php forms multiple input upload - php

I wrote a multiple form, but it doesn't work. Code inspector tells me something is wrong with move_uploaded_file function. Can anyone tell me what the problem is?
My HTML code:
<div class="setting post">
<form action="add-banner.php" method="post" enctype="multipart/form-data">
<input type="text" name="banner-title" placeholder="enter new banner title"><br>
<select name="banner-cat">
<?php
$get_cats = mysqli_query($db,'select * from cats');
while($row = mysqli_fetch_assoc($get_cats)){
?>
<option value="<?php echo $row['id']?>"><?php echo $row['cat_name'] ?></option>
<?php
}
?>
</select>
<br>
<input type="file" name="banner">
<br>
<input type="submit" name="upload" value="add new banner">
</form>
</div>
and this is my php code:
<?php
require_once 'db.php';
global $db;
$banner_title = $_POST['banner-title'];
$banner_cat = $_POST['banner-cat'];
$banner = $_FILES['banner']['name'];
$banner_tmp = $_FILES['banner']['tmp_name'];
$upload_file = move_uploaded_file($banner_tmp,'../../images/$banner');
$insert_banner = mysqli_query($db,"insert into banner(banner_title,banner_cat,banner_link) values ('$banner_title','$banner_cat','$banner')");
if($insert_banner && $upload_file){
$message = 'New banner Succesfully added';
echo "<script>
alert('".$message."');
window.location.href='post.php';
exit;
</script>";
}else{$message = 'Something goes Wrong';
echo "<script>
alert('".$message."');
window.location.href='post.php';
exit;
</script>";
}
?>


<?php
require_once 'db.php';
global $db;
$banner_title = $_POST['banner-title'];
$banner_cat = $_POST['banner-cat'];
$banner = basename($_FILES['banner']['name']);
$banner_tmp = $_FILES['banner']['tmp_name'];
$upload_file = move_uploaded_file($banner_tmp,'/images/$banner');
$insert_banner = mysqli_query($db,"insert into banner(banner_title,banner_cat,banner_link) values ('$banner_title','$banner_cat','$banner')");
if($insert_banner && $upload_file){
$message = 'New banner Succesfully added';
echo "<script>
alert('".$message."');
window.location.href='post.php';
exit;
</script>";
}else{$message = 'Something goes Wrong';
echo "<script>
alert('".$message."');
window.location.href='post.php';
exit;
</script>";
}
?>
// Don't use back folder for uploaded file, if use back folder, use full url for folder.

Related

How Can i use includ in php without excute the first page code

i try to get a variable from header page to a game page.. but when i do it with include 'header.php" he excute the header code in game.php ( header("refresh"))
i wanna to excute the refresh one time in first page only
header.php code :
<?php
$memory = "ahmed";
echo "Remember This Word : " . $memory;
header("Refresh: 5; url= game.php");
// exit;
?>
game.php code :
<?php
// ob_start();
// include "header.php";
// ob_end_clean();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if($_POST['solution'] == "ahmed") {
$_SESSION['username'] = $_POST['solution'];
} else {
echo "Try again";
}
}
if(isset($_SESSION['username'])) {
echo "Well Done <br>";
echo ' Play again';
} else {
?>
<form action="" method="POST">
<input type="text" name="solution" id="">
<input type="submit" value="check">
</form>
<?php } ?>

What's wrong with this POST method?

i have tried to fix my this upload code in my php :
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
$nama=$_SESSION["username"];
if (($nama)!='Admin'){
echo "<script>
window.location = '/home'
</script>";
}
?>
<h2>Upload Item Panel</h2>
<p><span class="error">*Semua harus diisi</span></p>
<form method="post" action="listingupload.php/" enctype="multipart/form-data">
Nama Barang: <input type="text" name="name" value="">
<br><br>
Stock :<input type="text" name="stock" value="">
<br><br>
Warna: <input type="text" name="warna" value="">
<br><br>
RAM: <input type="text" name="ram" value="">
<br><br>
kondisi: <input type="text" name="kondisi" value="">
<br><br>
Harga: <input type="text" name="harga" value="">
<br>
<b>Harap mengisi kolom harga tanpa titik (Dua juta rupiah = 2000000)</b>
<br><br>
Harga Sebelum diskon: <input type="text" name="hargabefore" value="">
<br><br>
Deskripsi: <textarea name="deskripsi" rows="5" cols="40"></textarea>
<br><br>
Gambar Listingan:<br><br>
<input type="file" name="pic"><br><br>
Gambar Detail 1:<br><br>
<input type="file" name="pic2"><br><br>
Gambar Detail 2:<br><br>
<input type="file" name="pic3"><br><br>
Gambar Detail 3:<br><br>
<input type="file" name="pic4"><br><br>
Gambar Detail 4:<br><br>
<input type="file" name="pic5"><br><br>
Gambar Detail 5:<br><br>
<input type="file" name="pic6"><br><br>
<input type="submit" value="POST" name="submit">
</form>
</body>
</html>
so that is the code for the form page
and here is the code for the POST method :
<?php
$namafile = $_FILES['pic']['name'];
$namafile2 = $_FILES['pic2']['name'];
$namafile3 = $_FILES['pic3']['name'];
$namafile4 = $_FILES['pic4']['name'];
$namafile5 = $_FILES['pic5']['name'];
$namafile6 = $_FILES['pic6']['name'];
$ukuran = $_FILES['pic']['size'];
$error = $_FILES['pic']['error'];
$ukuran2 = $_FILES['pic2']['size'];
$error2 = $_FILES['pic2']['error'];
$ukuran3 = $_FILES['pic3']['size'];
$error3 = $_FILES['pic3']['error'];
$ukuran4 = $_FILES['pic4']['size'];
$error4 = $_FILES['pic4']['error'];
$ukuran5 = $_FILES['pic5']['size'];
$error5 = $_FILES['pic5']['error'];
$ukuran6 = $_FILES['pic6']['size'];
$error6 = $_FILES['pic6']['error'];
include 'mysqldata.php';
$item=$_POST['name'];
$deskripsi=$_POST['deskripsi'];
$price=$_POST['harga'];
$stock=$_POST['stock'];
$ram=$_POST['ram'];
$warna=$_POST['warna'];
$kondisi=$_POST['kondisi'];
$hargabefore=$_POST['hargabefore'];
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$conn= new mysqli($host,$dbUsername,$dbPassword,$dbname);
if (mysqli_connect_error()){
echo mysqli_errno($this->db_link);
die('Error ('.mysqli_connect_errno().')'.mysqli_connect_error());
} else{
echo "Redirecting....\n";
if (move_uploaded_file($_FILES['pic']['tmp_name'],'listing/'.$namafile)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic2']['tmp_name'],'listing/'.$namafile2)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic3']['tmp_name'],'listing/'.$namafile3)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic4']['tmp_name'],'listing/'.$namafile4)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic5']['tmp_name'],'listing/'.$namafile5)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic6']['tmp_name'],'listing/'.$namafile6)){
echo "Success";
}else{
echo "Failed";
}
$sql = "INSERT INTO $dbname.itemlist(Itemname, Description,Harga,Image,stock,picture,picture2,picture3,picture4,picture5,warna,ram,kondisi,pseudoprice) VALUES ('$item','$deskripsi','$price','$namafile','$stock','$namafile2','$namafile3','$namafile4','$namafile5','$namafile6','$warna','$ram','$kondisi','$hargabefore')";
$conn->query($sql);
}
?>
sometimes this works normally, so i got all of my data and my files uploaded to the mysql, BUT sometimes it just give me the PHP Notice of PHP Undefined Index for ALL OF my data including Price, Image, Stock etc.
I have no idea at all why could this happen, can anyone help me with this one?
EDIT :i did fill in all of the form data, but when i POST it, sometimes it still shows undefined index , the problem is that, if it shows UNDEFINED INDEX doesn't it mean that all of my data is not sent to the mysql? Because is did fill all of the data in my form, the problem is that in the POST script it told me that all of the data is NULL (Undefined index)
if i only uploaded 2-3 pictures the code is working, but if i uploaded 5 pictures then the undefined index error shows up

I am supposing that you have to check if form is submiited or not.
if(!empty($_POST) && !empty($_FILES))
{
$namafile = $_FILES['pic']['name'];
$namafile2 = $_FILES['pic2']['name'];
$namafile3 = $_FILES['pic3']['name'];
$namafile4 = $_FILES['pic4']['name'];
$namafile5 = $_FILES['pic5']['name'];
$namafile6 = $_FILES['pic6']['name'];
$ukuran = $_FILES['pic']['size'];
$error = $_FILES['pic']['error'];
$ukuran2 = $_FILES['pic2']['size'];
$error2 = $_FILES['pic2']['error'];
$ukuran3 = $_FILES['pic3']['size'];
$error3 = $_FILES['pic3']['error'];
$ukuran4 = $_FILES['pic4']['size'];
$error4 = $_FILES['pic4']['error'];
$ukuran5 = $_FILES['pic5']['size'];
$error5 = $_FILES['pic5']['error'];
$ukuran6 = $_FILES['pic6']['size'];
$error6 = $_FILES['pic6']['error'];
include 'mysqldata.php';
$item=$_POST['name'];
$deskripsi=$_POST['deskripsi'];
$price=$_POST['harga'];
$stock=$_POST['stock'];
$ram=$_POST['ram'];
$warna=$_POST['warna'];
$kondisi=$_POST['kondisi'];
$hargabefore=$_POST['hargabefore'];
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$conn= new mysqli($host,$dbUsername,$dbPassword,$dbname);
if (mysqli_connect_error()){
echo mysqli_errno($this->db_link);
die('Error ('.mysqli_connect_errno().')'.mysqli_connect_error());
} else{
echo "Redirecting....\n";
if (move_uploaded_file($_FILES['pic']['tmp_name'],'listing/'.$namafile)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic2']['tmp_name'],'listing/'.$namafile2)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic3']['tmp_name'],'listing/'.$namafile3)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic4']['tmp_name'],'listing/'.$namafile4)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic5']['tmp_name'],'listing/'.$namafile5)){
echo "Success";
}else{
echo "Failed";
}
if (move_uploaded_file($_FILES['pic6']['tmp_name'],'listing/'.$namafile6)){
echo "Success";
}else{
echo "Failed";
}
$sql = "INSERT INTO $dbname.itemlist(Itemname, Description,Harga,Image,stock,picture,picture2,picture3,picture4,picture5,warna,ram,kondisi,pseudoprice) VALUES ('$item','$deskripsi','$price','$namafile','$stock','$namafile2','$namafile3','$namafile4','$namafile5','$namafile6','$warna','$ram','$kondisi','$hargabefore')";
$conn->query($sql);
}
}

Do this format to check if the variables have been set.
if (isset($_FILES['pic']['name']))
{
$namafile = $_FILES['pic']['name'];
}
if (isset($_POST['name']))
{
$item = $_POST['name'])
}
// do the rest

Am I missing something ? PHP MYSQL connection through Xammp

I'm trying to add form data into my database table on Xampp ,but while My echo displays everything properly ,it doesn't input anything into the database table and I wonder if I'm missing something here.I made sure to spell everything the same ,so I doubt it's a spelling error atleast....Any help,suggestions and or corrections are greatly appreciated !
<!DOCTYPE HTML>
<html>
<head>
</head>
<body>
<?php
// define variables and set to empty values
$VarErr = $PavErr = $AdErr = $PkErr = $KiekErr = "";
$Vardas = $Pavarde = $Adresas = $Pk = $Kiekis = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["Vardas"])) {
$VarErr = "Įveskite vardą";
} else {
$Vardas= test_input($_POST["Vardas"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$Vardas)) {
$VarErr = "Galima vesti tik su raidėmis";
}
}
if (empty($_POST["Pavarde"])) {
$PavErr = "Įveskite pavardę";
} else {
$Pavarde = test_input($_POST["Pavarde"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$Pavarde)) {
$PavErr = "Galima vesti tik su raidėmis";
}
}
if (empty($_POST["Adresas"])) {
$AdErr = "Įveskite adresą";
} else {
$Adresas= test_input($_POST["Adresas"]);
}
if (empty($_POST["Pk"])) {
$Pk = "Įveskite prekės kodą";
} else {
$Pk = test_input($_POST["Pk"]);
}
if (empty($_POST["Kiekis"])) {
$KiekErr = "Įveskite kiekį";
} else {
$Kiekis = test_input($_POST["Kiekis"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Vardas: <input type="text" name="Vardas" value="<?php echo $Vardas;?>">
<span class="error">* <?php echo $VarErr;?></span>
<br><br>
Pavarde: <input type="text" name="Pavarde" value="<?php echo $Pavarde;?>">
<span class="error">* <?php echo $PavErr;?></span>
<br><br>
Adresas: <input type="text" name="Adresas" value="<?php echo $Adresas;?>">
<span class="error"><?php echo $AdErr;?></span>
<br><br>
Pk: <input type="number" name="Pk" value="<?php echo $Pk;?>">
<span class="error"><?php echo $PkErr;?></span>
<br><br>
Kiekis:<input type="number" name="Kiekis" value="<?php echo $Kiekis;?>">
<span class="error"><?php echo $KiekErr;?></span>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>Your Input:</h2>";
echo $Vardas;
echo "<br>";
echo $Pavarde;
echo "<br>";
echo $Adresas;
echo "<br>";
echo $Pk;
echo "<br>";
echo $Kiekis;
$host = "localhost";
$user = "root";
$password ="";
$database = "uzsakymas";
try{
$connect = mysqli_connect($host,$user,$password,$database);
}
catch(mysqli_sql_exception $ex){
echo 'database connection error';
}
if(isset($_POST['insert'])) {
$Vardas = $_POST['Vardas'];
$Pavarde = $_POST['Pavarde'];
$Adresas = $_POST['Adresas'];
$Pk = $_POST['Pk'];
$Kiekis = $_POST['Kiekis'];
$insert_query = "INSERT INTO uzsakymai (Vardas,Pavarde,Adresas,Pk,Kiekis)VALUES('$Vardas','$Pavarde','$Adresas','$Pk','$Kiekis')";
try {
$insert_result = mysqli_query($connect,$insert_query);
if($insert_result){
if(mysqli_affected_rows($connect) > 0)
{
echo 'Data Inserted';
}else{
echo'Data not Inserted';
}
}
} catch(Exception $ex) {
echo 'Error Insert'.$ex->getMessmessage();
}
}
?>
</body>
</html>

hi your are checking value in insert isset($_POST['insert']) but insert name not assign in any control so assign insert name to your submit control check below :
<input type="submit" value="Submit" name="insert">

I'm kinda confused with your code but I think the wrong part is in here:
<input type="submit" name="submit" value="Submit">
You have this submit but look at this:
if(isset($_POST['insert']))
You are trying to check if POST is set to insert instead of submit.

Html not send post data to php

I don't know why my html form is not sending data. I have 3 file called default.php, prosesbacasoal.php and bacasoal.php. Because the default.php is too long I just write the html form I get from inspect element
<form method="post" action="prosesbacasoal.php"><div class="head-main- recenttest-result">
<input type="hidden" name="nomor" value="2">
<button class="head-main-recenttest-result-wait" style="text-decoration:none;" type="submit" name="submit">2.Soal Kedua</button> </div></form>
prosesbacasoal.php
<?php
session_start();
if(isset($_POST['submit'])) {
if(isset($_POST['nomor'])) {
$_SESSION['submitsoal'] = true;
$_SESSION['nomorsoal'] = $_POST['nomor'];
header("Location:bacasoal.php");
exit;
} else {
header("Location:bacasoal.php");
exit;
}
} else {
header("Location:bacasoal.php");
exit;
}
?>
Also the bacasoal.php is too long so I just write the part of it:
<?php
session_start();
if(isset($_SESSION['submitsoal'])) {
if(isset($_SESSION['nomorsoal'])) {
$nomorsoal = $_SESSION['nomorsoal'];
$queryjudulnya = "SELECT nomorsoal,judul,soal FROM soal WHERE nomorsoal='".$nomorsoal."'";
$runqueryjudulnya = mysqli_query($konek,$queryjudulnya);
$countqueryjudulnya = mysqli_num_rows($runqueryjudulnya);
if($countqueryjudulnya != 0) {
$assocqueryjudulnya = mysqli_fetch_assoc($runqueryjudulnya);
$juduldatabase = mysqli_real_escape_string($assocqueryjudulnya['judul']);
$soaldatabase = mysqli_real_escape_string($assocqueryjudulnya['soal']);
$nomorsoaldatabase = mysqli_real_escape_string($assocqueryjudulnya['nomorsoal']);
} else {}
} else {}
} else {}
?>
<?php
if(isset($juduldatabase) && isset($nomorsoaldatabase)) {
echo "<div class=\"head-main-recent\"> ".$nomorsoaldatabase.$juduldatabase." </div>";
} else {
echo "<div class=\"head-main-recent\">Judul soal tidak ditemukan!</div>";
}
?>
bacasoal.php keep echo the fail statement "Judul soal tidak ditemukan!"
Does anyone know why? (live demo : http://english-lesson.16mb.com/)

You can do it like below so that if error is there then it will display or any how at-least some useful information will display:-
default.php:-
<form method="post" action="prosesbacasoal.php">
<div class="head-main-recenttest-result">
<input type="hidden" name="nomor" value="2">
<button class="head-main-recenttest-result-wait" style="text-decoration:none;" type="submit" name="submit">2.Soal Kedua</button>
</div>
</form>
prosesbacasoal.php:-
<?php
session_start();
error_reporting(E_ALL);
ini_set('display_errors',1);
if(isset($_POST['nomor'])) {
$_SESSION['submitsoal'] = 'true';
$_SESSION['nomorsoal'] = $_POST['nomor'];
header("location:bacasoal.php");
exit;
} else {
header("location:default.php");
exit;
}
?>
bacasoal.php:-
<?php
session_start();
error_reporting(E_ALL);
ini_set('display_errors',1);
$juduldatabase = '';
$soaldatabase = '';
$nomorsoaldatabase = '';
if(isset($_SESSION['submitsoal']) && isset($_SESSION['nomorsoal'])) {
$nomorsoal = $_SESSION['nomorsoal'];
$queryjudulnya = "SELECT nomorsoal,judul,soal FROM soal WHERE nomorsoal='".$nomorsoal."'";
echo $queryjudulnya;
$runqueryjudulnya = mysqli_query($konek,$queryjudulnya);
if($runqueryjudulnya){
$countqueryjudulnya = mysqli_num_rows($runqueryjudulnya);
if($countqueryjudulnya > 0) {
while($assocqueryjudulnya = mysqli_fetch_assoc($runqueryjudulnya)){
$juduldatabase = $assocqueryjudulnya['judul'];
$soaldatabase = $assocqueryjudulnya['soal'];
$nomorsoaldatabase = $assocqueryjudulnya['nomorsoal'];
}
} else {
echo "No matching record found";
}
}else{
echo "Query execution failed because of:-".mysqli_error($konek);
}
}else {
echo "Session variables are not set";
}
?>
<?php
if(isset($juduldatabase) && isset($nomorsoaldatabase)) {
echo "<div class="head-main-recent"> ".$nomorsoaldatabase.$juduldatabase."</div>";
} else {
echo "<div class="head-main-recent">Judul soal tidak ditemukan!</div>";
}
?>
Note:- if still no error and no records,then echo query and run that query manually in db and check any record are coming or not?

In 3rd line of your HTML code I can see </div> before form tag ending. I cant see dive start tag after form tag
<button class="head-main-recenttest-result-wait" style="text-decoration:none;" type="submit" name="submit">2.Soal Kedua</button> </div></form>
Replace by
<button class="head-main-recenttest-result-wait" style="text-decoration:none;" type="submit" name="submit">2.Soal Kedua</button></form>

it was php session problem , fixed it after i session_destroy(); it using logout.php

Why is my error message not echoing to the screen?

When the user submits a form, the PHP will check to see if the $post was empty, if so, it will set an $error_message variable; thus database INSERT query will not execute. I then attempt to show the error message further on in the code, however it will not display. I have been trying to figure this out for hours and I still cannot find the solution. The funny thing is, this used to work, however I must have implemented something in this file which is preventing the code to execute correctly.
Why is my error message not echoing to the screen (last few lines of code show attempt to echo the error_message)?
<?php require("inc/db.php"); ?>
<?php include("inc/functions.php"); ?>
<?php include ("inc/ChromePhp.php"); ?>
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
ini_set("html_errors", 1);
session_start();
if(!isset($_GET['id'])) {
header("Location: ?id=".getUserId($_SESSION['U_Email']));
}
if(isset($_SESSION["U_Email"])) {
$usersData = getUserInfo($_GET['id']);
$postCount = getPostCount($_GET['id']);
} else {
header('Location: login.php');
}
if($_SERVER["REQUEST_METHOD"] == "POST") {
$post = trim(filter_input(INPUT_POST,"user_post",FILTER_SANITIZE_SPECIAL_CHARS));
if($post == "") {
$error_message = "Please enter something before submitting";
}
if(!isset($error_message)) {
$post = $db->real_escape_string($post);
$postStore = $db->query("INSERT INTO `Post`(P_Body, P_Dateadded, User_U_ID) VALUES ('{$post}', NOW(), '{$_SESSION['U_ID']}' )");
}
}
$dashNav = true;
$cap = true;
$pageTitle = 'Profile';
$name = $usersData['U_Forename'] . " " . $usersData['U_Surname'];
$gender = $usersData['U_Gender'];
$bio = $usersData['U_Biography'];
$team = $usersData['U_Team'];
$city = $usersData['U_City'];
include("inc/header.php");
?>
<?php if(userExists($_GET['id'])) { ?>
<section>
<div class="wrapper">
<?php
if($_SESSION['U_ID'] != $_GET['id']) {
$testFollow = "SELECT `Following`.F_ID, `Following`.U_ID FROM `Following`
WHERE U_ID = '{$_SESSION['U_ID']}' AND F_ID = '{$_GET['id']}'";
$testFollowResult = $db->query($testFollow);
if ($testFollowResult->num_rows > 0) {
echo "<button class='lift' href='#'>Unfollow Driver</button>";
} else {
echo "<button class='lift' href='#'>Follow Driver</button>";
}
}
?>
<?php if (isset($error_message)) {
// This code will not echo!
echo "<h2>".$error_message."</h2>";
}
?>
</div>
<div class="section-b">
<div class="grid">
<div class="row">
<div class="col-wd-12">
<div class="col">
<form id="share" name="share" action="profile.php" method="post">
<textarea id="post" name="user_post" placeholder="What's happening?"> </textarea>
<span id="errorpost" class="error">You must input something something before sending</span>
<?php
echo "<div class='g-recaptcha' data- sitekey='6LfNTB0TAAAAAKEw9zfnFzvGCXF9MuYTkdB144x1
'></div>"; ?>
<button onclick="return postCheckValidate();" type="submit">Share</button>
</form>
</div>
</div>
</div>
</div>
</div>
<?php } ?>

Categories