I'm trying to upload a video to a folder which is working but, the relevant entry in the DB isn't occurring to match it. Really having trouble seeing what's wrong, as no errors are reported.
session_start();
require 'db.php';
$name = $_FILES['video']['name'];
$uploader = $_SESSION['first_name'].$_SESSION['last_name'];
$newstring = $_SESSION['last_name'].'_'.$_SESSION['first_name'].'_'.date('ymdhms').".mp4";
$extension = strtolower(substr($name, strpos($name, '.') + 1));
$size = $_FILES['video']['size'];
$max_size = '1073741824';
$type = $_FILES['video']['type'];
$id = $_SESSION['id'];
$date = date('Y-m-D');
$tmp_name = $_FILES['video']['tmp_name'];
if(!empty($name)){
$location = "uploads/";
if($extension=='mp4'&&$type == 'video/mp4'){
if($size <= $max_size){
if(move_uploaded_file($tmp_name, $location.$newstring)){
$sql = "INSERT INTO videos (file_name, upload_by, date) VALUES
('$newstring', '$id', '$date')";
mysqli_query($mysqli, $sql);
require('profile.php');
$_SESSION['message'] = "Upload Successful!";
header('Refresh:0; url=profile.php');
}else{
$_SESSION['message'] = "File failed to upload";
header("location: error.php");
}
I'm not getting a corresponding DB entry. Any help would be really appreciated.
Try this:
$sql = "INSERT INTO videos (file_name, upload_by, date) VALUES
('".$newstring."', '".$id."', '".$date."')";
Related
this api code is in php and server is in digitalocen and ubuntu 16.04.
we are try upload file but every time we show the error param missing .
we are try thi change folder permission 777 but nothing steel file is not uploading.the same code working 2 days ego but now code is not working.
<?php
include('conn.php');
include('function.php');
$user_id = $_POST['user_id'];
$dute_user_id = $_POST['dute_user_id'];
$music_id = $_POST['music_id'];
$music = $_FILES['music']['name'];
$hashtags = $_POST['hashtags'];
$video = $_FILES['video']['name'];
$gif = $_FILES['gif']['name'];
$microtime = round(microtime(true) * 1000);
validate_user($con, $user_id);
if($user_id=="" || $video=="" || $gif=="" || ($music_id=="" && $music=="")){
$res['status'] = 0;
$res['msg'] = "param missing";
echo json_encode($res);
die;
}
else{
$user_data = mysqli_fetch_assoc(mysqli_query($con, "SELECT * FROM `user` WHERE `user_id`='".$user_id."'"));
if($music_id=="" && $music!=""){
$music = basename($_FILES["music"]["name"]);
$fileType = strtolower(pathinfo($music,PATHINFO_EXTENSION));
$music_file = "music/" . $microtime .".". $fileType;
move_uploaded_file($_FILES["music"]["tmp_name"], $music_file);
$title = "original - " . $user_data['user_name'] . rand(1111,9999);
mysqli_query($con, "INSERT INTO `music` (`title`, `user_id`, `m_link`, `time`) VALUES ('".$title."', '".$user_id."', '".$music_file."', '".$microtime."')");
$music_id = mysqli_insert_id($con);
mysqli_query($con, "INSERT INTO `m_category` (`music_id`, `category_id`) VALUES ('".$music_id."', '1')");
}
if($video!=""){
$video = basename($_FILES["video"]["name"]);
$fileType = strtolower(pathinfo($video,PATHINFO_EXTENSION));
$video_file = "video/" . $microtime .".". $fileType;
move_uploaded_file($_FILES["video"]["tmp_name"], $video_file);
}
if($gif!=""){
$gif = basename($_FILES["gif"]["name"]);
$fileType = strtolower(pathinfo($gif,PATHINFO_EXTENSION));
$gif_file = "gif/" . $microtime .".". $fileType;
move_uploaded_file($_FILES["gif"]["tmp_name"], $gif_file);
}
mysqli_query($con, "INSERT INTO `post`(`music_id`, `v_url`, `user_id`, `dute_user_id`, `gif_url`, `time`) VALUES ('".$music_id."', '".$video_file."', '".$user_id."', '".$dute_user_id."', '".$gif_file."', '".$microtime."')");
$post_id = mysqli_insert_id($con);
if($dute_user_id!=""){
mysqli_query($con, "INSERT INTO `post_hashtag`(`post`, `hashtag`) VALUES ('".$post_id."','duet')");
}
if($hashtags!=""){
$hashtag = explode("#", $hashtags);
for($i=0; $i < count($hashtag); $i++) {
mysqli_query($con, "INSERT INTO `post_hashtag`(`post`, `hashtag`) VALUES ('".$post_id."','".$hashtag[$i]."')");
}
}
$res['status'] = 1;
$res['msg'] = "Post Uploaded Successfully";
echo json_encode($res);
die;
}
?>
result
{"status":0,"msg":"param missing"}
here is postman error image
So I'm trying to get the max id of a table which I can do using
SELECT * FROM forsale ORDER BY StockID DESC LIMIT 0,1
I then save the result so I can use it in another table for reference when displaying images. The only issue is when I print the result it shows the MAX id but no inputting it into the table? Does anyone have an suggestions? I have code prior to this inputting into the forsale table and I am then getting the ID of that record. Here's what I get in the table, here's the code:
if(isset($_POST['add'])){
include '../Login-System/db.php';
$make = mysqli_real_escape_string($conn, $_POST['Make']);
$model = mysqli_real_escape_string($conn, $_POST['Model']);
$variant = mysqli_real_escape_string($conn, $_POST['Variant']);
$year = mysqli_real_escape_string($conn, $_POST['Year']);
$mileage = mysqli_real_escape_string($conn, $_POST['Mileage']);
$fuel = mysqli_real_escape_string($conn, $_POST['Fuel']);
$doors = mysqli_real_escape_string($conn, $_POST['Doors']);
$trans = mysqli_real_escape_string($conn, $_POST['transmission']);
$enginesize = mysqli_real_escape_string($conn, $_POST['Enginesize']);
$price = mysqli_real_escape_string($conn, $_POST['Price']);
$description = mysqli_real_escape_string($conn, $_POST['description']);
$makeupper = strtoupper($make);
$modelupper =strtoupper($model);
$variantupper =strtoupper($variant);
$sqlcarinsert = "INSERT INTO forsale (make, model, variant, year, mileage, fuel, doors, trans, enginesize, price, description) VALUES ('$makeupper','$modelupper','$variantupper','$year','$mileage','$fuel','$doors','$trans','$enginesize','$price','$description');";
//Image Upload
//Find next StockID
$sql = "SELECT * FROM forsale ORDER BY StockID DESC LIMIT 0, 1";
$result = mysqli_query($conn, $sql);
$stockIDtable = mysqli_fetch_assoc($result);
$stockID = $stockIDtable['StockID'];
if(!empty($_FILES['files']['name'][0])){
$files = $_FILES['files'];
//File Extensions allowed
$allowed = array('jpg', 'jpeg', 'png');
foreach ($files['name'] as $position => $file_name) {
$file_tmp = $files['tmp_name'] [$position];
$file_size = $files['size'] [$position];
$file_error = $files['error'] [$position];
//Order
$orderimg = $position;
//Get file extension
$FileExt = explode('.', $file_name);
$endext = end($FileExt);
$fileActualExt = strtolower($endext);
if (in_array($fileActualExt, $allowed)) {
//Checks for Errors in uploading
if ($file_error === 0) {
//New name to remove possibilities of duplicates
$fileNameNew = uniqid('', true).".".$fileActualExt ;
$FileDestination = '../Photos/forsale/'.$fileNameNew;
$SQLDestination = 'Photos/forsale/'.$fileNameNew;
//Upload to Designated folder with name
move_uploaded_file($file_tmp, $FileDestination);
//Insert into forsaleimg
$sqlimginsert = "INSERT INTO forsaleimg (id, StockID, imgOrder, FileDestination) VALUES ('NULL', '$stockID', '$orderimg', '$SQLDestination');";
mysqli_query($conn, $sqlimginsert);
//echo "<pre>";
//print_r($sqlimginsert);
//echo "</pre>";
$orderimg++ ;
} else {
header("Location: ../salelist.php?upload=error");
exit();
}
} else {
header("Location: ../salelist.php?fucked");
exit();
}
}
}
mysqli_query($conn, $sqlcarinsert);
header("Location: ../salelist.php?added=".$make);
exit();
} else {
header("Location: ../salelist.php?add=notclicked");
exit();
}
Use the query as:-
$sql = "select * from forsale
where StockID = (select max(StockID) as 'StockID'
from forsale)
order by StockID" ;
Back again! So I'm trying to upload multiple images to a server and save the path and corresponding stock number in the database. Currently I have the car details, $sqlcarinsert, working and inserting into the relevant database, forsale.
The issue arises when I try save all of the image details. I have the images being given new names and uploading to the server but not being inputted into the database with the stockID, which links it to the advert, as well as the filepath. Along with this only one of the files is being inputted into the database not say all three that uploaded to the server. Is this possible to do?
Need anything else let me know I shall try my best to provide!
P.S Yes I know prepared statements, shoody code etc etc..
<?php
if(isset($_POST['add'])){
include '../Login-System/db.php';
$make = mysqli_real_escape_string($conn, $_POST['Make']);
$model = mysqli_real_escape_string($conn, $_POST['Model']);
$variant = mysqli_real_escape_string($conn, $_POST['Variant']);
$year = mysqli_real_escape_string($conn, $_POST['Year']);
$mileage = mysqli_real_escape_string($conn, $_POST['Mileage']);
$fuel = mysqli_real_escape_string($conn, $_POST['Fuel']);
$doors = mysqli_real_escape_string($conn, $_POST['Doors']);
$trans = mysqli_real_escape_string($conn, $_POST['transmission']);
$enginesize = mysqli_real_escape_string($conn, $_POST['Enginesize']);
$price = mysqli_real_escape_string($conn, $_POST['Price']);
$description = mysqli_real_escape_string($conn, $_POST['description']);
$sqlcarinsert = "INSERT INTO forsale (make, model, variant, year, mileage, fuel, doors, trans, enginesize, price, description) VALUES ('$make','$model','$variant','$year','$mileage','$fuel','$doors','$trans','$enginesize','$price','$description');";
//Image Upload
//Find next StockID (Surely not, right?)
$sql = "SELECT * FROM forsale ;";
$result = mysqli_query($conn, $sql);
$rowcount = mysqli_num_rows($result);
$stockID = $rowcount + 1;
if(!empty($_FILES['files']['name'][0])){
$files = $_FILES['files'];
//File Extensions allowed
$allowed = array('jpg', 'jpeg', 'png');
foreach ($files['name'] as $position => $file_name) {
$file_tmp = $files['tmp_name'] [$position];
$file_size = $files['size'] [$position];
$file_error = $files['error'] [$position];
//Get file extension
$FileExt = explode('.', $file_name);
$endext = end($FileExt);
$fileActualExt = strtolower($endext);
if (in_array($fileActualExt, $allowed)) {
//Checks for Errors in uploading
if ($file_error === 0) {
include '../Login-System/db.php';
//New name to remove possibilities of duplicates
$fileNameNew = uniqid('', true).".".$fileActualExt ;
$FileDestination = '../Photos/forsale/'.$fileNameNew;
//Upload to Designated folder with name
move_uploaded_file($file_tmp, $FileDestination);
//Insert into forsaleimg
$sqlimginsert = "INSERT INTO forsaleimg (StockID, FileDestination) VALUES ('$stockID','$FileDestination');";
mysqli_query($conn, $sqlimginsert);
} else {
header("Location: ../salelist.php?upload=error");
exit();
}
}
}
}
mysqli_query($conn, $sqlcarinsert);
header("Location: ../salelist.php?added=".$make);
exit();
} else {
header("Location: ../salelist.php?add=notlcicked");
exit();
}
I am trying to make my two file uploads optional when inserting data into mySQL db, and uploading the files to my server. When I uploading both files to a new entry, the upload is successful. If I don't upload 1 or both files, I receive an error. Thank you so much for your help.
<?php require_once($_SERVER['DOCUMENT_ROOT']."/includes/session.php");?>
<?php require_once($_SERVER['DOCUMENT_ROOT']."/includes/db_connection.php");?>
<?php
session_start();
if($_SESSION["login_user"] != true) {
echo("Access denied!");
exit();
}
?>
<?php require_once($_SERVER['DOCUMENT_ROOT']."/includes/functions.php");?>
<?php require_once($_SERVER['DOCUMENT_ROOT']."/includes/validation_functions.php");?>
<?php
if (isset($_POST['submit'])) {
// Process the form
$visible = mysqli_prep($_POST["visible"]);
$homepage = mysqli_prep($_POST["homepage"]);
$type = mysqli_prep($_POST["type"]);
$publication_name = mysqli_prep($_POST["publication_name"]);
$publication_url = mysqli_prep($_POST["publication_url"]);
$month = mysqli_prep($_POST["month"]);
$date = mysqli_prep($_POST["date"]);
$year = mysqli_prep($_POST["year"]);
$title = mysqli_prep($_POST["title"]);
$author = mysqli_prep($_POST["author"]);
$summary = mysqli_prep($_POST["summary"]);
$full_text = mysqli_prep($_POST["full_text"]);
$tag_1 = mysqli_prep($_POST["tag_1"]);
$tag_2 = mysqli_prep($_POST["tag_2"]);
$tag_3 = mysqli_prep($_POST["tag_3"]);
$tag_4 = mysqli_prep($_POST["tag_4"]);
$tag_5 = mysqli_prep($_POST["tag_5"]);
$tag_6 = mysqli_prep($_POST["tag_6"]);
$tag_7 = mysqli_prep($_POST["tag_7"]);
$image = rand(1000,100000)."-".$_FILES['image']['name'];
$image_loc = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_type = $_FILES['image']['type'];
$image_folder="images/";
$file = rand(1000,100000)."-".$_FILES['file']['name'];
$file_loc = $_FILES['file']['tmp_name'];
$file_size = $_FILES['file']['size'];
$file_type = $_FILES['file']['type'];
$file_folder="files/";
$image_new_size = $image_size/1024;
$file_new_size = $file_size/1024;
$new_image_name = strtolower($image);
$new_file_name = strtolower($file);
$final_image=str_replace(' ','-',$new_image_name);
$final_file=str_replace(' ','-',$new_file_name);
if(move_uploaded_file($image_loc,$image_folder.$final_image))
if(move_uploaded_file($file_loc,$file_folder.$final_file))
$query = "INSERT INTO `news` (";
$query .= "visible, homepage, type, publication_name, publication_url, month, date, year, title, author, summary, full_text, tag_1, tag_2, tag_3, tag_4, tag_5, tag_6, tag_7, image, image_type, image_size, file, file_type, file_size ";
$query .= ") VALUES (";
$query .= " '{$visible}', '{$homepage}', '{$type}', '{$publication_name}', '{$publication_url}', '{$month}', '{$date}', '{$year}', '{$title}', '{$author}', '{$summary}', '{$full_text}', '{$tag_1}', '{$tag_2}', '{$tag_3}', '{$tag_4}', '{$tag_5}', '{$tag_6}', '{$tag_7}', '{$final_image}','{$image_type}','{$image_new_size}', '{$final_file}','{$file_type}','{$file_new_size}'";
$query .= ")";
$result = mysqli_query($connection, $query);
if ($result) {
// Success
$_SESSION["message"] = "Item created.";
redirect_to("manage_content.php");
} else {
// Failure
//$_SESSION["message"] = "Item creation failed.";
//redirect_to("new_news.php");
echo "Error: " . $query . "<br>" . $result->error;
}
} else {
// This is probably a GET request
redirect_to("new_news.php");
}
?>
<?php
if (isset($connection)) { mysqli_close($connection); }
?>
you can use this and hence get rid of your error.Hope this helps you.
$final_image = $image_type = $image_new_size = $final_file = $file_type = $file_new_size = "";
if($_FILES) {
$image = rand(1000,100000)."-".$_FILES['image']['name'];
$image_loc = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_type = $_FILES['image']['type'];
$image_folder="images/";
$file = rand(1000,100000)."-".$_FILES['file']['name'];
$file_loc = $_FILES['file']['tmp_name'];
$file_size = $_FILES['file']['size'];
$file_type = $_FILES['file']['type'];
$file_folder="files/";
$image_new_size = $image_size/1024;
$file_new_size = $file_size/1024;
$new_image_name = strtolower($image);
$new_file_name = strtolower($file);
$final_image=str_replace(' ','-',$new_image_name);
$final_file=str_replace(' ','-',$new_file_name);
if(move_uploaded_file($image_loc,$image_folder.$final_image))
if(move_uploaded_file($file_loc,$file_folder.$final_file))
}
I wrote a php script to extract data from a csv script and insert it into an mysql database. It does the job but does not extract data and insert into database for large csv files.(I tried extracting and inserting from a csv file with 40,000 rows. Did not work but worked when i tested it out with a far smaller (60 rows) size csv file). I get no error message. It just doesn't work. During debugging i realised even echoing a string after selecting a large csv file and clicking my upload button does not work. I've searched and tried all the possible configurations in php.ini as well as LimitRequestBody for apache config as well as setting configs directly in my code to no success. Some help would be greatly appreciated. My code is below.
<?php
include ("connection.php");
if(isset($_POST["submit"]))
{
ini_set('auto_detect_line_endings',TRUE);
$file_name = $_FILES['file']['tmp_name'];
$sql10 = "insert into upload (filename) values ('$file_name')";
if(mysqli_query($conn, $sql10)){
$last_id = mysqli_insert_id($conn);
echo "New record created successfully. Last inserted ID is: " .$last_id;
}
//mysqli_close($conn);
$file = $_FILES['file']['tmp_name'];
//ini_set("auto_detect_line_endings", true);
$handle = fopen($file, "r");
$c = 0;
while(($filesop = fgetcsv($handle, ",")) !== false)
{
if ($c > 0) {
$event_id = $filesop[0];
$conf_session_id = $filesop[1];
$service_provider_id = $filesop[2];
$service_provider_id2 = $filesop[3];
$billed_flag = $filesop[4];
$offering_id = $filesop[5];
$time_start = $filesop[6];
$time_ended = $filesop[7];
$duration = $filesop[8];
$orig_calling_code = $filesop[9];
$orig_area_code = $filesop[10];
$termination_reason = $filesop[11];
$rtp_encoding = $filesop[12];
$rtp_clock_rate = $filesop[13];
$sip_from = $filesop[14];
$sip_to = $filesop[15];
$sip_call_id = $filesop[16];
$orig_nbr = $filesop[17];
$dest_nbr = $filesop[18];
$popd_account_number = $filesop[19];
$intl_dest_flag = $filesop[20];
$sip_status = $filesop[21];
$gw_ip_ingress = $filesop[22];
$gw_port_egress = $filesop[23];
$phone_number = $filesop[24];
$orig_flag = $filesop[25];
$subscriber_sip_caller_id = $filesop[26];
$orig_route_type = $filesop[27];
$term_route_type = $filesop[28];
$call_type = $filesop[29];
$mny_BasePrice = $filesop[30];
$call_cost = $filesop[31];
$uploadID = $last_id;
$sql11 = "insert into cdr (event_id, conf_session_id, service_provider_id, service_provider_id2, billed_flag, offering_id, time_start, time_ended, duration, orig_calling_code, orig_area_code, termination_reason, rtp_encoding, rtp_clock_rate, sip_from, sip_to, sip_call_id, orig_nbr, dest_nbr, popd_account_number, intl_dest_flag, sip_status, gw_ip_ingress, gw_port_egress, phone_number, orig_flag, subscriber_sip_caller_id, orig_route_type, term_route_type, call_type, mny_BasePrice, call_cost, uploadID, date_uploaded) values ('$event_id', '$conf_session_id', '$service_provider_id', '$service_provider_id2', '$billed_flag', '$offering_id', '$time_start', '$time_ended', '$duration', '$orig_calling_code', '$orig_area_code', '$termination_reason', '$rtp_encoding', '$rtp_clock_rate', '$sip_from', '$sip_to', '$sip_call_id', '$orig_nbr', '$dest_nbr', '$popd_account_number', '$intl_dest_flag', '$sip_status', '$gw_ip_ingress', '$gw_port_egress', '$phone_number', '$orig_flag', '$subscriber_sip_caller_id', '$orig_route_type', '$term_route_type', '$call_type', '$mny_BasePrice', '$call_cost', '$uploadID', CURRENT_DATE)";
if(mysqli_query($conn, $sql11)){
// $last_id = mysqli_insert_id($conn);
// echo "New record created successfully. Last inserted ID is: " .$last_id;
$updatequery = "UPDATE cdr JOIN client ON cdr.orig_nbr = client.phonenumber SET cdr.clientname = client.clientname";
mysqli_query($conn, $updatequery);
} else{
echo "error: ".mysqli_error($conn);
}
}
$c++;
}
fclose($handle) ;
}
?>