I am just wondering if someone can tell me what I'm doing wrong. My goal is pretty simple. Using dropzone or php to upload a file and insert a record into a database. I am able to post the record except for one field which is always showing "array" as the entry. I've tried changing variable names, inserting and removing quotes, etc to no avail. Any suggestions would be greatly appreciated.
Here is my code.
<?php
$ds = DIRECTORY_SEPARATOR; //1
$storeFolder = 'uploads'; //2
if (!empty($_FILES)) {
$tempFile = $_FILES['file']['tmp_name']; //3
$targetPath = dirname( __FILE__ ) . $ds. $storeFolder . $ds; //4
$targetFile = $targetPath. $_FILES['file']['name']; //5
move_uploaded_file($tempFile,$targetFile); //6
}
$servername = "localhost";
$username = "root";
$password = "***************";
$dbname = "drop";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "INSERT INTO uploads (id, file_name)
VALUES (NULL, 'file_name')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
?>
Figured out my own question. The answer is replacing file_name with $targetfile. Now it works as expected. Thanks.
Related
I wanted to store the current user ID to the database, but instead I got that error, the php file is custom and i put it inside my wordpress theme folder, how can I fix this? I wanted to make a simple custom php script that can store data to the database. And I think wp_get_current_user() is the problem, how do I use it properly?
Here is my code
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$current_user = wp_get_current_user();
$current_user_id = $current_user->ID;
$title = mysqli_real_escape_string($conn, $_REQUEST['title']);
$department = mysqli_real_escape_string($conn, $_REQUEST['department']);
$date_today = date("Y-m-d");
$doc = $_FILES['fileName']['name'];
$doc_path = $_SERVER['DOCUMENT_ROOT'] . "/wordpress/wp-content/uploads/documents/" . $doc;
$sql = "INSERT INTO wp_document (ID,
department,
title,
submit_date,
doc_path,
revision_count,
rejection_count,
status)
VALUES ($current_user_id, '$department', '$title','$date_today', '$doc_path', 0, 0, 'Not Reviewed')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
If you want to use WordPress functions or WPQuery
include('/var/www/html/pub_html/wp-blog-header.php');
$prefix = $wpdb->base_prefix;
Include above file on your custom PHP it will establish WordPress connections
Recently Faced same error and fixed using below code
<?php
if(!function_exists('wp_get_current_user')) {
include(ABS_PATH . "wp-includes/pluggable.php");
}
?>
I use the hosting company aPlus.net, and I can't seem to get past a connection error I'm getting when trying to process some php to write database content to a webpage, and I am curious as to if this is because my database appears to not be on the same server as the entire rest of my hosting account, and if there is a way to resolve this in my code? This is my first attempt at writing PHP, and it would be good to know if my code is wrong, or if my hosting company is messing me up. (and either way, how to fix it)
Here's the code that's failing to pull from the database:
{
$con = mysql_connect("localhost","2p5dq9vxmy240651","MY_PASSWORD");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("felineasthma_2p5dq9vxmy240651", $con);
$users_name = $_POST['name'];
$users_comment = $_POST['requests'];
$users_name = mysql_real_escape_string($users_name);
$users_comment = mysql_real_escape_string($users_comment);
$inputid = $_GET['id'];
$query = "
INSERT INTO `felineasthma_2p5dq9vxmy240651`.`submissions` (`id`,
`name`, `requests`, `inputid`) VALUES (NULL,
'$users_name', '$users_comment', '$inputid');";
mysql_query($query);
echo "<h2>Your request has been processed, reload page.</h2>";
mysql_close($con);
}
and here's some screen captures from inside my hosting account (links because I don't have enough posts here yet to upload images, sorry):
felineasthma_2p5dq9vxmy240651 doesn't appear in my hosting account
yet it clearly exists in MySQL Manager, but on a different server
I was even more confused while making the user for this database, as the control panel didn't allow me to make a username, it just randomly assigned one. Help? Advice?
I found a more modern tutorial to learn PHP with, and now everything works, I just need to add security measures now. Here's the working code snippets, if anyone ever comes here asking the same questions.
here's the form action that places the entries into the database:
<?php
$servername = "sql5c40n.carrierzone.com";
$username = "my_username";
$password = "my_password";
$dbname = "my_database";
$users_name = $_POST['name'];
$users_request = $_POST['requests'];
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "INSERT INTO submissions (name, requests)
VALUES ('$users_name', '$users_request')";
if (mysqli_query($conn, $sql)) {
header("Location: clv.php");
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
?>
here's the include that puts the database entries onto the page:
<?php
$servername = "sql5c40n.carrierzone.com";
$username = "my_username";
$password = "my_password";
$dbname = "my_database";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "SELECT id, requests, name FROM submissions";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
echo "" . $row["requests"]. " - by " . $row["name"]. "<br>";
}
} else {
echo "0 results";
}
mysqli_close($conn);
?>
I am adding data from a file to my database. Currently the location of the files are limited to only those inside directory D:/. I want to be able to support adding files from multiple directories.
<?php
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "stdprt";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$filename = "d:/" . $_POST['fname'];
$handle = fopen($filename, "r");
while (($data = fgetcsv($handle)) !== FALSE) {
$num = count($data);
$row;
$sql = "INSERT into marks(regno,semister,subcode,subname,internals,externals,credits)values('$data[0]','$data[1]','$data[2]','$data[3]','$data[4]','$data[5]','$data[6]')";
//echo "INSERT into marks(regno,semister,subcode,subname,internals,externals,credits)values('$data[0]','$data[1]','$data[2]','$data[3]','$data[4]','$data[5]','$data[6]')";
if ($conn->query($sql) === TRUE) {
// echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
echo "<br>";
}
?>
<h2>Uploaded Successfully....</h2>
back
If you are wanting to choose a file in another drive you can modify this line in your code and change the directory at the start.
$filename="d:/".$_POST['fname'];
So for example if you wanted to change the directory to drive F it would be like so:
$filename="f:/".$_POST['fname'];
If you wanted to enable the ability to specify a custom directory in your request then you could pass it through the same way you are passing fname. Say for example you passed your custom directory along in a key named cust_dir you could add it as the directory like so.
if($_POST['cust_dir']{
$filename=$_POST['cust_dir'].$_POST['fname'];
} else {
$filename="d:/".$_POST['fname'];
}
The code above would use a custom directory path that you passed in the $_POST variable if you passed one. If you do not pass cust_dir then it will default to directory d:/.
I have an app that is supposed to create a directory on a server via a url. When I enter that URL into a web browser, it works. But when I register through my app, nothing appears. I have tried this with another file server and it worked. My file has a 777 permission and still nothing on the phone side. Please help
This is my php code
$gcmRegID = $_POST["regID"];
$gcmUserName = $_POST["userName"];
$gcmFolderName = $_POST["folderName"];
$gcmDate = date("d/m/y");
$conn = new mysqli($servername, $username, $password, $dbname);
if($conn->connect_error){
die("Connection failed: " . $conn->connect_error);
}
$in_user = "user";
$in_password = "NULL";
$in_email = "NULL";
$in_dob = "NULL";
$in_role = "user";
$in_datejoined = "0000-00-00";
$sql = "INSERT INTO user(password,regid,name,email,phone,dob,role,datejoined) VALUES('$in_password','$gcmRegID','$gcmUserName','$in_email','$in_phone','$in_dob','$in_role','$gcmDate')";
//$gcmtest = "APA91bHUYXD_X2meMxOJ4JkWGyJVwv0Hy6UPvZ-5i42jLDoU3ofdEutPJspCuNDrxg-VutIHtfvDc8WSTziMxIwIh4YIZYzQiORoGG8VcV9R8azPTEXzRUkBMiKvGHXpOBJINljZyzSu";
$substringtitle = substr($gcmRegID,-7);
$combined = $gcmUserName."_".$substringtitle;
if($conn->query($sql)===TRUE){
//if(is_dir("users/".$gcmFolderName)===false){
mkdir("./users/".$gcmFolderName);
//echo "Folder created!";
//}
echo "New record created successfully";
}else{
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
//echo $gcmRegID;
//file_put_contents("./GCMRegId.txt",$gcmRegID);
echo "Done!";
exit;
My PHP file need to save the image in a server and store the image path in a MYSQL database.
My database imageid contains table image_table as below :
create table image_table
(
ID INT not null AUTO_INCREMENT,
path varchar(256),
primary key (ID)
)
My PHP Code is as below. Image saving in the server is working fine, but throws few errors storing the image path in DB.
Error running the below PHP code :
Parse error: syntax error, unexpected '$conn' (T_VARIABLE) in C:\xampp\htdocs\appinventor\postfile.php on line 7
The PHP Code with above error:
<?PHP
$servername = "localhost";
$username = "root";
$password = "basis123";
$database = "imageid"
// Create connection
$conn = new mysqli($servername, $username, $password);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
#mysqli_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO image_table (path) VALUES('$_GET['filename']')");
//mysql_query($query);
//File Transfer Logic
$data = file_get_contents('php://input');
if (!(file_put_contents($_GET['filename'],$data) === FALSE)) echo "File xfer completed."; // file could be empty, though
else echo "File xfer failed.";
// $_GET['filename'] has the file name . and C:\xampp\htdocs\myapp is the file path
echo $_GET['filename']
//mysql_close();
?>
When i remove the database connection and SQLQuery in php code the connection is successful.
Removed lines of code for successful connection and log as "Connected successful"
#mysqli_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO image_table (path) VALUES('$_GET['filename']')");
//mysql_query($query);
Where did i go wrong ?Any suggestions ?
You forgot semicolon after $database = "imageid"
$database = "imageid";
And you have extraneous parenthesis here:
$query = "INSERT INTO image_table (path) VALUES('$_GET['filename']')");
Try this:
<?php
$servername = "localhost";
$username = "root";
$password = "basis123";
$database = "imageid";
// Create connection
$conn = new mysqli($servername, $username, $password,$database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
mysqli_select_db($conn,$database);
$query = "INSERT INTO image_table (path) VALUES('".$_GET['filename']."')";//also this is unsafe
//mysql_query($query);
//File Transfer Logic
$data = file_get_contents('php://input');
if (!(file_put_contents($_GET['filename'],$data) === FALSE)) echo "File xfer completed."; // file could be empty, though
else echo "File xfer failed.";
// $_GET['filename'] has the file name . and C:\xampp\htdocs\myapp is the file path
echo $_GET['filename']
//mysql_close();
?>
Main problem:
$database = "imageid"
^----missing ;
$conn = new m
PHP strings+arrays 101: You cannot use quoted array keys within a double-quoted string, unless you use the {}-extended syntax:
$foo = "$arr['key']"; // bad
$foo = "$arr[key]"; // ok
$foo = "{$arr['key']}"; // ok
So:
$query = "INSERT INTO image_table (path) VALUES('$_GET['filename']')");
^--------^
is wrong, as well as being vulnerable to SQL injection attacks.
You need a semi colon after
$database = "imageid"
so it should be
$database = "imageid";
You also don't want to be putting user input directly into your SQL. http://en.wikipedia.org/wiki/SQL_injection