OK, I am trying to insert multiple values into a single column catName with space. But I am unable to insert it..here is my code. suppose I m selected sports cricket football from the dropdown and all three name should be there in column with space only not comma.
<?php
//include config
require_once('includes/config.php');
//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); }
require_once('includes/config2.php');
if(isset($_FILES['files'])){
$errors= array();
foreach($_FILES['files']['tmp_name'] as $key => $tmp_name ){
$picCourtesy = $_POST["picCourtesy"];
$picTitle = $_POST["picTitle"];
$catName = implode(' ',$_POST['$catName']);
$file_name = $key.$_FILES['files']['name'][$key];
$file_size =$_FILES['files']['size'][$key];
$file_tmp =$_FILES['files']['tmp_name'][$key];
$file_type=$_FILES['files']['type'][$key];
if($file_size > 2097152){
$errors[]='File size must be less than 2 MB';
}
$query="INSERT into gallery (`picTitle`,`picCourtesy`,`catName`,`gFILE_NAME`,`gFILE_SIZE`,`gFILE_TYPE`) VALUES('$picTitle','$picCourtesy','$catName','$file_name','$file_size','$file_type'); ";
$desired_dir="../gallery";
if(empty($errors)==true){
if(is_dir($desired_dir)==false){
mkdir("$desired_dir", 0700); // Create directory if it does not exist
}
if(is_dir("$desired_dir/".$file_name)==false){
move_uploaded_file($file_tmp,"$desired_dir/".$file_name);
}else{ // rename the file if another one exist
$new_dir="$desired_dir/".$file_name.time();
rename($file_tmp,$new_dir) ;
}
mysqli_query($conn,$query);
}else{
print_r($errors);
}
}
if(empty($error)){
header('Location: index.php');
exit;
}
}?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Admin - Add Post</title>
<link rel="stylesheet" href="style/normalize.css">
<link rel="stylesheet" href="style/main.css">
</head>
<body>
<div id="wrapper">
<?php include('menu.php');?>
<form action="" method="POST" enctype="multipart/form-data">
<p>upload single pic, Less than 2mb.</p>
<p><label>Title</label><br />
<input type='text' name='picTitle' value='<?php if(isset($error)){ echo $_POST['picTitle'];}?>'></p>
<p><label>photo courtesy</label><br />
<input type='text' name='picCourtesy' value='<?php if(isset($error)){ echo $_POST['picCourtesy'];}?>'></p>
<?php
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$query = "SELECT * FROM category";
$result = mysqli_query ($conn,$query);?>
<p><label >Category:</label><br/>
<select multiple="multiple" name="catName[]">
<?php
while($r = mysqli_fetch_array($result)) {
echo '<option value='.$r['catName'].'>'.$r['catName'].'</option>';
}
echo "</select>";
?></p>
<input type="file" name="files[]" />
<input type="submit"/>
</form>
</div>
</body>
Please help me, hope you understand my problem here
just replace
$catName = implode(' ',$_POST['$catName']);
with
$catName = implode(' ',$_POST['catName']);
By mistakely You just add '$' on $_POST['$catName']
Related
Hello guys, please help!
I'm having problems with my project, I followed these steps on how to upload(https://www.youtube.com/watch?v=Ipa9xAs_nTg) but something is wrong.
The error is Notice:
Undefined index: tmp_name in C:\xampp\htdocs\LDEVERACATERING\upload_process.php on line 16
Here is my upload.html
<!DOCTYPE html>
<html>
<head>
<script src="jquery-3.2.1.min"></script>
<script src="jquery-migrate-1.4.1.min"></script>
<title>
Image Upload
</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div id="content">
<form method="POST" action="upload_process.php" enctype="multipart/form-data">
<input type="hidden" name="size" value="1000000"/>
<div>
<input type="file" name="image"/>
</div>
<div>
<textarea name="text" cols="40" rows="4" placeholder="Say something about this image..."></textarea>
</div>
<div>
<input type="submit" name="upload" value="Upload Image"/>
</div>
</form>
</div>
</body>
</html>
here is my upload_process.php
<?php
$msg = "";
//if upload button is pressed
if (isset($_POST['upload'])) {
//path to store the upload image
$target = "photos/".basename($_FILES['image']['name']);
//connect to database
$db = mysqli_connect("localhost", "root", "", "catering_info");
}
//get all the submitted date from the form
$image = $_FILES['image']['name'];
$text = $_POST['text'];
$sql = "INSERT INTO photos_upload(image, text) VALUES('$image', '$text')";
mysqli_query($db, $sql); //stores the submitted date into the database table: images
//now let's move the upload image into the folder: photos
if (move_uploaded_file($_FILES['tmp_name']['name'], $target)) {
$msg = "Image uploaded successfully";
}
else
{
$msg = "There was a problem uploading image";
}
?>
PLEASE HELP ME, I REALLY NEED IT. Also I'm still new to this, I just started web prog last 3 weeks :( Thank you very much!
Please try this
<?php
if(isset($_FILES['image'])){
$errors= array();
$file_name = $_FILES['image']['name'];
$file_size =$_FILES['image']['size'];
$file_tmp =$_FILES['image']['tmp_name'];
$file_type=$_FILES['image']['type'];
$file_ext=strtolower(end(explode('.',$_FILES['image']['name'])));
$expensions= array("jpeg","jpg","png");
if(in_array($file_ext,$expensions)=== false){
$errors[]="extension not allowed, please choose a JPEG or PNG file.";
}
if($file_size > 2097152){
$errors[]='File size must be excately 2 MB';
}
if(empty($errors)==true){
move_uploaded_file($file_tmp,"images/".$file_name);
echo "Success";
}else{
print_r($errors);
}
}
?>
Try this by replacing your code
move_uploaded_file($_FILES['tmp_name']['name'], $target)
With these
move_uploaded_file($_FILES['image']['tmp_name'], $target)
I created a page that can add new records to my database, everything is working fine but when I'm trying to upload a pdf file, it doesn't store to the correct folder. It should be stored in my "uploads". When I check my database, it doesnt link properly it should be ../uploads/example.pdf instead of example.pdf only
<?php
require('db.php');
include("auth.php");
$status = "";
if(isset($_POST['new']) && $_POST['new']==1)
{
$trn_date = date("Y-m-d H:i:s");
$fname =$_REQUEST['fname'];
$lname = $_REQUEST['lname'];
$memo = $_REQUEST['memo'];
$file = $_REQUEST['file'];
$submittedby = $_SESSION["username"];
$ins_query="insert into user (`trn_date`,`fname`,`lname`,`memo`,`submittedby`,`file`) values ('$trn_date','$fname','$lname','$memo','$submittedby','$file')";
mysqli_query($con,$ins_query) or die(mysql_error());
$status = "New Record Inserted Successfully.</br></br><a href='view.php'>View Inserted Record</a>";
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Insert New Record</title>
<link rel="stylesheet" href="css/style.css" />
</head>
<body>
<div class="form">
<p>Dashboard | View Records | Logout</p>
<div>
<h1>Insert New Record</h1>
<form name="form" method="post" action="">
<input type="hidden" name="new" value="1" />
<p><input type="text" name="fname" placeholder="Enter Date" required /></p>
<p><input type="text" name="memo" placeholder="Enter Memorandum" required /></p>
<p><input type="text" name="lname" placeholder="Enter Title" required /></p>
<form action="" method="POST" enctype="multipart/form-data">
<input type="file" name="file" />
<input type="submit"/>
</form>
<?php
if(isset($_FILES['file'])){
$errors= array();
$file_name = $_FILES['file']['name'];
$file_size =$_FILES['file']['size'];
$file_tmp =$_FILES['file']['tmp_name'];
$file_type=$_FILES['file']['type'];
$file_ext=strtolower(end(explode('.',$_FILES['file']['name'])));
$expensions= array("pdf");
if(in_array($file_ext,$expensions)=== false){
$errors[]="extension not allowed, please choose a pdf file.";
}
if($file_size > 2097152){
$errors[]='File size must not exceed 2 MB';
}
if(empty($errors)==true){
move_uploaded_file($file_tmp,"../uploads/".$file_name);
echo "Success";
}else{
print_r($errors);
}
}
?>
<p><input name="submit" type="submit" value="Submit" /></p>
</form>
<p style="color:#FF0000;"><?php echo $status; ?></p>
</div>
</div>
</body>
</html>
That's because you set only to save file name
$file = $_REQUEST['file'];
Instead it should be
$file = "../uploads/".$_REQUEST['file'];
There are quite a few logical errors in your code.
You are inserting a record into the MySQL database before you do your check on the file extension and file size.
You just insert the file name into MySQL ($file = $_REQUEST['file'];), hence only the file name appears there. The correct code would be:
$file = "../uploads/".$_FILES['file']['name'];
A bit more down you need to adjust the file move part:
move_uploaded_file($file_tmp, $file);
In the error checking after the sql insert you use mysql_error(), not mysqli_error($con)
You do not check if the move_uploaded_file($file_tmp,"../uploads/".$file_name); call was successful and the file was moved to its final location.
Also pls consider using prepared statements to prevent sql injection attacks.
I try upload image to mysql database and display it along with the description of image using php. After i upload the image and display it , a broken image was displayed but the description of the image was displayed without any error. How can I solve this problem ? Appreciate your help
<?php
$msg = "";
//if upload button is pressed
if(isset($_POST['upload']))
{
// the path to store the uploaded image
$target = "images/".basename($_FILES['image']['name']);
// connect to database
$db = mysqli_connect("localhost","root","","product");
// Get all the submitted data from the form
$image = $_FILES['image']['name'];
$text = $_POST['text'];
$sql = "INSERT INTO product_list (image, text) VALUES ('$image','$text')";
mysqli_query($db,$sql); // stores the submitted data into the database table : product_list
// move uploaded image to the folder : image
if (move_uploaded_file($_FILES['image']['tmp_name'],$target))
{
$msg = "Image and text uploaded successfully";
}else
{
$msg = "There was a problem uploading image";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Image Upload With Description</title>
<link rel="stylesheet" type="text/css" href="formstyle.css">
</head>
<body>
<div id="content">
<?php
$db = mysqli_connect("localhost","root","","product");
$sql = "SELECT * FROM product_list";
$result = mysqli_query($db, $sql);
while ($row = mysqli_fetch_array($result))
{
echo "<div id='img_div'>";
echo "<img src='".$row['image']."'>";
echo "<p>".$row['text']."</p>";
echo "</div>";
}
?>
<form method="post" action="try.php" enctype="multipart/form-data">
<input type="hidden" name="size" value="1000000">
<div>
<input type="file" name="image">
</div>
<div>
<textarea name="text" cols="40" rows="4" placeholder="Details of product"></textarea>
</div>
<div>
<input type="submit" name="upload" value="Upload Image">
</div>
</form>
</div>
</body>
</html>
This is my result :
You are storing it in the DB without the images directory. You either need to store it with that, or always remember to call it that way in your image calls.
echo "<img src='images/".$row['image']."'>";
or make your the record you are writing the same as the filesystem location.
$image = 'images/' . $_FILES['image']['name'];
Note you are open to SQL injections and file inclusion injections with this code.
try this
<?php
$msg = "";
//if upload button is pressed
if(isset($_POST['upload']))
{
// the path to store the uploaded image
$destination_path = getcwd().DIRECTORY_SEPARATOR;
$target_path = $destination_path . basename( $_FILES["image"]["name"]);
// connect to database
$db = mysqli_connect("localhost","root","","product");
// Get all the submitted data from the form
$image = $_FILES['image']['name'];
$text = $_POST['text'];
$sql = "INSERT INTO product_list (image, text) VALUES ('$image','$text')";
mysqli_query($db,$sql); // stores the submitted data into the database table : product_list
//#move_uploaded_file($_FILES['image']['tmp_name'], $target_path)
// move uploaded image to the folder : image
if (move_uploaded_file($_FILES['image']['tmp_name'],$target_path))
{
$msg = "Image and text uploaded successfully";
}else
{
$msg = "There was a problem uploading image";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Image Upload With Description</title>
<link rel="stylesheet" type="text/css" href="formstyle.css">
</head>
<body>
<div id="content">
<?php
$db = mysqli_connect("localhost","root","","product");
$sql = "SELECT * FROM product_list";
$result = mysqli_query($db, $sql);
while ($row = mysqli_fetch_array($result))
{
echo "<div id='img_div'>";
echo "<img src='".$row['image']."'>";
echo "<p>".$row['text']."</p>";
echo "</div>";
}
?>
<form method="post" action="index.php" enctype="multipart/form-data">
<input type="hidden" name="size" value="1000000">
<div>
<input type="file" name="image">
</div>
<div>
<textarea name="text" cols="40" rows="4" placeholder="Details of product"></textarea>
</div>
<div>
<input type="submit" name="upload" value="Upload Image">
</div>
</form>
</div>
</body>
</html>
Still a newb to coding . have almost no idea what im doing . i tried to make a php page which would let me upload and view an image . do not know what is wrong . i tried to do it as correctly as possible . could someone please help me out ?
<!doctype html>
<html>
<head>
</head>
<body>
<form method="post">
<input type="file" name="image"></input>
<input type="submit" name="submit" value="upload"></input>
<?php
if(isset($_POST['submit']))
echo "button has been clicked";
$con = mysqli_connect("127.0.0.1","root","","demo");
if(!$con)
echo "didnt connect to database ";
else echo "connected ";
$imagename= mysqli_real_escape_string($_FILES['image'] ['name']);
$imagefile =mysqli_real_escape_string(file_get_contents($_FILES['image']['tmp_name']));
$qry = "INSERT INTO image (name,file) VALUES ('$imagename','$imagefile')";
$result = mysqli_query($con,$qry);
if($result)
echo "image has been uploaded";
viewimage();
function viewimage()
{$recon = mysqli_connect("127.0.0.1","root","","demo");
$view = "SELECT * FROM image ";
$data =mysqli_query($recon,$view);
$res2 =mysqli_fetch_assoc($data);
$currimage =$res2['file'];
echo "$currimage <br/>";
}
?>
</body>
</html>
To be able to catch a post variable, you need to submit the form and handle the action. The first problem with your code is that your form is not complete - it's missing a closing tag. Second thing, to be able to send a file through the post, you'll need multipart form. You should add enctype="multipart/form-data" as an attribute of the form.
So, instead of
<form method="post">
<input type="file" name="image"></input>
<input type="submit" name="submit" value="upload"></input>
You'll need
<form method="post" enctype="multipart/form-data">
<input type="file" name="image"></input>
<input type="submit" name="submit" value="upload"></input>
</form>
you must move the uploaded image to server
try this code -- create directory /uploads/
<!doctype html>
<html>
<head>
</head>
<body>
<form method="post" enctype="multipart/form-data">
<input type="file" name="image"></input>
<input type="submit" name="submit" value="upload"></input>
<?php
if(isset($_POST['submit']))
echo "button has been clicked";
$con = mysqli_connect("127.0.0.1","root","","demo");
if(!$con)
echo "didnt connect to database ";
else echo "connected";
$uploads_dir = '/uploads';
$tmp_name = $_FILES["image"]["tmp_name"];
$name = $_FILES["image"]["name"];
move_uploaded_file($tmp_name, "$uploads_dir/$name");
$qry = "INSERT INTO image (name,file) VALUES ('$name','$tmp_name')";
$result = mysqli_query($con,$qry);
if($result)
echo "image has been uploaded";
viewimage();
function viewimage()
{$recon = mysqli_connect("127.0.0.1","root","","demo");
$view = "SELECT * FROM image ";
$data =mysqli_query($recon,$view);
$res2 =mysqli_fetch_assoc($data);
$currimage =$res2['file'];
echo '<img src="'.$currimage.'" /> <br/>';
}
?>
</body>
</html>
I'm trying to upload an image to a database using a form.
The problems is that when i try to upload the image, it isn't stored in the database. Also there is no error.
Thanks in advance.
<html>
<head>
<meta charset="UTF-8" />
<title>Images</title>
</head>
<body>
<form action="index.php" method="POST" enctype="multipart/form-data">
File:
<input type="file" name="image" />
<input type="submit" value="Upload" />
</form>
<?php
require "connect.inc.php";
#$file = $_FILES['image']['tmp_name'];
if (!isset($file)) {
echo "Please select an image.";
}
else {
$image = file_get_contents($_FILES['image']['tmp_name']);
$imageName = $_FILES['image']['tmp_name'];
$imageSize = getimagesize($_FILES['image']['tmp_name']);
if ($imageSize == FALSE) {
echo "This is not an image.";
}
else {
$sql = "INSERT INTO `afbeelding` VALUES ('', '$imageName', '$image')";
if (!mysql_query("INSERT INTO `afbeelding` VALUES ('', '$imageName', '$image')")) {
echo "Problem uploading image.";
}
else {
echo "Succes!";
}
}
}
?>
</body>
</html>
You have forgot to execute your query :
<html>
<head>
<meta charset="UTF-8" />
<title>Images</title>
</head>
<body>
<form action="index.php" method="POST" enctype="multipart/form-data">
File:
<input type="file" name="image" />
<input type="submit" value="Upload" />
</form>
<?php
require "connect.inc.php";
#$file = $_FILES['image']['name'];
if (!isset($file)) {
echo "Please select an image.";
}
else {
$image = file_get_contents($_FILES['image']['name']);
$imageName = $_FILES['image']['tmp_name'];
$img = $_FILES['image']['name'];
$imageSize = getimagesize($_FILES['image']['name']);
//add move uploaded file function here
if ($imageSize == FALSE) {
echo "This is not an image.";
}
else {
$sql = mysql_query("INSERT INTO `afbeelding` VALUES ('', '$img', '$image')"); // did changes here
if($sql){
echo "Succes!";
}
else {
echo "Problem uploading image.";
}
}
}
?>
</body>
</html>
I have not tested, but will work
<?php
require "connect.inc.php";
if(isset($_POST['submit']))
{
#$file = $_FILES['image']['tmp_name'];
if (!isset($file)) {
echo "Please select an image.";
}
else {
$image = file_get_contents($_FILES['image']['tmp_name']);
$imageName = $_FILES['image']['tmp_name'];
$imageSize = getimagesize($_FILES['image']['tmp_name']);
if ($imageSize == FALSE) {
echo "This is not an image.";
}
else {
$sql = "INSERT INTO `afbeelding` VALUES ('', '$imageName', '$image')";
if (!mysql_query("INSERT INTO `afbeelding` VALUES ('', '$imageName', '$image')")) {
echo "Problem uploading image.";
}
else {
echo "Succes!";
}
}
}
}
?>
<html>
<head>
<meta charset="UTF-8" />
<title>Images</title>
</head>
<body>
<form action="index.php" method="POST" enctype="multipart/form-data">
File:
<input type="file" name="image" />
<input type="submit" name="submit" value="Upload" />
</form>
</body>
</html>
The problem was not having the addslashes(). In: $image = addslashes(file_get_contents($_FILES['image']['tmp_name']));
If i remove them again it won't work but if i put them back in it succeeds.