I tried to upload video filenames and other variables to the database, but the insert statement won't work. Anyway the videofile-name and the thumbnail-filename are both uploaded to the right folders.
I've checked and there's nothing wrong with the sql statement. But why won't it work can anyone tell me?
PHP code
<?php
session_start();
if (isset($_POST['submit'])) {
$videoName = $_POST['videoName'];
$videoDesc = $_POST['description'];
$category = $_POST['category'];
$level = $_POST['level'];
$userId = $_SESSION['userId'];
$videoFile = $_FILES["videoFile"];
$videoFileName = $videoFile['name'];
$videoFileType = $videoFile['type'];
$videoFileTempName = $videoFile['tmp_name'];
$videoFileError = $videoFile['error'];
$videoFileExt = explode(".", $videoFileName);
$videoFileActualExt = strtolower(end($videoFileExt));
$videoAllowed = array("mp4", "mov", "avi");
$thumbFile = $_FILES["thumbnail"];
$thumbFileName = $thumbFile["name"];
$thumbFileType = $thumbFile["type"];
$thumbFileTempName = $thumbFile["tmp_name"];
$thumbFileError = $thumbFile["error"];
$thumbFileExt = explode(".", $thumbFileName);
$thumbFileActualExt = strtolower(end($thumbFileExt));
$thumbAllowed = array("jpg", "jpeg", "png");
if (in_array($videoFileActualExt, $videoAllowed)) {
if(in_array($thumbFileActualExt, $thumbAllowed)) {
if ($videoFileError === 0) {
if ($thumbFileError === 0) {
$videoFullName = $videoFile . "." . uniqid("", true) . "." . $videoFileActualExt;
$videoFileDestination = "../video/" . $videoFullName;
$thumbFullName = $thumbFile . "." . uniqid("", true) . "." . $thumbFileActualExt;
$thumbFileDestination = "../thumbnail/" . $thumbFullName;
include 'dbh.inc.php';
if(empty($videoName) or empty($videoDesc)) {
header("Location: ../uploadVideo.php?upload=empty");
exit();
} else {
move_uploaded_file($videoFileTempName, $videoFileDestination);
move_uploaded_file($thumbFileTempName, $thumbFileDestination);
$sql = "INSERT INTO video (filnavn, thumbnail, videoName, descript, idMusician, categoryName, idLevel) VALUES ('$videoFullName', '$thumbFullName', '$videoName', '$videoDesc', $userId, '$category', $level);";
mysqli_query($conn, $sql);
header("Location: ../uploadVideo.php?upload=success");
exit();
}
} else {
echo "You had a thumbnail error!";
exit();
}
} else {
echo "You had a video error!";
exit();
}
} else {
echo "You need to upload a proper thumbnail file type";
exit();
}
} else {
echo "You need to upload a proper video file type!";
exit();
}
} else {
}
You cannot insert or in this way in the if() condition, you must always use the logical operator as
if(empty($videoName) || empty($videoDesc))
Because of that your execution of code must have stopped at that point.
I have this php photo gallery, however my "mysqli_stmt_prepare" statement seems to be failing in someway. However, when I check my DB, the files that are in accordance to the upload rules, I created in my code, have been uploaded.
The message I get each time I upload a file to the DB is the one corresponding to a failed "mysqli_stmt_prepare", namely as in the code:
echo "SQL statement failed! 1"
<?php
if (isset($_POST['submit'])) {
$newFileName = $_POST['filename'];
//sets the file name to "gallery"
if (empty($_POST['filename'])) {
$newFileName = "gallery";
//adds hyphens to empty spaces
} else {
$newFileName = strtolower(str_replace(" ", "-", $newFileName));
}
$imageTitle = $_POST['filetitle'];
$imageDesc = $_POST['filedesc'];
$file = $_FILES['file'];
$fileName = $file['name'];
$fileType = $file['type'];
$fileTempName = $file['tmp_name'];
$fileError = $file['error'];
$fileSize = $file['size'];
$fileExt = explode(".", $fileName);
$fileActualExt = strtolower(end($fileExt));
$allowed = array("jpg", "jpeg", "png", "pdf");
if (in_array($fileActualExt, $allowed)) {
if ($fileError === 0) {
if ($fileSize < 200000) {
$imageFullName = $newFileName . "." . uniqid("uniqID", false) . "." . $fileActualExt;
$fileDestination = "../gallery/" . $imageFullName;
include_once "dbh.inc.php";
if (empty($imageTitle || $imageDesc)) {
header("Location: ../gallery.php?upload=empty");
echo "You didn't include the Image Title and Image description!";
exit();
} else {
$sql = "SELECT * FROM gallerytrexatek";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
echo "SQL statement failed! 1";
} else {
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$rowCount = mysqli_num_rows($result);
$setImageOrder = $rowCount + 1;
$sql = "INSERT INTO gallery (titleGallery, descGallery, imgFullNameGallery, orderGallery) VALUES (?, ?, ?, ?);";
if (!mysqli_stmt_prepare($stmt, $sql)) {
echo "SQL statement failed! 2";
} else {
mysqli_stmt_bind_param($stmt, "ssss", $imageTitle, $imageDesc, $imageFullName, $setImageOrder);
mysqli_stmt_execute($stmt);
move_uploaded_file($fileTempName, $fileDestination);
header("Location: ../galleryInPHP.php?upload=success");
}
}
}
} else {
echo "File Size is way to big";
exit();
}
} else {
echo "You had an error with the file";
exit();
}
} else {
echo "The file type you tried to upload is not allowed!";
exit();
}
}
?>
I expect the file to upload without problems. It seems I am overlooking something rather simple.
Hint: There are 3 files connected to this one.
1. The gallery.php where the form exists for images to be uploaded
2. The one which is pasted here
3. the DB handler file
Do'h, there was a problem with one of the file handler files.
I am trying to set up a profile page where user can upload a profile picture. The problem I a having is that when the status is changed from 1 to 0 the image changes from a default profile image to a small black box with an "x" in it. Everything else works fine. I thought it might be the css but it is not. If anyone can assist, it would greatly appreciated. Thank you.
Profile.php:
<?php
$id= $_GET['id'];
$sql = "SELECT * FROM user WHERE id='$id'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$sqlImg = "SELECT * FROM profileImg WHERE id='$id'";
$resultImg = mysqli_query($conn, $sqlImg);
while ($rowImg = mysqli_fetch_assoc($resultImg)) {
echo "<div class='userProfileImage'>";
if ($rowImg['status'] == 0 ) {
echo "<img src='images/profile".$id.".jpg'>";
} else {
echo "<img src='images/profile_default.jpg'>";
}
echo "<p>".$row['first']."</p>";
echo "</div>";
}
}
} else {
echo "There are no users yet!";
}
uploadProfile.php:
<?php
session_start();
include '../dbh.php';
$id = $_SESSION['id'];
$userID = $id;
if (isset($_POST['submit'])) {
$file = $_FILES['file'];
$fileName = $_FILES['file']['name'];
$fileTmpName = $_FILES['file']['tmp_name'];
$fileSize = $_FILES['file']['size'];
$fileERROR = $_FILES['file']['error'];
$fileType = $_FILES['file']['type'];
$fileExt = explode('.', $fileName);
$fileActualExt = strtolower(end($fileExt));
$allowed = array('jpg', 'jpeg', 'gif', 'png', 'mov', 'mpeg4', 'mp4', 'avi', 'wmv', 'mpegps', 'flv', '3gpp', 'webm');
if (in_array($fileActualExt, $allowed)) {
if ($fileERROR === 0) {
if ($fileSize < 500000) {
$fileNameNew = "profile".$id.".".$fileActualExt;
$fileDestination = '../uploads/'.$fileNameNew;
$sql = "UPDATE profileImg SET status=0 WHERE id='$id'";
$result = mysqli_query($conn, $sql);
move_uploaded_file($fileTmpName, $fileDestination);
header("Location: ../profile.php?id=$userID");
} else {
echo "Your file is too large";
}
} else {
echo "There was an error uploading your file";
}
} else {
echo "You cannot upload files of this type";
}
}
?>
Files are being uploaded to uploads as line below
$fileDestination = '../uploads/'.$fileNameNew;
and img src is
echo "<img src='images/profile".$id.".jpg'>";
Please update you code.
Edit: you are allowing multiple extensions to be uploaded and on profile.php single extension is used to load the picture.
I have Data entry form where user insert there data along with upload three category image file .In present situation Data insert and image upload is working fine but works separately for example its appear echo"insert successfully" for both data & image insertion.I want it works together . Here i present my script :
enter code here
<?php
if (isset($_POST['submit'])) {
$date=$_POST["date"];
$agentid=$_POST["agentid"];
$formno=$_POST["formno"];
$bank=$_POST["bank"];
$ptype=$_POST["ptype"];
$cardno=$_POST["cardno"];
$cname=$_POST["cname"];
$fname=$_POST["fname"];
$mname=$_POST["mname"];
$dob=$_POST["dob"];
$phone=$_POST["phone"];
$votarid=$_POST["votarid"];
$sex=$_POST["sex"];
$email=$_POST["email"];
$district=$_POST["district"];
$thana=$_POST["thana"];
$con=mysqli_connect("localhost","root","admin","myapps");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql= "INSERT INTO `kyc`( `date`,`agentid`,`formno`, `bank`, `ptype`,
`cardno`,`cname`, `fname`, `mname`, `dob`, `phone`, `votarid`,`sex`,
`email`, `district`, `thana`)
VALUES('$date','$agentid',$formno,'$bank','$ptype','$cardno','$cname','$fname',
'$mname','$dob',$phone,$votarid,'$sex','$email','$district','$thana')";
$result = mysqli_query($con,$sql); //check for errors
$sql="UPDATE card SET status='1',agentid='$agentid',salesdate='$date' WHERE
$cardno=cardno";
$result = mysqli_query($con,$sql);
echo "One raw Successfully inserted";
mysqli_close($con);
}
?>
<?php
if(isset($_FILES['files'])){
$res = upload_multiple_file($_FILES['files'],"KYCFILE",$formno);
//echo $res;
}
function upload_multiple_file($file,$file_dir="KYCFILE",$formno=null) {
$overwrite=0;
$allowed_file_type= array("JPG","jpg", "jpeg", "png", "gif");
$max_file_size = 2097152;
$max_file_size_check=0;
foreach($_FILES['files']['name'] as $fkey=> $fname){
$ext = pathinfo($fname, PATHINFO_EXTENSION);
if (!in_array($ext, $allowed_file_type)) {
return "unsupported file format";
break;
}
}
foreach($_FILES['files']['tmp_name'] as $key => $tmp_name ){
$file_name = $_FILES['files']['name'][$key];
$file_size =$_FILES['files']['size'][$key];
$file_tmp_name =$_FILES['files']['tmp_name'][$key];
$file_type=$_FILES['files']['type'][$key];
//if($max_file_size_check >0) {
if($file_size > $max_file_size){
$fsize=$max_file_size/1048576;
return 'File size must be less than '.$fsize.' MB';
break;
}
//}
if(is_dir($file_dir)==false){
$status = mkdir("$file_dir", 0700);
if($status < 1){
return "unable to create diractory $file_dir ";
}
}
$new_file_path=$file_dir."/".$formno;
if(is_dir($new_file_path)==false){
$status = mkdir("$new_file_path", 0700);
if($status < 1){
return "unable to create diractory $file_dir ";
}
}
if(is_dir($new_file_path)){
/*switch($key)
$file_name="photo".str_split(""
case:0*/
echo $file_name;
$splitted_filename=explode(".",$file_name);
$file_ext=$splitted_filename[1];
switch($key) {
case 0:
$file_name_new="photo.".$file_ext;
break;
case 1:
$file_name_new="voter_id.".$file_ext;
break;
case 2:
$file_name_new="KYC_form.".$file_ext;
break;
}
if($overwrite < 1){
move_uploaded_file($file_tmp_name,"$new_file_path/".$formno."_".$file_name_new);
}
}
// $file_upload_query="INSERT into user_uploads
(`u_id`,`file_name`,`file_type`)
VALUES('$user_id','$file_name','$file_size','$file_type'); ";
//mysql_query($file_upload_query);
}
return "One raw Successfully inserted";
header("refresh:2;url=kycapps.php" );
}
?>
Updated code
<?php
if (isset($_POST['submit'])) {
$date=$_POST["date"];
$agentid=$_POST["agentid"];
$formno=$_POST["formno"];
$bank=$_POST["bank"];
$ptype=$_POST["ptype"];
$cardno=$_POST["cardno"];
$cname=$_POST["cname"];
$fname=$_POST["fname"];
$mname=$_POST["mname"];
$dob=$_POST["dob"];
$phone=$_POST["phone"];
$votarid=$_POST["votarid"];
$sex=$_POST["sex"];
$email=$_POST["email"];
$district=$_POST["district"];
$thana=$_POST["thana"];
$con=mysqli_connect("localhost","root","admin","myapps");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql= "INSERT INTO `kyc`( `date`,`agentid`,`formno`, `bank`, `ptype`,
`cardno`,`cname`, `fname`, `mname`, `dob`, `phone`, `votarid`,`sex`,
`email`, `district`, `thana`)
VALUES('$date','$agentid',$formno,'$bank','$ptype','$cardno','$cname','$fname',
'$mname','$dob',$phone,$votarid,'$sex','$email','$district','$thana')";
$result = mysqli_query($con,$sql); //check for errors
$sql="UPDATE card SET status='1',agentid='$agentid',salesdate='$date' WHERE
$cardno=cardno";
$result = mysqli_query($con,$sql);
if(isset($_FILES['files'])){
$res = upload_multiple_file($_FILES['files'],"KYCFILE",$formno);
//echo $res;
}
echo "One raw Successfully inserted";
mysqli_close($con);
header("refresh:2;url=kycapps.php" );
}
function upload_multiple_file($file,$file_dir="KYCFILE",$formno=null) {
$overwrite=0;
$allowed_file_type= array("JPG","jpg", "jpeg", "png", "gif");
$max_file_size = 2097152;
$max_file_size_check=0;
foreach($_FILES['files']['name'] as $fkey=> $fname){
$ext = pathinfo($fname, PATHINFO_EXTENSION);
if (!in_array($ext, $allowed_file_type)) {
return "unsupported file format";
break;
}
}
foreach($_FILES['files']['tmp_name'] as $key => $tmp_name ){
$file_name = $_FILES['files']['name'][$key];
$file_size =$_FILES['files']['size'][$key];
$file_tmp_name =$_FILES['files']['tmp_name'][$key];
$file_type=$_FILES['files']['type'][$key];
//if($max_file_size_check >0) {
if($file_size > $max_file_size){
$fsize=$max_file_size/1048576;
return 'File size must be less than '.$fsize.' MB';
break;
}
//}
if(is_dir($file_dir)==false){
$status = mkdir("$file_dir", 0700);
if($status < 1){
return "unable to create diractory $file_dir ";
}
}
$new_file_path=$file_dir."/".$formno;
if(is_dir($new_file_path)==false){
$status = mkdir("$new_file_path", 0700);
if($status < 1){
return "unable to create diractory $file_dir ";
}
}
if(is_dir($new_file_path)){
/*switch($key)
$file_name="photo".str_split(""
case:0*/
echo $file_name;
$splitted_filename=explode(".",$file_name);
$file_ext=$splitted_filename[1];
switch($key) {
case 0:
$file_name_new="photo.".$file_ext;
break;
case 1:
$file_name_new="voter_id.".$file_ext;
break;
case 2:
$file_name_new="KYC_form.".$file_ext;
break;
}
if($overwrite < 1){
move_uploaded_file($file_tmp_name,"$new_file_path/".$formno."_".$file_name_new);
}
}
// $file_upload_query="INSERT into user_uploads
(`u_id`,`file_name`,`file_type`)
VALUES('$user_id','$file_name','$file_size','$file_type'); ";
//mysql_query($file_upload_query);
}
}
i am trying to allow users to update their profile picture using this code.
require("../connection.php");
$imgName = $_FILES['pic']['name'];
$imgTmp = $_FILES['pic']['tmp_name'];
$imgtype = $_FILES['pic']['type'];
$imgSize = $_FILES['pic']['size'];
$maxFileSize = 200000;
$pic = "../uploads/" . $user_id . "_" . time() . $imgName;
if ($imgSize > $maxFileSize) {
$error = "size";
}
if ($imgType == "image/jpeg" || $imgType == "image/gif") {
$error .= "";
} else {
$error = "type";
}
if (file_exists($pic)) {
$error = "exists";
}
if ($error == "" && $imgName != "") {
move_uploaded_file($imgTmp, $pic);
mysql_query("UPDATE users SET pic = '$pic', WHERE username = '$username'");
if (!mysql_query($query, $connect)) {
die(mysql_error());
} else {
mysql_close($connect);
header('location:http://www.WEBSITE.co.uk/users/upload-pic-thanks.php');
}
} else {
header("Location:edit-pic-error.php?e=".$error);
}
and it gives me this in the address bar: edit-pic-error.php?e=type, however the file i am trying to upload is .jpg, and its smaller than the 20000kb allowance.
The table in my mysql database is called 'users', and the table row is called 'pic', its Varchar, 60, allow null ticked.
The table is not being updated with the new time stamped profile picture.
Please help.
Thanks very much
$imgtype = $_FILES['pic']['type'];
if ($imgType == "image/jpeg" || $imgType == "image/gif") {
$imgType vs. $imgtype, notice the case.