I've created a page where I've place for updating the attachment. While doing so, if a file with same name, size, extension is attached, the attachment table need not be updated. This is the scenario. This is how I tried to do:
else if($mode == "attachment_update") {
$id = intval(mysqli_real_escape_string($mysqli, $_REQUEST["_id"]));
$upload_directory = "upload/attachment/";
$result = file_upload("attachment", "../".$upload_directory);
$file_name = '".addslashes($result[file_name])."';
write_log($file_name);
$file_extension = '".$result[file_extension]."';
write_log($file_extension);
$file_size = '".$result[file_size]."';
write_log($file_size);
$uploaded_file_name = '".$result[uploaded_file_name]."';
write_log($uploaded_file_name);
$uploaded_file_path = '".$upload_directory.$result[uploaded_file_name]."';
write_log($uploaded_file_path);
$query_select = "SELECT
file_name,
file_extension,
file_size,
uploaded_file_name,
uploaded_file_path
FROM
attachments
WHERE
id = 'id';";
$result1 = mysqli_query($mysqli, $query_select) or throwexception(mysqli_error($mysqli));
$row = mysqli_fetch_row($result1);
write_log($row[0]);
write_log($row[1]);
write_log($row[2]);
write_log($row[3]);
write_log($row[4]);
if($row[0] == $file_name &&
$row[1] == $file_extension &&
$row[2] == $file_size &&
$row[3] == $uploaded_file_name &&
$row[4] == $uploaded_file_path)
{
write_log("inside if");
} else {
if($result[status] == true) {
$query = "UPDATE
attachments
SET
file_name = '".addslashes($result[file_name])."',
file_extension = '".$result[file_extension]."',
file_size = '".$result[file_size]."',
uploaded_file_name = '".$result[uploaded_file_name]."',
uploaded_file_path = '".$upload_directory.$result[uploaded_file_name]."',
recorded_by = '$recorded_by',
recorded_datetime = '$recorded_datetime'
WHERE
id = 'id';";
mysqli_query($mysqli, $query) or throwexception(mysqli_error($mysqli));
}
}
echo json_encode(array("message" => "Updated successfully"));
exit;
}
The if condition does the thing. If all are true, the table will not be updated. If even any one fails, the table will be updated.
Here the problem is $file_name, $file_extension, $file_size, $uploaded_file_name are going null. I don't know how to retrieve it. Can someone tell how to retrieve those data, so that if can check it with the if condition?
In your case, You do not need to fire select query. just add AND condition in update query.
if ($mode == "attachment_update") {
$id = intval(mysqli_real_escape_string($mysqli, $_REQUEST["_id"]));
$upload_directory = "upload/attachment/";
$result = file_upload("attachment", "../" . $upload_directory);
$file_name = '".addslashes($result[file_name])."';
write_log($file_name);
$file_extension = '".$result[file_extension]."';
write_log($file_extension);
$file_size = '".$result[file_size]."';
write_log($file_size);
$uploaded_file_name = '".$result[uploaded_file_name]."';
write_log($uploaded_file_name);
$uploaded_file_path = '".$upload_directory.$result[uploaded_file_name]."';
write_log($uploaded_file_path);
$query = "UPDATE
attachments
SET
file_name = '" . addslashes($result[file_name]) . "',
file_extension = '" . $result[file_extension] . "',
file_size = '" . $result[file_size] . "',
uploaded_file_name = '" . $result[uploaded_file_name] . "',
uploaded_file_path = '" . $upload_directory . $result[uploaded_file_name] . "',
recorded_by = '$recorded_by',
recorded_datetime = '$recorded_datetime'
WHERE
id = 'id'
and file_name <> '" . addslashes($result[file_name]) . "',
and file_extension = '" . $result[file_extension] . "',
and file_size = '" . $result[file_size] . "',
and uploaded_file_name = '" . $result[uploaded_file_name] . "',
and uploaded_file_path = '" . $upload_directory . $result[uploaded_file_name] . "',
;";
mysqli_query($mysqli, $query) or throwexception(mysqli_error($mysqli));
echo json_encode(array("message" => "Updated successfully"));
exit;
}
Your question need more clarity.
Can you share the function,
$result = file_upload("attachment", "../".$upload_directory);
Are you able to log the values of $filename and $row?
write_log($file_name);
AND
write_log($row[0]);
Related
Hellos.
Assist me with two queries in the file below intended to upload CSV files
Failing to upload to a MySQL without logging errors (Am I missing folder/file permissions?)
"Undefined offset" error from anything after column 10 in CSV (Is there a limit I declared unknowingly?)
Thank You.
if(isset($_POST['import'])){
$csvMimes = array('text/x-comma-separated-values',
'text/comma-separated-values',
'application/octet-stream',
'application/vnd.ms-excel',
'application/x-csv',
'text/x-csv', 'text/csv',
'application/csv',
'application/excel',
'application/vnd.msexcel',
'text/plain');
if(!empty($_FILES['file']['name'])
&& in_array($_FILES['file']['type'], $csvMimes))
{
if(is_uploaded_file($_FILES['file']['tmp_name'])){
$csvFile = fopen($_FILES['file']['tmp_name'], 'r');
fgetcsv($csvFile);
while(($line = fgetcsv($csvFile)) !== FALSE){
$ColID = $line[0];
$Col02 = $line[1];
$Col03 = $line[2];
$Col04 = $line[3];
$Col05 = $line[4];
$Col06 = $line[5];
$Col07 = $line[6];
$Col08 = $line[7];
$Col09 = $line[8];
$Col010 = $line[9];
$Col0n = $line[10];
$prevQuery = "SELECT id
FROM table_name
WHERE ColID = '".$line[0]."'";
$prevResult = $db->query($prevQuery);
if($prevResult){
if($prevResult->num_rows > 0){
$db->query("UPDATE table_name
SET ColHdg02 = '".$Col02."',
ColHdg03 = '".$Col03."',
ColHdg04 = '".$Col04."',
ColHdg05 = '".$Col05."',
ColHdg06 = '".$Col06."',
ColHdg07 = '".$Col07."',
ColHdg08 = '".$Col08."',
ColHdg09 = '".$Col09."',
ColHdg010 = '".$Col010."',
ColHdg0n = '".$Col0n."'
WHERE ColIDHdg = '".$ColID."'");
} else{
$db->query("INSERT INTO table_name
(ColIDHdg, ColHdg02, ColHdg03, ColHdg04,
ColHdg05, ColHdg06, ColHdg07, ColHdg08,
ColHdg09, ColHdg010, ColHdg0n)
VALUES ('".$ColID."', '".$Col02."', '".$Col03."',
'".$Col04."', '".$Col05."', '".$Col06."',
'".$Col07."', '".$Col08."', '".$Col09."',
'".$Col010."', '".$Col0n."')");
}
}
}
fclose($csvFile);
You're trying to get an Undefined offset, for your example please check if the number of items on $line is 11 or more.
if (count($line) > 10) {
$ColID = $line[0];
$Col02 = $line[1];
$Col03 = $line[2];
$Col04 = $line[3];
$Col05 = $line[4];
$Col06 = $line[5];
$Col07 = $line[6];
$Col08 = $line[7];
$Col09 = $line[8];
$Col010 = $line[9];
$Col0n = $line[10];
$prevQuery = "SELECT id FROM table_name WHERE ColID = '" . $line[0] . "'";
$prevResult = $db->query($prevQuery);
if ($prevResult) {
if ($prevResult->num_rows > 0) {
$db->query("UPDATE table_name SET ColHdg02 = '" . $Col02 . "', ColHdg03 = '" . $Col03 . "', ColHdg04 = '" . $Col04 . "', ColHdg05 = '" . $Col05 . "', ColHdg06 = '" . $Col06 . "', ColHdg07 = '" . $Col07 . "', ColHdg08 = '" . $Col08 . "', ColHdg09 = '" . $Col09 . "', ColHdg010 = '" . $Col010 . "', ColHdg0n = '" . $Col0n . "' WHERE ColIDHdg = '" . $ColID . "'");
} else {
$db->query("INSERT INTO table_name (ColIDHdg, ColHdg02, ColHdg03, ColHdg04, ColHdg05, ColHdg06, ColHdg07, ColHdg08, ColHdg09, ColHdg010, ColHdg0n) VALUES ('" . $ColID . "', '" . $Col02 . "', '" . $Col03 . "', '" . $Col04 . "', '" . $Col05 . "', '" . $Col06 . "', '" . $Col07 . "', '" . $Col08 . "', '" . $Col09 . "', '" . $Col010 . "', '" . $Col0n . "')");
}
}
}
i have two update queries to update mysql db of the system.problem is my second update query works but my first one doesn't execute at all.
cant figure out whats going on...any help would be great
here is my php code.
$dob = $_POST["dob"];
$name = $_POST["name"];
$mob = $_POST["mobileNo"];
$home = $_POST["homeNO"];
$files = $_FILES["filep"]["name"];
echo $files;
$folder = "images/";
$uid = $_SESSION["Uid"];
if($_FILES["filep"]["error"] == 4) {
echo "no file selected";
}
move_uploaded_file($_FILES["filep"]["tmp_name"] , "$folder".$_FILES["filep"]["name"]);
$result = mysqli_query($con,"UPDATE User SET DOB = '" . $uid . "', MOBNO = '" . $mob . "', HOMENO = '" . $home . "',DOB = '" . $dob . "',IMAGE_URL = '" . $files . "' WHERE UID='" . $uid . "'");
$result = mysqli_query($con,"UPDATE User_Credentials SET NAME = '" . $name . "' WHERE CID='" . $uid . "'");
i have checked all the $name,$mob etc variables and value are passing without any problem..
The images are uploading normally, but I want an "else if" to check if there is any file selected. This is working:
<?php
session_start();
include('includes/conexao.php');
$fileinfo=PATHINFO($_FILES["image"]["name"]);
$newFilename=$fileinfo['filename'] ."_". time() . "." . $fileinfo['extension'];
move_uploaded_file($_FILES["image"]["tmp_name"],"images/perfis/" . $newFilename);
$location="images/perfis/" . $newFilename;
$todas_fotos = mysqli_query($conexao, "select * FROM esc_usuarios_fotos WHERE img_usu_codigo = '" . $_SESSION['codigo'] . "'");
if( mysqli_num_rows($todas_fotos) > 0) {
//$path=$location;
//if(unlink($path)) echo "Deleted file ";
mysqli_query($conexao,"UPDATE esc_usuarios_fotos SET img_local = '$location' WHERE img_usu_codigo = '" . $_SESSION['codigo'] . "'");
}
else if( mysqli_num_rows($todas_fotos) == 0)
{
mysqli_query($conexao,"insert into esc_usuarios_fotos (img_local, img_usu_codigo) values ('$location', '" . $_SESSION['codigo'] . "')");
}
else {
};
header('location:perfil.php');
?>
It inserts if there isn't an image, but if there is, it updates. But when I add:
else if (empty($_FILES['image']['name']))
{
header('location:perfil.php');
}
It returns me undefined index: extension on line 5. How to go?
Rewrite the code as follows. Here we are checking whether the file is not available at the beginning of the code and redirect if no file is found.
<?php
session_start();
if (empty($_FILES['image']['name']))
{
header('location:perfil.php?error=1');
return;
}
include('includes/conexao.php');
$fileinfo=PATHINFO($_FILES["image"]["name"]);
$newFilename=$fileinfo['filename'] ."_". time() . "." . $fileinfo['extension'];
move_uploaded_file($_FILES["image"]["tmp_name"],"images/perfis/" . $newFilename);
$location="images/perfis/" . $newFilename;
$todas_fotos = mysqli_query($conexao, "select * FROM esc_usuarios_fotos WHERE
img_usu_codigo = '" . $_SESSION['codigo'] . "'");
if( mysqli_num_rows($todas_fotos) > 0) {
//$path=$location;
//if(unlink($path)) echo "Deleted file ";
mysqli_query($conexao,"UPDATE esc_usuarios_fotos SET img_local = '$location' WHERE img_usu_codigo = '" . $_SESSION['codigo'] . "'");
}else {
mysqli_query($conexao,"insert into esc_usuarios_fotos (img_local, img_usu_codigo) values ('$location', '" . $_SESSION['codigo'] . "')");
}
and in the perfil.php you should put
window.onload = function(){
var url = new URL(window.location.href);
var error = url.searchParams.get("error");
if(error==1)
alert("No file uploaded");
}
I have a event form for my members to fill in. The form is working and going to database.
But, how can I show which member has posted the event, so other people know? Because I tried having the user_id in sql string and was only showing the last post in the database not all posts from all users.
here is the form php section
<?php
include("config/db_connect.php");
include("config/ckh_session.php");
// Inserting user Details code
if (isset($_POST['btnSave'])) {
$event_title = mysqli_real_escape_string($conn, $_POST['event_title']);
$myDate = mysqli_real_escape_string($conn, $_POST['myDate']);
$cboStartTime = mysqli_real_escape_string($conn, $_POST['cboStartTime']);
$dteEndDate = mysqli_real_escape_string($conn, $_POST['dteEndDate']);
$dteEndTime = mysqli_real_escape_string($conn, $_POST['dteEndTime']);
$event_type = mysqli_real_escape_string($conn, $_POST['event_type']);
$country = mysqli_real_escape_string($conn, $_POST['country']);
$event_region = mysqli_real_escape_string($conn, $_POST['event_region']);
$union_territory = mysqli_real_escape_string($conn, $_POST['union_territory']);
$event_town = mysqli_real_escape_string($conn, $_POST['event_town']);
$event_postalcode = mysqli_real_escape_string($conn, $_POST['event_postalcode']);
$event_title = mysqli_real_escape_string($conn, $_POST['event_title']);
$event_description = mysqli_real_escape_string($conn, $_POST['event_description']);
$event_ltm = mysqli_real_escape_string($conn, $_POST['event_ltm']);
$insert = mysqli_query($conn, "update events set event_title = '" . $event_title . "' ,
myDate = '" . $myDate . "' ,
cboStartTime = '" . $cboStartTime . "' ,
dteEndDate = '" . $dteEndDate . "' ,
dteEndTime = '" . $dteEndTime . "' ,
event_type = '" . $event_type . "' ,
country = '" . $country . "' ,
event_region = '" . $event_region . "' ,
union_territory = '" . $union_territory . "' ,
event_town = '" . $event_town . "' ,
event_postalcode = '" . $event_postalcode . "' ,
event_title = '" . $event_title . "' ,
event_description = '" . $event_description . "' ,
event_ltm = '" . $event_ltm . "' ") or die(mysqli_error($conn));
if ($_POST['event_ltm'] == 'MF Cpl') {
header("location: CoupleffEvent.php");
} else if ($_POST['event_ltm'] == 'MM Cpl') {
header("location: CouplemmEvent.php");
} else if ($_POST['event_ltm'] == 'FF Cpl') {
header("location: CoupleffEvent.php");
}
}
// Fetch user details
$query = mysqli_query($conn, "select * from user where user_id = '" . $_SESSION['last_id'] . "' ");
$fetch_user = mysqli_fetch_array($query);
$user_country = $fetch_user['user_country'];
$user_gender = $fetch_user['user_gender'];
?>
any help would be much appreciated so i can go to next step
I'm not sure to understand what you're looking for.
If you're getting an user_id, you will have to select * FROM events and then join user table, like INNER JOIN user ON events.user_id = user.id
This type of request will display all event and join informations about the user.id
Resources : https://www.w3resource.com/mysql/advance-query-in-mysql/inner-join-with-multiple-tables.php
Hope it will help,
I have a script that takes a CSV file and uploads each row to a database. However, foreign characters in the file not just display wrong, but don't display at all.
For example, here is an "input" row, and what it would read like in the database:
"This café is amazing", "1000", "www.example.com"
"This caf", "1000", "www.example.com"
This is the script that does the upload:
header("Content-Type: text/plain; charset=utf-8");
if (!isset($_POST['form_id'])) {
header("Location: ./?error=form_id");
exit();
}
$form_id = $_POST['form_id'];
$csv = $_FILES['csv_file'];
if ($csv['size'] > 0) {
$handle = fopen($csv['tmp_name'], "r");
require_once("db.php");
$i = (!isset($_POST['csv_headers']) ? 1 : 0);
while ($data = fgetcsv($handle, 1000, ',', '"')) {
if ($i > 0) {
$data[2] = str_replace(" + ", "+", $data[2]);
if (strpos($data[3], "http") === false && $data[3] != "") {
$data[3] = "http://" . $data[3];
}
mysql_query("INSERT INTO exhibitor_lists SET form_id = $form_id, company_name = '" . addslashes($data[0]) . "', country = '" . addslashes($data[1]) . "', stand_number = '" . addslashes($data[2]) . "', web_address = '" . addslashes($data[3]) . "', logo_file = '" . addslashes($data[4]) . "', added_date = NOW()");
}
$i++;
}
} else {
header("Location: ./?error=csv_file");
exit();
}
mysql_close();
header("Location: ./?success=upload");
exit();
Even when setting the content type header(), I get the problem.
Save the CSV file in UTF8 before uploading it.