When I upload file on my localhost it works fine. But when I upload it on the server it doesn't work. Image is displaying on that page correctly from same directory but it has problem in uploading file to that directory.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Belvic Print - Home page</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=3.0, user-scalable=yes"/>
<meta name="description" content="Printing template">
<meta name="author" content="Netbase">
<!--Add css lib-->
<link href='http://fonts.googleapis.com/css?family=Roboto:500,300,700,400' rel='stylesheet' type='text/css'>
<link href='https://fonts.googleapis.com/css?family=Arimo:500,300,700,400' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Roboto+Condensed:500,300,700,400' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="bootstrap-3.3.6-dist/css/bootstrap.min.css">
<link rel="stylesheet" href="bootstrap-3.3.6-dist/font-awesome-4.5.0/css/font-awesome.css">
<link rel="stylesheet" href="sidebar.css">
<script src="bootstrap-3.3.6-dist/js/jquery-1.12.2.min.js"></script>
<script src="bootstrap-3.3.6-dist/js/bootstrap.min.js"></script>
<script src="code_adimn.js"></script>
<script src="script.js"></script>
<style>
body{
position: relative;
overflow-x: hidden;
}
.main-container{
margin:0;
padding:0;
}
.submit_button{
border: none;
margin-top: 5%;
padding: 10px;
}
label.myLabel input[type="file"] {
position: fixed;
top: -1000px;
}
.col-lg-offset-4{
margin-bottom: 5%;
}
.row{
margin-top: 3%;
}
/***** Example custom styling *****/
.myLabel {
/*border: 2px solid #AAA;*/
padding: 10px;
margin-top: 5%;
background: #DDD;
display: inline-block;
}
.myLabel:hover {
background: #CCC;
}
.myLabel:active {
background: #CCF;
}
.myLabel :invalid + span {
color: #A44;
}
.myLabel :valid + span {
color: #4A4;
}
</style>
</head>
<body>
<div class="container-fluid main-container">
<div class="navibar">
<div class="fa fa-bars"> <span> Menu Bar </span></div>
<ul>
<div class="fa fa-close"></div>
<h2 class="admin">Admin Panel</h2>
<li>Image 1</li>
<li>Image 2</li>
<li>Image 3</li>
</ul>
</div>
<div class="row img-row">
<div id="first" class="rows col-lg-6 col-sm-10 col-sm-offset-1 col-xs-10 col-xs-offset-1 col-lg-offset-4">
<?php
include("db.php");
$res = mysqli_query($conn, "SELECT * FROM image WHERE id=1");
while ($record = mysqli_fetch_array($res)) {
?>
<img src="<?php echo "../images/slider/home/" . $record['image1']; ?>" alt="" width="100%">//This image is displaying correctly from same directory
<form enctype="multipart/form-data" action="slider.php" method="POST" >
<label class="myLabel">
<input type="file" name="myfile1"/>
<span>Change Picture</span>
</label>
<input name="submit1" type="submit" class="submit_button">
<div class="clearfix"></div>
</form>
<form action="slider.php" method="POST" enctype="multipart/form-data">
<label name="description">Enter the heading: </label>
<input type="text" name="heading1" class="form-control" placeholder="Enter the heading" value="<?php echo $record['image2']; ?>">
<br>
<label name="description">Enter the Description</label>
<textarea name="description1" class="form-control" rows="3"><?php echo $record['image3'];} ?></textarea>
<input name="submit_content1" type="submit" class="pull-left submit_button">
</form>
</div>
<div id="second" class="rows col-lg-6 col-sm-10 col-sm-offset-1 col-xs-10 col-xs-offset-1 col-lg-offset-4">
<?php
$res1 = mysqli_query($conn, "SELECT * FROM image WHERE id=1");
while ($record1 = mysqli_fetch_array($res1)) {
?>
<img src="<?php echo "../images/slider/home/" . $record1['image4']; ?>" alt="kk" width="100%">
<form action="slider.php" method="POST" enctype="multipart/form-data">
<label class="myLabel">
<input type="file" name="myfile2"/>
<span>Upload Picture</span>
</label>
<input name="submit2" type="submit" class="submit_button">
<div class="clearfix"></div>
</form>
<form action="slider.php" method="POST" enctype="multipart/form-data">
<label name="description">Enter the heading: </label>
<input type="text" name="heading2" class="form-control" placeholder="Enter the heading" value="<?php echo $record1['image5']; ?>">
<br>
<label name="description">Enter the Description</label>
<textarea name="description2" class="form-control" rows="3"><?php echo $record1['image6'];} ?></textarea>
<input name="submit_content2" type="submit" class="pull-left submit_button">
</form>
</div>
<div id="third" class="rows col-lg-6 col-sm-10 col-sm-offset-1 col-xs-10 col-xs-offset-1 col-lg-offset-4">
<?php
$res2 = mysqli_query($conn, "SELECT * FROM image WHERE id=1");
while ($record2 = mysqli_fetch_array($res2)) {
?>
<img src="<?php echo "../images/slider/home/" . $record2['image7']; ?>" alt="" width="100%">
<form action="slider.php" method="POST" enctype="multipart/form-data">
<label class="myLabel">
<input type="file" name="myfile3"/>
<span>Upload Picture</span>
</label>
<input name="submit3" type="submit" class="submit_button">
<div class="clearfix"></div>
</form>
<form action="slider.php" method="POST" enctype="multipart/form-data">
<label name="description">Enter the heading: </label>
<input type="text" name="heading3" class="form-control" placeholder="Enter the heading" value="<?php echo $record2['image8']; ?>">
<br>
<label name="description">Enter the Description</label>
<textarea name="description3" class="form-control" rows="3"><?php echo $record2['image9'];} ?></textarea>
<input name="submit_content3" type="submit" class="pull-left submit_button">
</form>
</div>
</div>
</div>
<?php
if (isset($_POST['submit1'])) {
$type = $_FILES["myfile1"]["type"];
$size = $_FILES["myfile1"]["size"];
$temp = $_FILES["myfile1"]["tmp_name"];
$error = $_FILES["myfile1"]["error"];
if ($_FILES["myfile1"]["error"] < 1) {
if (exif_imagetype($_FILES["myfile1"]["tmp_name"]) != IMAGETYPE_PNG && exif_imagetype($_FILES["myfile1"]["tmp_name"]) != IMAGETYPE_JPEG
&& exif_imagetype($_FILES["myfile1"]["tmp_name"]) != IMAGETYPE_GIF && exif_imagetype($_FILES["myfile1"]["tmp_name"]) != IMAGETYPE_ICO) {
echo 'There is problem with image file or file is not image';
} else {
$name = "image_" . date('Y-m-d-H-i-s') . '_' . uniqid() . '.jpg';
$upload = move_uploaded_file($temp, "../images/slider/home/" . $name);
if ($_FILES["myfile1"]["error"] > 0) {
echo "Some error in file upload";
} else {
$sql = "UPDATE image SET image1='$name' WHERE id=1";
if (mysqli_query($conn, $sql) && $upload) {
echo "Refresh the page to see the effect";
} else {
echo "Some error while updating image";
}
}
}
}
else {
echo "There is error in image file";
}
}
//For image 2
if (isset($_POST['submit2'])) {
$type = $_FILES["myfile2"]["type"];
$size = $_FILES["myfile2"]["size"];
$temp = $_FILES["myfile2"]["tmp_name"];
$error = $_FILES["myfile2"]["error"];
if ($_FILES["myfile2"]["error"] < 1) {
if (exif_imagetype($_FILES["myfile2"]["tmp_name"]) != IMAGETYPE_PNG && exif_imagetype($_FILES["myfile2"]["tmp_name"]) != IMAGETYPE_JPEG
&& exif_imagetype($_FILES["myfile2"]["tmp_name"]) != IMAGETYPE_GIF && exif_imagetype($_FILES["myfile2"]["tmp_name"]) != IMAGETYPE_ICO) {
echo 'There is problem with image file or file is not image';
} else {
$name = "image_" . date('Y-m-d-H-i-s') . '_' . uniqid() . '.jpg';
$upload = move_uploaded_file($temp, "../images/slider/home/" . $name);
if ($_FILES["myfile2"]["error"] > 0) {
echo "Some error in file upload";
} else {
$sql = "UPDATE image SET image4='$name' WHERE id=1";
if (mysqli_query($conn, $sql) && $upload) {
echo "Refresh the page to see the effect";
} else {
echo "Some error while updating image";
}
}
}
}
else {
echo "There is error in image file";
}
}
//For image 3
if (isset($_POST['submit3'])) {
$type = $_FILES["myfile3"]["type"];
$size = $_FILES["myfile3"]["size"];
$temp = $_FILES["myfile3"]["tmp_name"];
$error = $_FILES["myfile3"]["error"];
if ($_FILES["myfile3"]["error"] < 1) {
if (exif_imagetype($_FILES["myfile3"]["tmp_name"]) != IMAGETYPE_PNG && exif_imagetype($_FILES["myfile3"]["tmp_name"]) != IMAGETYPE_JPEG
&& exif_imagetype($_FILES["myfile3"]["tmp_name"]) != IMAGETYPE_GIF && exif_imagetype($_FILES["myfile3"]["tmp_name"]) != IMAGETYPE_ICO) {
echo 'There is problem with image file or file is not image';
} else {
$name = "image_" . date('Y-m-d-H-i-s') . '_' . uniqid() . '.jpg';
$upload = move_uploaded_file($temp, "../images/slider/home/" . $name);
if ($_FILES["myfile3"]["error"] > 0) {
echo "Some error in file upload";
} else {
$sql = "UPDATE image SET image7='$name' WHERE id=1";
if (mysqli_query($conn, $sql) && $upload) {
echo "Refresh the page to see the effect";
} else {
echo "Some error while updating image";
}
}
}
}
else {
echo "There is error in image file";
}
}
//For content 1
if (isset($_POST['submit_content1'])) {
$heading1 = $_POST['heading1'];
$description1 = $_POST['description1'];
$update1 = "UPDATE image SET image2='$heading1', image3='$description1' WHERE id=1";
if (mysqli_query($conn, $update1)) {
echo "";
} else {
echo mysqli_error($conn);
}
}
//For content 2
if (isset($_POST['submit_content2'])) {
$heading2 = $_POST['heading2'];
$description2 = $_POST['description2'];
$update2 = "UPDATE image SET image5='$heading2', image6='$description2' WHERE id=1";
if (mysqli_query($conn, $update2)) {
echo "";
} else {
echo mysqli_error($conn);
}
}
//For content 3
if (isset($_POST['submit_content3'])) {
$heading3 = $_POST['heading3'];
$description3 = $_POST['description3'];
$update3 = "UPDATE image SET image8='$heading3', image6='$description3' WHERE id=1";
if (mysqli_query($conn, $update3)) {
echo "";
} else {
echo mysqli_error($conn);
}
}
?>
</body>
add this 2 lines on php.ini (or unquote it)
extension=php_mbstring.dll
extension=php_exif.dll
and like i said use is_uploaded_file before moving files :)
Related
So I created a PHP on which I have added the CKEditor5 document That worked great,
After that I realised uploading images does not work. So I started digging in the documentation.
I realise I need a FileImageAdapter, instead of creating my own, I downloaded and uploaded CKfinder and the ckeditor5-ckfinder on GitHUb I uploaded both documents.
My test server is: https://webkeuken.be/
On that after login people can edit somethings, having a page like:
<?php
session_start();
if($_POST['promo'])
{
$xml=simplexml_load_file("../db.xml") or die("Error: Cannot create object");
$usernameDb = $xml->usernameDb;
$passwordDb = $xml->passwordDb;
$hostname = $xml->hostname;
$dbname = $xml->dbname;
// Create connection
$conn = new mysqli($hostname, $usernameDb, $passwordDb, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$_POST['promo']=str_replace("'", "'", $_POST['promo']);
//$sql = "INSERT INTO `product`( `naam`, `info`,`price`) VALUES (,,".."')";
$sql = "UPDATE `promo_balance` SET `promo`='".$_POST['promo']."' WHERE id=1";
if ($conn->query($sql) === TRUE) {
$_SESSION['input']= "New record created successfully";
$last = $conn->insert_id;
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
}
function verify()
{
if(!$_SESSION['user'])
{
if($_POST)
{
if($_POST['user']=="l-admin" && $_POST['pass']=="balance2016")
{
$_SESSION['user']="ok";
}
else
{
echo '
<form method="post" class="text-left" style="margin-top: 2%;">
<label style="margin-top: 2%;">USER</label>
<input type="text" name="user" class="form-control"/>
<label style="margin-top: 2%;">PASSWORD</label>
<input type="password" name="pass" class="form-control"/>
<input type="submit" class="form-control" style="margin-top: 2%;"/>
<span>Foute login gegevens</span>
</form>
';
}
}
else
{
echo '
<form method="post" class="text-left" style="margin-top: 2%;">
<label style="margin-top: 2%;">USER</label>
<input type="text" name="user" class="form-control"/>
<label style="margin-top: 2%;">PASSWORD</label>
<input type="password" name="pass" class="form-control"/>
<input type="submit" class="form-control" style="margin-top: 2%;"/>
</form>
';
}
}
}
function getPromo()
{
$xml=simplexml_load_file("../db.xml") or die("Error: Cannot create object");
$usernameDb = $xml->usernameDb;
$passwordDb = $xml->passwordDb;
$hostname = $xml->hostname;
$dbname = $xml->dbname;
$rij = array();
// Create connection
$conn = new mysqli($hostname, $usernameDb, $passwordDb, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT promo FROM promo_balance where id=1";
$item='';
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
$item = $row['promo'];
}
} else {
echo "0 results";
}
$conn->close();
return $item;
}
function toonForm(){
echo "<div class='col-lg-6'>";
echo "<h3><i class='fa fa-info'></i> Je kan hier een tekst schrijven, deze past zich aan.</h3>";
echo "<h3><i class='fa fa-bullhorn'></i> Ideaal voor je promoties.</h3>";
echo '<form method="post">';
echo '<label>Pas hier uw tekst aan</label>';
echo '
<div id="toolbar-container"></div>
<div id="editor">
'.getPromo().'
</div>
';
echo "<h5><i class='fa fa-pencil'></i> Deze tool werkt met Word Live</h5>";
echo '<input type="submit" class="btn btn-info btn-block" />';
echo '</form>';
}
function showOptions()
{
echo '<div class="row text-center">
<div class="col-lg-8 col-lg-offset-4">
<h2>Beheer uw promo vak</h2>
</div></div>';
echo '<div class="row">';
echo '<div class="col-lg-4">';
echo '
<script type="text/javascript">
google_ad_client = "ca-pub-3598185186227907";
google_ad_slot = "4603323478";
google_ad_width = 300;
google_ad_height = 250;
</script>
<!-- Extra -->
<script type="text/javascript" src="//pagead2.googlesyndication.com/pagead/show_ads.js">
</script>';
echo '</div>';
echo '<div class="col-lg-2 col-lg-offset-2 text-center ">';
echo '<div class="thumbnail">';
echo '<div class="caption">
<h1><i class="fa fa-arrow-left"></i></h1>
<h3>GA TERUG</h3>
<p> VORIG</p>
</div>';
echo '</div>';
echo '</div>';
echo '</div>';
//END OF ROW 1
echo '<div class="row">';
echo '<div class="col-lg-4">';
echo '<script type="text/javascript">
google_ad_client = "ca-pub-3598185186227907";
google_ad_slot = "4603323478";
google_ad_width = 300;
google_ad_height = 250;
</script>
<!-- Extra -->
<script type="text/javascript" src="//pagead2.googlesyndication.com/pagead/show_ads.js">
</script>';
echo '</div>';
toonForm();
echo '</div>';
echo "</div>";
//END ROW 2
echo '<div class="row">';
echo '<div class="col-lg-4">';
echo '
<script type="text/javascript">
google_ad_client = "ca-pub-3598185186227907";
google_ad_slot = "4603323478";
google_ad_width = 300;
google_ad_height = 250;
</script>
<!-- Extra -->
<script type="text/javascript"
src="//pagead2.googlesyndication.com/pagead/show_ads.js">
</script>';
echo '</div>';
echo '</div>';// END ROW 3
}
?>
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title>Krijtbord | Pas uw website aan in één klik.</title>
<meta name="description" content="Krijtbord | Pas uw website aan in één klik." />
<meta name="google-site-verification" content="ExQ89lGiGlXTIDoWcfx5CxMkRu-Wtubn8FYir2BJRU8" />
<link href="/bootstrap-assets/css/bootstrap.min.css" rel="stylesheet">
<!-- Style -->
<link href="/plugins/owl-carousel/owl.carousel.css" rel="stylesheet">
<link href="/plugins/owl-carousel/owl.theme.css" rel="stylesheet">
<link href="/plugins/owl-carousel/owl.transitions.css" rel="stylesheet">
<link href="/plugins/Lightbox/dist/css/lightbox.css" rel="stylesheet">
<link href="/plugins/Icons/et-line-font/style.css" rel="stylesheet">
<link href="/plugins/animate.css/animate.css" rel="stylesheet">
<link rel="stylesheet" href="/plugins/font-awesome-4.7.0/css/font-awesome.min.css">
<link href="/css/main.css" rel="stylesheet">
<link href="style.css" rel="stylesheet">
</head>
<body>
<div class="container-fluid ruimte-top">
<div id="vliegerContent" style="padding-top: 4%; padding-bottom: 4%; border-bottom: 1px solid black;background: url('/tegels/bg.jpg'); background-size: cover;" class="text-center">
<h1 style=" width: 100%; text-shadow: 3px 3px #000; color: white; margin-top: 0; margin-left: auto; margin-right: auto; padding-top: 5%; padding-bottom: 5%;"class="text-vertical-center" data-stellar-background-ratio="0.5">Beheerders Pagina</h1>
</div>
<?php verify();?>
<div class="row" style="padding-bottom: 1%; background-color: white;">
</div>
<?php
if($_SESSION['user']=="ok")
{
showOptions();
}
?>
<div class="row" style="border-top: 1px solid black; margin-right: 0; margin-left: 0;">
<div class="text-center ruimte-top">
</div>
</div>
<div class="row ruimte-bottom" style=" margin-right: 0; margin-left: 0;">
<div class="col-lg-4 col-md-4 col-sm-4 col-lg-offset-2 col-md-offset-2 col-sm-offset-2">
<a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/"><img
alt="Creative Commons License" style="border-width:0"
src="https://i.creativecommons.org/l/by-nc-nd/3.0/88x31.png"/></a><a rel="license"
href="http://creativecommons.org/licenses/by-nc-nd/3.0/"></a>
</div>
<div class="col-lg-4 col-md-4 col-sm-4 col-lg-offset-2 col-md-offset-2 col-sm-offset-2">
<a rel="license" href="http://cogitatio.be" id="support">Met de steun van Cogitatio.be</a>
</div>
</div>
</div>
<!-- JS SCRIPTS -->
<script src="https://cdn.ckeditor.com/ckeditor5/15.0.0/decoupled-document/ckeditor.js"></script>
<script src="https://code.jquery.com/jquery-2.2.0.min.js" type="text/javascript"></script>
<script src="/js/modernizr.js"></script>
<script src="/js/bootstrap.js"></script>
<script src="behaviour.js"></script>
<script>
$( "#verstuur" ).prop( "disabled", true );
$("#goed").hide();
function IsEmail()
{
var regex = /^([a-zA-Z0-9_.+-])+\#(([a-zA-Z0-9-])+\.)+([a-zA-Z0-9]{2,4})+$/;
if(regex.test(document.getElementById('email').value))
{
$( "#verstuur" ).prop( "disabled", false );
$("#goed").show();
$("#fout").hide();
}
else
{
$("#goed").hide();
$("#fout").show();
}
}
</script>
<script>
import CKFinder from '#ckeditor/ckeditor5-ckfinder/src/ckfinder';
DecoupledEditor
.create( document.querySelector( '#editor' ), {
plugins: [ CKFinder, ... ],
// Enable the "Insert image" button in the toolbar.
// toolbar: [ 'imageUpload', ... ],
ckfinder: {
// Upload the images to the server using the CKFinder QuickUpload command.
uploadUrl: '/ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Images&responseType=json'
} )
.then( editor => {
const toolbarContainer = document.querySelector( '#toolbar-container' );
toolbarContainer.appendChild( editor.ui.view.toolbar.element );
} )
.catch( error => {
console.error( error );
} );
</script>
</body>
</html>
Now my page just renders the getPromo Content,
In my console I get:
Uncaught SyntaxError: Cannot use import statement outside a module
For those who need a CkFinder and CkEditor in there site.
The Setup is quite different as I thought. (Took me a lot of time).
CkEditor setup is quite easy. The CKFinder is ok. But on the docs they do an import. With:
import CKFinder from '#ckeditor/ckeditor5-ckfinder/src/ckfinder';
This caused an error.
Working Script for Upload
<script>
DecoupledEditor
.create( document.querySelector( '#editor' ), {
ckfinder: {
// Upload the images to the server using the CKFinder QuickUpload command.
uploadUrl: 'https://www.yumyumsushi.be/ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Images&responseType=json'
}
} )
.then( editor => {
const toolbarContainer = document.querySelector( '#toolbar-container' );
toolbarContainer.appendChild( editor.ui.view.toolbar.element );
} )
.catch( error => {
console.error( error );
} );
</script>
This question already exists:
How do I make my php not send form data to mysql if it doesn't meet criteria?
Closed 4 years ago.
As stated in the above title, I am completely perplexed as to why my site doesn't insert the data into my database (and yes I've made all the necessary columns and stuff). It is probably related to the radio buttons and the "Preke" tag so if you see anything I've messed up on, it'd help me out a lot!
Hese is my code:
<!DOCTYPE HTML>
<?php
// define variables and set to empty values
$VarErr = $PavErr = $AdErr = $PreErr = $PkErr = $KiekErr = "";
$Vardas = $Pavarde = $Adresas = $Preke = $Pk = $Kiekis = "";
?>
<html class="no-js" lang="en">
<head>
<title>Dailės parduotuvė</title>
<meta charset="UTF-8">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
<link rel="stylesheet" type="text/css" href="css/stilius.css">
</head>
<body class="content ">
<div class="container">
<nav class="navbar navbar-expand-lg navbar-dark ">
<a class="navbar-brand" href="index.html">Kauno dailė</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarSupportedContent">
<ul class="navbar-nav ml-auto">
<li class="nav-item">
<a class="nav-link" href="Visos.html">Visos prekės</a>
</li>
<li class="nav-item">
<a class="nav-link" href="Uzsakymas.php">Užsisakymas</a>
</li>
<li class="nav-item">
<a class="nav-link" href="#">Kontaktai</a>
</li>
</ul>
</div>
</nav>
<div>
<div class="content sm-4 text-center">
<h2>Užsisakymo forma</h2>
<p><span class="error">* privalomi laukai</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<p class="text-center">Vardas</p><br>
<input type="text" name="Vardas" value="<?php echo $Vardas;?>">
<span class="error">* <?php echo $VarErr;?></span>
<p class="text-center">Pavarde</p><br>
<input type="text" name="Pavarde" value="<?php echo $Pavarde;?>">
<span class="error">* <?php echo $PavErr;?></span>
<p class="text-center">Adresas</p><br>
<input type="text" name="Adresas" value="<?php echo $Adresas;?>">
<span class="error">* <?php echo $AdErr;?></span><br>
Prekės rūšis:<br>
<input type="radio" name="Preke" value="Vienišas(-a)" checked>Dažai(5€)<br>
<input type="radio" name="Preke" value="Susituokęs(-usi)">Teptukas(2€)<br>
<input type="radio" name="Preke" value="Išsiskyręs(-usi)">Pieštukas(2€)<br>
<input type="radio" name="Preke" value="Našlys(-ė)">Ofiso įrankis(1€)<br>
<span class="error">* <?php echo $PreErr;?></span>
<br>
<p class="text-center">Prekės kodas</p><br>
<input type="number" name="Pk" value="<?php echo $Pk;?>">
<span class="error">* <?php echo $PkErr;?></span>
<p class="text-center">Kiekis</p><br>
<input type="number" name="Kiekis" value="<?php echo $Kiekis;?>">
<span class="error">* <?php echo $KiekErr;?></span>
<br>
<!-- Input For Add Values To Database-->
<input type="submit" name="insert" value="Užsisakyti">
</div>
</div>
<div class="content py-5">
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["Vardas"])) {
$VarErr = "Įveskite vardą";
} else {
$Vardas= test_input($_POST["Vardas"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$Vardas)) {
$VarErr = "Galima vesti tik su raidėmis";
}
}
if (empty($_POST["Pavarde"])) {
$PavErr = "Įveskite pavardę";
} else {
$Pavarde = test_input($_POST["Pavarde"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$Pavarde)) {
$PavErr = "Galima vesti tik su raidėmis";
}
}
if (empty($_POST["Adresas"])) {
$AdErr = "Įveskite adresą";
} else {
$Adresas= test_input($_POST["Adresas"]);
}
}
if (empty($_POST["Preke"])) {
$PreErr = "Pasirinkite prekės tipą";
} else {
$Preke = test_input($_POST["Preke"]);
}
if (empty($_POST["Pk"])) {
$Pk = "Įveskite prekės kodą";
} else {
$Pk = test_input($_POST["Pk"]);
}
if (empty($_POST["Kiekis"])) {
$KiekErr = "Įveskite kiekį";
} else {
$Kiekis = test_input($_POST["Kiekis"]);
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$host = "localhost";
$user = "root";
$password ="";
$database = "uzsakymas";
try{
$connect = mysqli_connect($host,$user,$password,$database);
}
catch(mysqli_sql_exception $ex){
echo 'database connection error';
}
//insert
if(isset($_POST['insert'])) {
$Vardas = $_POST['Vardas'];
$Pavarde = $_POST['Pavarde'];
$Adresas = $_POST['Adresas'];
$Preke = $_POST['Preke'];
$Pk = $_POST['Pk'];
$Kiekis = $_POST['Kiekis'];
$insert_query = "INSERT INTO uzsakymai (Vardas,Pavarde,Adresas,Preke,Pk,Kiekis,)VALUES('$Vardas','$Pavarde','$Adresas','$Preke','$Pk','$Kiekis')";
try {
$insert_result = mysqli_query($connect,$insert_query);
if($insert_result){
if(mysqli_affected_rows($connect) > 0)
{
echo 'Data Inserted';
}else{
echo'Data not Inserted';
}
}
} catch(Exception $ex) {
echo 'Error Insert'.$ex->getMessmessage();
}
}
?>
</div>
<div class = "footer py-5 bg-secondary">
</div>
<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
</body>
</html>
Your problem is in 'input value' properties. You set it to empty variables. Remove value from input tag like this:
<p class="text-center">Vardas</p><br><input type="text" name="Vardas" placeholder="Vardas">
it should work. About your MySQL queries, they are vulnerable for SQL Injections attack. Use PDO to protect against SQL Injections.
You have already inserted values and if you want to use values="". Then, in your SQL, you should UPDATE and not INSERT. Also,as rpm192 stated above you should use parameterized queries, otherwise you will face SQL injections. Good Luck!
kindly help me to sort this out
i just need to upload an excel file to upload folder same time export data to the mysql database.
currently uploading is successfully happen and if i give excel file location and file name manually data within it will export to the database.
kindly tell me what method should it used to do this same time.
code set used to upload excel file to the 'uploads' folder
<?php
require_once './config/MainConfig.php';
include './config/dbc.php';
$uploadedStatus = 0;
if (isset($_POST["submit"])) {
if (isset($_FILES["file"])) {
// $_SESSION['date_ss'] = $_POST['date_ss'];
//if there was an error uploading the file
if ($_FILES["file"]["error"] > 0) {
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
} else {
if (file_exists($_FILES["file"]["name"])) {
unlink($_FILES["file"]["name"]);
$uploadedStatus = 2;
}
$name = basename($_FILES['file']['name']);
$name1 = explode('.', $name);
if ($name1[count($name1) - 1] == 'csv' || $name1[count($name1) - 1] == 'xlsx') {
$target_path = "uploads/";
$target_location = $target_path . basename($_FILES['file']['name']);
$_SESSION['target_location'] = $target_location;
// $datess = $_POST['date_ss'];
move_uploaded_file($_FILES["file"]["tmp_name"], $target_location);
$uploadedStatus = 1;
}
}
} else {
echo "No file selected <br />";
}
}
?>
<html>
<head>
<style>
.file-upload {
max-width: 580px;
height: 200px;
padding: 25px 35px 45px;
margin: 0 auto;
background-color: #fff;
border: 1px solid rgba(0,0,0,0.1);
}
</style>
</head>
<?php
if (array_key_exists("action", $_POST)) {
if ($_POST['action'] == 'sendManualFileUpoadingData') {
$Manual_note_No=$_POST['Manual_note_No'];
$Phone_amount= $_POST[' Phone_amount'];
echo $Manual_note_No;
}
}
?>
<div class="container">
<div class="wrapper">
<div class="file-upload">
<div class="row">
<div class="col-md-4">Transfer Note Number :</div>
<div class="col-md-4"><?php echo'' ?></div>
</div>
<div class="row">
<div class="col-md-4">Phone quantity:</div>
<div class="col-md-4"><?php echo '' ?></div>
</div>
<div class="row">
<div class="col-md-4"></div>
<div class="col-md-4">
<form action="fileuploadexecution.php" method="post" enctype="multipart/form-data">
<input type="file" id="file" name="file" multiple="multiple" />
<p style="text-align: right; margin-top: 20px;">
<input type="submit" value="Upload Files" name="submit" class= "btn btn-success" />
</p>
</form>
</div>
<div class="col-md-4"></div>
</div>
<div class="row">
<?php
if ($uploadedStatus == 1) {
echo 'file uploaded successfully';
} elseif ($uploadedStatus == 2) {
echo 'file already available';
}
?>
</div>
</div>
</div>
</div>
<!-- you need to include the ShieldUI CSS and JS assets in order for the Upload widget to work -->
<link rel="stylesheet" type="text/css" href="css/bootstrap.css" />
<script type="text/javascript" src="js/jquery.min.js"></script>
</html>
code set used to export excel file data into mysql table
<?php
session_start();
//all save,update,delete
require_once './config/dbc.php';
//db connectin
require_once './class/database.php';
require_once './class/systemSetting.php';
$system = new setting();
//calling the class setting from systemsetting.php
$database = new database();
// MainConfig::connectDB();
// $datess = $_SESSION['date_ss'];
// $q = mysql_fetch_array(mysql_query("SELECT MAX(commission.num_of_session +1)AS commax FROM commission"));
// $sess = $q['commax'];
set_include_path(get_include_path() . PATH_SEPARATOR . 'ex_class/');
include './xl_upload/ex_class/PHPExcel/IOFactory.php';
// This is the file path to be uploaded.
//
//echo $_SESSION['target_location'];
//$inputFileName = $target_path . basename($_FILES['file']['name']);
$inputFileName = 'testFile.xlsx';
try {
$objPHPExcel = PHPExcel_IOFactory::load($inputFileName);
} catch (Exception $e) {
die('Error loading file "' . pathinfo($inputFileName, PATHINFO_BASENAME) . '": ' . $e->getMessage());
}
$allDataInSheet = $objPHPExcel->getActiveSheet()->toArray(null, true, true, true);
$arrayCount = count($allDataInSheet); // Here get total count of row in that Excel sheet
$count = 1;
for ($count; $count <= $arrayCount; $count++) {
$Doc_No = trim($allDataInSheet[$count]["A"]);
$ESN = trim($allDataInSheet[$count]["B"]);
$insertTable = mysql_query("INSERT INTO `test_table` (`Doc_No`, `ESN`) VALUES ('".$Doc_No."','".$ESN."');") or die(mysql_error());
}
$msg = 'Record has been added. <div style="Padding:20px 0 0 0;">Go Back</div>';
?>
excel file that going to upload
Try the this
Execute a database backup query from PHP file. Below is an example of using SELECT INTO OUTFILE query for creating table backup:
$tableName = 'yourtable';
$backupFile = 'backup/yourtable.sql';
$query = "SELECT * INTO OUTFILE '$backupFile' FROM $tableName";
$result = mysqli_query($con,$query);
To restore the backup you just need to run LOAD DATA INFILE query like this:
$tableName = 'yourtable';
$backupFile = 'yourtable.sql';
$query = "LOAD DATA INFILE 'backupFile' INTO TABLE $tableName";
$result = mysqli_query($con,$query);
The question may seems vague and I apologise fully, so I'll try and explain it better here. Basically, I have 2 .php files, the index.php and php.php. On index.php a user will enter their username into the form where they would then submit the input, php.php then grabs the username (using the $_POST[] method.) and display the data on that page. The URL at this point looks like this;
http://minecraftnamespy.esy.es/php.php.
How would I do it so that the username the user types would be added onto the URL? E.g;
User inputs: _scrunch as username.
URL now changes from http://minecraftnamespy.esy.es/php.php to
http://minecraftnamespy.esy.es/php?=_scrunch
I should like to point out that I am working with the Mojang API here.
My php.php code is:
<?php
//error_reporting(E_ALL & ~E_NOTICE);
// Load the username from somewhere
if (
$username = $_POST["username"]
) {
//do nothing
} else {
$username = "notch";
}
//allow the user to change the skin
$skinChange = "<a href='https://minecraft.net/profile/skin/remote?url=http://skins.minecraft.net/MinecraftSkins/$username.png' target='_blank' </a>";
//grabbing the users information
if ($content = file_get_contents('https://api.mojang.com/users/profiles/minecraft/' . urlencode($username))
) {
$userSkin = "<img src='https://mcapi.ca/skin/3d/$username' />";
} else {
$content = file_get_contents('https://api.mojang.com/users/profiles/minecraft/' . urlencode($username) . '?at=0');
if( $http_response_header['0'] == "HTTP/1.1 204 No Content") {
echo "Not a valid Minecraft Username! <a href='index.php'><button>Search Again?</button></a>";
die;
}
$json = json_decode($content);
foreach ($json as $currentName) {
$currentName = $currentName;
}
$userSkin = "<img src='https://mcapi.ca/skin/3d/$currentName' />";
}
// Decode it
$json = json_decode($content);
// Check for error
if (!empty($json->error)) {
die('An error happened: ' . $json->errorMessage);
}
// Save the uuid
$uuid = $json->id;
// Get the history (using $json->uuid)
$content = file_get_contents('https://api.mojang.com/user/profiles/' . urlencode($uuid) . '/names');
// Decode it
$json = json_decode($content);
$names = array(); // Create a new array
foreach ($json as $name) {
$input = $name->name;
if (!empty($name->changedToAt)) {
// Convert to YYYY-MM-DD HH:MM:SS format
$time = date('Y-m-d H:i:s', $name->changedToAt);
$input .= ' (changed at ' . $time . ')';
}
$names[] = $input; // Add each "name" value to our array "names"
}
//url to users 2D head (avatar)
$usersAvatar = "https://mcapi.ca/avatar/2d/$input/55";
//user's Avatar as favivon
$usersFavicon = "<link rel='shortcut icon' href='$usersAvatar' type='image/png' />";
//use $uuid tp grab UUID of the user - ---- - - - use $names to get name history of the user.
?>
<html>
<head>
<?php echo $usersFavicon;?>
<title><?php echo $username?>'s Information</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title>Find a player skin!</title>
<style>
body {
background-image: url(http://minecraftnamespy.esy.es/grad.jpg);
background-position: bottom;
background-repeat: no-repeat;
background-size: 100% 500px;
}
#content {
margin-left: auto;
margin-right: auto;
width: 60%;
}
img.logo {
margin-right: auto;
margin-left: auto;
display: block;
padding: 30px;
max-width: 100%;
height: auto;
width: auto\9;
}
.center {
margin-left: auto;
margin-right: auto;
}
.footer {
text-align: center;
}
p.responsive {
word-wrap: break-word;
}
</style>
</head>
<body>
<img style="position: absolute; top: 0; right: 0; border: 0;" src="http://minecraftnamespy.esy.es/source.png" alt="View Source on GitHub" data-canonical-src="https://s3.amazonaws.com/github/ribbons/forkme_right_orange_ff7600.png">
<!--debug -->
<?php ?>
<div id="content">
<div class="col-md-12">
<img class="logo" src="http://minecraftnamespy.esy.es/logo.png">
</div>
<div class="col-md-12">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><?php echo $username;?>'s UUID</h3>
</div>
<div class="panel-body">
<p class="responsive"><?php echo $uuid;?></p>
</div>
</div>
</div>
<div class="col-md-8">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><?php echo $username;?>'s Name History (Oldest to Most Recent)</h3>
</div>
<div class="panel-body">
<?php echo implode(', <br>', $names) ;?>
</div>
</div>
</div>
<div class="col-md-4">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><?php echo $username;?>'s Avatar</h3>
</div>
<div class="panel-body">
<div class="center">
<?php echo $userSkin;?>
</div>
<p><?php echo $skinChange;?>Change this skin to yours!</a></p>
</div>
</div>
</div>
<div class="col-md-12">
<div class="btn-group pull-right" role="group" aria-label="">
<button type="button" class="btn btn-default">Search another Username?</button>
</div>
</div>
<div class="footer">
<span>Created by _scrunch</span> •
<span>©2015</span> •
<span>Find me on PMC</span>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y8MWQB9FCUTFJ">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal – The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="1" height="1">
</form>
</div>
</div>
</body>
</html>
Here's the form that is used to submit the username on index.php.
<form action="php.php" method="GET">
<div class="form-group">
<label for="username">Username:</label>
<input type="text" class="form-control" id="username" name="username" placeholder="Enter username">
</div>
<button type="submit" class="btn btn-default">Submit</button>
</form>
You want a GET request, which are visible in the URL in the form of http://example.com/index.php?username=_scrunch
A POST request is invisible (i.e, it does not appear in the URL) and are commonly used to send sensitive data (though a POST is not enough for data security!).
Converting your POST into a GET is a simple matter of changing from
$username = $_POST["username"]
to
$username = $_GET["username"]
You can use this, note the additional inclusion of
if (!$_GET["username"]) {
exit;
}
which causes your page to exit loading and protects against misuse of the page if username is not present.
<?php
//error_reporting(E_ALL & ~E_NOTICE);
// Load the username from somewhere
if (!$_GET["username"]) {
exit;
}
if (
$username = $_GET["username"]
) {
//do nothing
} else {
$username = "notch";
}
//allow the user to change the skin
$skinChange = "<a href='https://minecraft.net/profile/skin/remote?url=http://skins.minecraft.net/MinecraftSkins/$username.png' target='_blank' </a>";
//grabbing the users information
if ($content = file_get_contents('https://api.mojang.com/users/profiles/minecraft/' . urlencode($username))
) {
$userSkin = "<img src='https://mcapi.ca/skin/3d/$username' />";
} else {
$content = file_get_contents('https://api.mojang.com/users/profiles/minecraft/' . urlencode($username) . '?at=0');
if( $http_response_header['0'] == "HTTP/1.1 204 No Content") {
echo "Not a valid Minecraft Username! <a href='index.php'><button>Search Again?</button></a>";
die;
}
$json = json_decode($content);
foreach ($json as $currentName) {
$currentName = $currentName;
}
$userSkin = "<img src='https://mcapi.ca/skin/3d/$currentName' />";
}
// Decode it
$json = json_decode($content);
// Check for error
if (!empty($json->error)) {
die('An error happened: ' . $json->errorMessage);
}
// Save the uuid
$uuid = $json->id;
// Get the history (using $json->uuid)
$content = file_get_contents('https://api.mojang.com/user/profiles/' . urlencode($uuid) . '/names');
// Decode it
$json = json_decode($content);
$names = array(); // Create a new array
foreach ($json as $name) {
$input = $name->name;
if (!empty($name->changedToAt)) {
// Convert to YYYY-MM-DD HH:MM:SS format
$time = date('Y-m-d H:i:s', $name->changedToAt);
$input .= ' (changed at ' . $time . ')';
}
$names[] = $input; // Add each "name" value to our array "names"
}
//url to users 2D head (avatar)
$usersAvatar = "https://mcapi.ca/avatar/2d/$input/55";
//user's Avatar as favivon
$usersFavicon = "<link rel='shortcut icon' href='$usersAvatar' type='image/png' />";
//use $uuid tp grab UUID of the user - ---- - - - use $names to get name history of the user.
?>
<html>
<head>
<?php echo $usersFavicon;?>
<title><?php echo $username?>'s Information</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<title>Find a player skin!</title>
<style>
body {
background-image: url(http://minecraftnamespy.esy.es/grad.jpg);
background-position: bottom;
background-repeat: no-repeat;
background-size: 100% 500px;
}
#content {
margin-left: auto;
margin-right: auto;
width: 60%;
}
img.logo {
margin-right: auto;
margin-left: auto;
display: block;
padding: 30px;
max-width: 100%;
height: auto;
width: auto\9;
}
.center {
margin-left: auto;
margin-right: auto;
}
.footer {
text-align: center;
}
p.responsive {
word-wrap: break-word;
}
</style>
</head>
<body>
<img style="position: absolute; top: 0; right: 0; border: 0;" src="http://minecraftnamespy.esy.es/source.png" alt="View Source on GitHub" data-canonical-src="https://s3.amazonaws.com/github/ribbons/forkme_right_orange_ff7600.png">
<!--debug -->
<?php ?>
<div id="content">
<div class="col-md-12">
<img class="logo" src="http://minecraftnamespy.esy.es/logo.png">
</div>
<div class="col-md-12">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><?php echo $username;?>'s UUID</h3>
</div>
<div class="panel-body">
<p class="responsive"><?php echo $uuid;?></p>
</div>
</div>
</div>
<div class="col-md-8">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><?php echo $username;?>'s Name History (Oldest to Most Recent)</h3>
</div>
<div class="panel-body">
<?php echo implode(', <br>', $names) ;?>
</div>
</div>
</div>
<div class="col-md-4">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><?php echo $username;?>'s Avatar</h3>
</div>
<div class="panel-body">
<div class="center">
<?php echo $userSkin;?>
</div>
<p><?php echo $skinChange;?>Change this skin to yours!</a></p>
</div>
</div>
</div>
<div class="col-md-12">
<div class="btn-group pull-right" role="group" aria-label="">
<button type="button" class="btn btn-default">Search another Username?</button>
</div>
</div>
<div class="footer">
<span>Created by _scrunch</span> •
<span>©2015</span> •
<span>Find me on PMC</span>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y8MWQB9FCUTFJ">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal – The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="1" height="1">
</form>
</div>
</div>
</body>
</html>
This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center.
Closed 9 years ago.
I've an upload input field in a form. the problem that the name of the file is being inserted in the database but the file is not being uploaded to the server, and the same code is working on the same server in a different file in the same directory but in a different query. form is set to enctype="multipart/form-data",
here is the code where its not working
<!DOCTYPE html>
<html lang="en">
<head>
<?php require_once("includes/session.php"); ?>
<?php require_once("includes/dbc.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php confirm_logged_in(); ?>
<?php find_selected_post(); ?>
<?php
$target = "../upload/";
$target = $target . basename( $_FILES['post_photo']['name']);
if (intval($_GET['cat']) == 0) {
redirect_to('cat_posts.php');
}
include_once("includes/form_functions.php");
if (isset($_POST['submit'])) {
$errors = array();
$required_fields = array('post_title', 'position', 'visible', 'post_content');
$errors = array_merge($errors, check_required_fields($required_fields, $_POST));
$fields_with_lengths = array('post_title' => 30);
$errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST));
$category_id = mysql_prep($_GET['cat']);
$post_title = trim(mysql_prep($_POST['post_title']));
$post_content = mysql_prep($_POST['post_content']);
$post_description = mysql_prep($_POST['post_description']);
$post_keywords = mysql_prep($_POST['post_keywords']);
$post_tags = mysql_prep($_POST['post_tags']);
$post_photo =($_FILES['post_photo']['name']);
$position = mysql_prep($_POST['position']);
$visible = mysql_prep($_POST['visible']);
if (empty($errors)) {
$query = "INSERT INTO ss_posts (
post_title, post_content, post_description, post_keywords, post_tags, post_photo, position, visible, category_id
) VALUES (
'{$post_title}', '{$post_content}', '{$post_description}', '{$post_keywords}', '{$post_tags}', '{$post_photo}', {$position}, {$visible}, {$category_id}
)";
if ($result = mysql_query($query, $connection)) {
$message = "Successfully Created.";
$new_post_id = mysql_insert_id();
redirect_to("cat_posts.php?post={$new_post_id}");
} else {
$message = "The Post Could Not Be Created.";
$message .= "<br />" . mysql_error();
}
} else {
if (count($errors) == 1) {
$message = "There was 1 error in the form.";
} else {
$message = "There were " . count($errors) . " errors in the form.";
}
}
}
?>
<?php
error_reporting(E_ALL);
echo "<pre>";
print_r($_FILES);
echo "</pre>";
echo "<br/>target: " . $target;
if (!move_uploaded_file($_FILES['post_photo']['tmp_name'], $target)) {
echo "<br/>Upload failed.";
} else {
echo "<br/>Upload done.";
}
?>
<meta charset="utf-8"/>
<title>New Post - Administration Panel</title>
<script src="js/ckeditor/ckeditor.js" type="text/javascript"></script>
<link rel="stylesheet" href="js/ckeditor/sample.css">
<link rel="stylesheet" href="css/layout.css" type="text/css" media="screen" />
<link rel="stylesheet" href="css/form.css" type="text/css" media="screen" />
<link rel="stylesheet" href="css/button.css" type="text/css" media="screen" /> <!--[if lt IE 9]>
<link rel="stylesheet" href="css/ie.css" type="text/css" media="screen" />
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<script src="js/jquery-1.5.2.min.js" type="text/javascript"></script>
<script src="js/hideshow.js" type="text/javascript"></script>
<script src="js/jquery.tablesorter.min.js" type="text/javascript"></script>
<script type="text/javascript" src="js/jquery.equalHeight.js"></script>
<script type="text/javascript">
$(document).ready(function()
{
$(".tablesorter").tablesorter();
}
);
$(document).ready(function() {
//When page loads...
$(".tab_content").hide(); //Hide all content
$("ul.tabs li:first").addClass("active").show(); //Activate first tab
$(".tab_content:first").show(); //Show first tab content
//On Click Event
$("ul.tabs li").click(function() {
$("ul.tabs li").removeClass("active"); //Remove any "active" class
$(this).addClass("active"); //Add "active" class to selected tab
$(".tab_content").hide(); //Hide all tab content
var activeTab = $(this).find("a").attr("href"); //Find the href attribute value to identify the active tab + content
$(activeTab).fadeIn(); //Fade in the active ID content
return false;
});
});
</script>
<script type="text/javascript">
$(function(){
$('.column').equalHeight();
});
</script>
</head>
<body>
<header id="header">
<hgroup>
<h1 class="site_title">Administration Panel</h1>
<h2 class="section_title">New Post</h2><div class="btn_view_site">
View Site</div>
</hgroup>
</header>
<!-- end of header bar -->
<section id="secondary_bar">
<div class="user">
<p>Hello, <?php echo $_SESSION['username']; ?> (Logout)</p>
</div>
<div class="breadcrumbs_container">
<article class="breadcrumbs">Administration Panel
<div class="breadcrumb_divider"></div>
<a class="current">New Post</a></article>
</div>
</section>
<!-- end of secondary bar -->
<aside id="sidebar" class="column" style="height:160%;">
<hr/>
<h3>Pages</h3>
<ul class="toggle">
<li class="icn_new_article">Add a New Page</li>
<li class="icn_edit_article">Edit/Delete a Page</li>
</ul>
<hr/>
<h3>Users</h3>
<ul class="toggle">
<li class="icn_add_user">Add New User</li>
<li class="icn_view_users">View Users</li>
</ul>
<hr/>
<h3>Blog</h3>
<ul class="toggle">
<li class="icn_categories">Create a Category</li>
<li class="icn_new_article">Create/Edit a Post</li>
<li class="icn_settings">Home Blog Settings</li>
<li class="icn_settings">Blog Settings</li>
</ul>
<hr/>
<h3>Settings</h3>
<ul class="toggle">
<li class="icn_settings">Settings</li>
<li class="icn_settings">Site Logo</li>
<li class="icn_jump_back">Logout</li>
</ul>
<footer>
<hr />
<p><strong>Copyright © 2013 Sky Define</strong></p>
<p>Powered by Sky Define</p>
</br>
</br>
</footer>
</aside><!-- end of sidebar -->
<section id="main" class="column">
<?php
move_uploaded_file($_FILES['post_photo']['tmp_name'], $target);
// output a list of the fields that had errors
if (!empty($errors)) {
echo "<p class=\"errors\">";
echo "Please review the following fields:<br />";
foreach($errors as $error) {
echo " - " . $error . "<br />";
}
echo "</p>";
}
?>
<article class="module width_full">
<header><h3>New Post</h3></header>
<div class="module_content">
<h2>Adding New Post</h2>
<?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?>
<?php if (!empty($errors)) { display_errors($errors); } ?>
<div class="mws-panel grid_4">
<div class="mws-panel-header">
</div>
<div class="mws-panel-body">
<form class="mws-form" enctype="multipart/form-data" action="new_post.php?cat=<?php echo $sel_category['id']; ?>" method="post">
<div class="mws-form-inline">
<?php $new_post = true; ?>
<?php if (!isset($new_post)) {$new_post = false;} ?>
<div class="mws-form-row">
<label>Post Name:</label>
<div class="mws-form-item large">
<input type="text" name="post_title" id="post_title" class="mws-textinput" placeholder="Post Name Goes Here." />
</div>
</div>
<div class="mws-form-row">
<label>Post Description:</label>
<div class="mws-form-item large">
<input type="text" name="post_description" id="post_description" class="mws-textinput" placeholder="Post Description Goes Here." />
</div>
</div>
<div class="mws-form-row">
<label>Post Keywords:</label>
<div class="mws-form-item large">
<input type="text" name="post_keywords" id="post_keywords" class="mws-textinput" placeholder="Post Keywords Goes Here, Separated By Commas!" />
</div>
</div>
<div class="mws-form-row">
<label>Post Content:</label>
<div class="mws-form-item large">
<textarea name="post_content" id="post_content" class="ckeditor" > </textarea>
</div>
</div>
<div class="mws-form-row">
<label>Post Tags:</label>
<div class="mws-form-item large">
<input type="text" name="post_tags" id="post_tags" class="mws-textinput" placeholder="Post Tags Goes Here, Separated By Commas!" />
</div>
</div>
<div class="mws-form-row">
<label>Edit Post Photo:</label>
<div class="mws-form-item large">
<input type="file" name="post_photo" id="post_photo" />
</div>
</div>
<div class="mws-form-row">
<label>Position:</label>
<div class="mws-form-item large">
<select name="position">
<?php
if (!$new_post) {
$post_set = get_posts_for_category($sel_post['category_id']);
$post_count = mysql_num_rows($post_set);
} else {
$post_set = get_posts_for_category($sel_category['id']);
$post_count = mysql_num_rows($post_set) + 1;
}
for ($count=1; $count <= $post_count; $count++) {
echo "<option value=\"{$count}\"";
if ($sel_post['position'] == $count) { echo " selected"; }
echo ">{$count}</option>";
}
?>
</select>
</div>
</div>
<div class="mws-form-row">
<label>Visible:</label>
<div class="mws-form-item large">
<input type="radio" name="visible" value="0"<?php
if ($sel_post['visible'] == 0) { echo " checked"; }
?> /> No
<input type="radio" name="visible" value="1"<?php
if ($sel_post['visible'] == 1) { echo " checked"; }
?> /> Yes
</div>
</div>
</form>
<div class="mws-button-row">
<input type="submit" name="submit" value="Add Post" class="mws-button green" />
<a class="mws-button red" href="index.php">Cancel</a>
</div>
</div>
</div>
</div>
</article>
<div class="clear"></div>
</div>
</article><!-- end of stats article -->
<div class="spacer"></div>
</section>
</body>
</html>
The way I would try to find the error:
make your errors visible:
<?php error_reporting(E_ALL); ?>
$target should be a full path.
Check your HTML form. Did you add the enctype attribute?
<form enctype="multipart/form-data" method="POST" action="script.php">
Is your Input correct?
<input type="file" name="post_photo"/>
What does the $_FILES array contents?
<?php echo print_r($_FILES); ?>
Edit
Please let us know the data these lines return:
<?php
error_reporting(E_ALL);
echo "<pre>";
print_r($_FILES);
echo "</pre>";
echo "<br/>target: " . $target;
if (!move_uploaded_file($_FILES['post_photo']['tmp_name'], $target)) {
echo "<br/>Upload failed.";
} else {
echo "<br/>Upload done."
}
?>
Edit 2 (Solution):
Your submit-button is outside the form-Tag. That's why. Fix it like this:
<form>
<input type="submit" name="submit" value="Add Post" class="mws-button green" />
</form>
Your $target should contain the root path
$target = $_SERVER['DOCUMENT_ROOT']"/upload/";
$target = $target . basename( $_FILES['post_photo']['name']);