, $password);
$res = $db->prepare($q);
//exec command or print error
if(!$res->execute($data)) print_r($db->errorInfo());
$fid = $db->lastInsertId();
$q = "insert into share (shortURL, file_id) values (?, ?)";
$data = array($shortURL, $fid);
$res = $db->prepare($q);
$res->execute($data);
//Connect unique user to file
$tid = $this->addTag("_$uid");
$q = "insert into `fid-tid` (file_id, tag_id) values ('$fid', '$tid');";
$res = $db->prepare($q);
$res->execute();
$file = $_SERVER[DOCUMENT_ROOT] . "/uploads/$fid.temp";
$this->log('upload', '{ "uid" : "'.$uid.'", "fid" : "'.$fid.'", "shortURL" : "'.$shortURL.'" }');
$db = null;
//Upload file
if(isset($_GET['ajax']))
{
if(!isset($_SERVER['HTTP_X_FILE_NAME']) && !isset($_SERVER['CONTENT_LENGTH']))
{
$this->errorMessage = "no headers found";
return false;
}
$fileReader = fopen('php://input', "r");
$fileWriter = fopen($file, "w+");
while(true)
{
$buffer = fgets($fileReader, 4096);
if(strlen($buffer) == 0)
{
fclose($fileReader);
fclose($fileWriter);
$this->createThumb($fid, $shortURL);
$this->shortURL = $shortURL;
return true;
}
fwrite($fileWriter, $buffer);
}
}
else
{
move_uploaded_file($_FILES["files"]["tmp_name"], $file);
$this->createThumb($fid, $shortURL);
$this->shortURL = $shortURL;
return true;
}
}
You are defining function public.
The public is a keyword for Object Orieneted Programming.
But, as per your code, there is no class defined, therefore, there is no use public keyword.
Just remove the public keyword.
Corrected code:
function upload($uid = 'public')