i have this code for uploading image and storing in database
i want to rename it to a random name first,then upload it and store in database
how should i change my code?
please help me!
here is my PHP code :
$imageFile=$_FILES['image'];
$file_name = $imageFile['name'];
$target_path = "images/news/".$file_name;
if(move_uploaded_file($imageFile['tmp_name'], $target_path)) {
echo "<div id=\"news\">";
echo "Image : "."<br>".$file_name;
echo "<br>";
echo "Successfuly Uploaded!";
echo "<br>";
$newstitle = $_POST['title'];
$newscontent = $_POST['content'];
$newsimage = "images/news/".$file_name;
$sql="insert into news (news_title,news_content,news_image,news_date) values ('$newstitle', '$newscontent','$newsimage',' $newsdate')";
if ($conn->query($sql) === TRUE)
{
echo "Image Stored in DB!</div>";
}
else
{
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
Try this
Random file name created using $random = md5(uniqid("") . time());
Here is working code that renames your file
$imageFile = $_FILES['image'];
$file_name = $imageFile['name'];
$random = md5(uniqid("") . time());
$target_path = "images/news/" . $random.$file_name;
if (move_uploaded_file($imageFile['tmp_name'], $target_path)) {
echo "<div id=\"news\">";
echo "Image : " . "<br>". $random . $file_name;
echo "<br>";
echo "Successfuly Uploaded!";
echo "<br>";
$newstitle = $_POST['title'];
$newscontent = $_POST['content'];
$newsimage = "images/news/" . $random. $file_name;
$sql = "insert into news (news_title,news_content,news_image,news_date) values ('$newstitle', '$newscontent','$newsimage',' $newsdate')";
if ($conn->query($sql) === TRUE) {
echo "Image Stored in DB!</div>";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
feel free to ask ready to help you
Related
When this code below runs, it just returns the echo "Did not move files!";
Goal is to allow users to upload files, just get this working for now.
account.php
<form action="includes/upload.inc.php" method="post" enctype="multipart/form-data">
Select image to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload Image" name="submit">
upload.inc.php
<?php
if(isset($_POST['submit'])) {
$uploadsDir = '../uploads/';
$name = basename($_FILES["fileToUpload"]["name"]);
$tempName = basename($_FILES["fileToUpload"]['tmp_name']);
$error = $_FILES['fileToUpload']['error'];
if ($error > 0) {
echo "Error: " . $error . "<br />";
} else {
move_uploaded_file($temp_name, "$uploadsDir/$name");
if(move_uploaded_file($temp_name, "$uploadsDir/$name")) {
echo "Successful";
echo "Upload: " . $name . "<br />";
echo "Stored in: Uploads Directory!";
} else {
echo "Did not move files!";
}
}
}
?>
Hosting server off localhost, originally thought my directories did not have permissions to rwx, i ended up changing every directory that is used to have full permissions by any user. This did not change the outcome.
You had 3 errors:
You called move_uploaded_file twice.
You declared $tempName variable, but you used $temp_name in the move_uploaded_file function.
You used basename when declaring the temporary file path variable.
Your final code should look like:
if (isset($_POST['submit'])) {
$uploadsDir = '../uploads/';
$name = basename($_FILES["fileToUpload"]["name"]);
$tempName = $_FILES["fileToUpload"]['tmp_name'];
$error = $_FILES['fileToUpload']['error'];
if ($error > 0) {
echo "Error: " . $error . "<br />";
} else {
if (move_uploaded_file($tempName, "$uploadsDir/$name")) {
echo "Successful";
echo "Upload: " . $name . "<br />";
echo "Stored in: Uploads Directory!";
} else {
echo "Did not move files!";
}
}
}
if(isset($_POST['submit'])) {
$uploadsDir = '/';
$name = ($_FILES["fileToUpload"]["name"]);
$tempName = ($_FILES["fileToUpload"]['tmp_name']);
$error = $_FILES['fileToUpload']['error'];
if ($error > 0) {
echo "Error: " . $error . "<br />";
} else {
if(move_uploaded_file($tempName, __DIR__.'/'.$name)) {
echo "Successful";
echo "Upload: " . $name . "<br />";
echo "Stored in: Uploads Directory!";
} else {
echo "Did not move files!";
}
}
}
I have very critical requirements from client. He wants to upload multiple choice questions. The questions to be uploaded may be text contents or it may be images. So there is One input field for question which can be textual or image and the same thing with other 4 options of the questions i. e. textual OR image. Means he may either type a question or simply upload an image file and at the same time; the answers of the same question are options which may be either text or images. Here is very critical issue that multiple file uploads with text data. I do program for the same in core php and it is working fine. I achieved this using base64 encoding. But I want the same code in CodeIgniter format. That is MVC architecture format.
Here is my code in core php.
<?php
$message = "Enter question ";
$this->load->database();
if (isset($_POST['no']) ){
$target_path = "./uploadIMG/";
$target_path = $target_path . basename( $_FILES['que']['name']);
if(move_uploaded_file($_FILES['que']['tmp_name'], $target_path)) {
// echo "The file ". basename( $_FILES['que']['name']).
// $img_file = $target_path.$_FILES["que"]["name"];
$imgData = base64_encode(file_get_contents($target_path));
//$src = 'data: '.mime_content_type($img_file).';base64,'.$imgData;
$que = $imgData;
$a = "0";
} else{
$que = $_POST['que'];
$a = "1";
}
$target_path = $target_path . basename( $_FILES['opt1']['name']);
if(move_uploaded_file($_FILES['opt1']['tmp_name'], $target_path)) {
// echo "The file ". basename( $_FILES['opt1']['name']).
$img_file1 = $_FILES["opt1"]["name"];
$imgData1 = base64_encode(file_get_contents($target_path));
//$src1 = 'data: '.mime_content_type($img_file1).';base64,'.$imgData;
$opt1 = $imgData1;
$b = $a . "|"."0";
} else{
$opt1 = $_POST['opt1'];
$b = $a . "|"."1";
}
$target_path = $target_path . basename( $_FILES['opt2']['name']);
if(move_uploaded_file($_FILES['opt2']['tmp_name'], $target_path)) {
//echo "The file ". basename( $_FILES['opt2']['name']).
$img_file2 = $_FILES["opt2"]["name"];
$imgData2 = base64_encode(file_get_contents($target_path));
//$src2 = 'data: '.mime_content_type($img_file2).';base64,'.$imgData;
$opt2 = $imgData2;
$c = $b . "|"."0";
} else{
$opt2 = $_POST['opt2'];
$c = $b . "|"."1";
}
$target_path = $target_path . basename( $_FILES['opt3']['name']);
if(move_uploaded_file($_FILES['opt3']['tmp_name'], $target_path)) {
//echo "The file ". basename( $_FILES['opt3']['name']).
$img_file3 = $_FILES["opt3"]["name"];
$imgData3 = base64_encode(file_get_contents($target_path));
//$src3 = 'data: '.mime_content_type($img_file3).';base64,'.$imgData;
$opt3 = $imgData3;
$d = $c . "|"."0";
} else{
$opt3 = $_POST['opt3'];
$d = $c . "|"."1";
}
$target_path = $target_path . basename( $_FILES['opt4']['name']);
if(move_uploaded_file($_FILES['opt4']['tmp_name'], $target_path)) {
//echo "The file ". basename( $_FILES['opt4']['name']).
$img_file4 = $_FILES["opt4"]["name"];
$imgData4 = base64_encode(file_get_contents($target_path));
//$src4 = 'data: '.mime_content_type($img_file4).';base64,'.$imgData;
$opt4 = $imgData4;
$e = $d . "|"."0";
} else{
$opt4 = $_POST['opt4'];
$e = $d . "|"."1";
}
$no = $_POST['no'];
$ans= $_POST['ans'];
$expl=$_POST['expl'];
//echo " QUESTION DATA " .$que. "<br>";//getcwd()
//echo " Answer DATA " .$opt1. "<br>";//getcwd()
//echo " Answer Format " .$e. "<br>";//getcwd()
$target_path = "/uploads/";
//$target_path = $target_path . basename( $_FILES['file']['name']);
$q_code=$this->session->userdata('question_code');
//echo "No1 " . $no . "";
$query = "INSERT INTO question (question_no, question, option1, option2, option3, option4, answer, explaination, layout,question_code) VALUES ('$no', '$que', '$opt1','$opt2','$opt3','$opt4','$ans','$expl','$e','$q_code')";
$result = mysql_query($query);
//echo "No1 " . $query . "";
//echo "No2 " . $$result . "";
//$msg = "question created Successfully.";
if($result){
//echo "No1 " . $$result . "";
$message = "question created Successfully.";
echo " Question created Successfully. " . $result . "";
}
else
{
$message = "question not created please enter valid question no. ";
echo " Question not created please enter valid question no. " . $result . "";
}
}
}?>
I am newish to php. But when i learned to program it was on a TI-83 Calculator. with the TI83 their was an if-then statements the could be used. I am writing some code to check if a directory is already created and if not create it. I need it to run the last half of the code either way. here is the code.
<?php
$dir = "/Applications/XAMPP/xamppfiles/htdocs/upload/$_POST[Itemid]/" ;
if (!file_exists($dir) and !is_dir($dir)) {
$upload_dir = mkdir($dir, 0777);
}else{
foreach ($_FILES["file"]["error"] as $key => $error) {
if ($error == UPLOAD_ERR_OK) {
$filename = $_FILES["file"]["name"][$key];
$filetemp = $_FILES["file"]["tmp_name"][$key];
$filetype = $_FILES["file"]["type"][$key];
$filesize = $_FILES["file"]["size"][$key];
if (file_exists($dir . $filename))
{
echo $filename . " already exists. <br><br>";
}
else
{
echo "Upload: " . $filename . "<br>";
echo "Type: " . $filetype . "<br>";
echo "Size: " . ($filesize / 1024) . " kB<br>";
echo "Temporarily Stored in: " . $filetemp . "<br>";
move_uploaded_file($filetemp,"$dir/$filename");
echo "uploaded the file \"" . $filename. "\" to the \"/Applications/XAMPP/xamppfiles/htdocs/upload/\" Directory<br>" ;
$con=mysqli_connect("localhost","root","","Inventory");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO ListPics (`1`, `Item_ItemID`)
VALUES
('$dir$filename', '$_POST[Itemid]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo ($filename. " added to Database<br><br>");
mysqli_close($con);
}
}
}
}
?>
Yes I know this code is not secure. It will not ever see the interweb(Reverently bows head and says "Thank you Al Gore") It will sit snugly behind a VPN for personal use only. I just need to know how to execute the PHP equivalent of If Then Statements
This is simple:
if(condition) {
/* do something if condition is true */
}
else {
/* do something else if condition is false */
}
/* do other stuff either way */
You only need the else if there is something that you want to do only if the condition is false. If you want to do it either way, then don't use else at all.
I have a PHP script that generates an HTML form for users to upload a file. I save that file on the server using move_uploaded_file then read it using fgets() and perform database inserts based on certain check. Here's a simplified version of the code:
$cart_id = 18566;
if (empty($_POST))
{
echo "<form name=\"upload\" action=\"myscan.php\" id=\"myScan\" method=\"POST\" enctype=\"multipart/form-data\">";
echo "Choose the file to upload:<br>\r\n";
echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"300000\" form=\"myScan\" />";
echo "<input type=\"file\" name=\"file\" form=\"myScan\" id=\"fileUp\" /><br>";
echo "<input type=\"submit\" value=\"Upload\" name=\"sub\" form=\"myScan\" />";
echo "<input type=\"hidden\" name=\"ck\" form=\"myScan\" value=\"".$cart_id."\" />";
echo "</form><br>";
}
else
{
// link to cart goes here
}
$fname = "1SCAN20131031123456";
if (!empty($_POST))
{
$allowedExts = array("txt", "csv");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ( ($_FILES["file"]["type"] == "text/plain"
|| $_FILES["file"]["type"] == "application/vnd.ms-excel")
&& array_search(strtolower($extension), array_map('strtolower', $allowedExts)) !== FALSE )
{
if ($_FILES["file"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br>";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br>";
echo "Type: " . $_FILES["file"]["type"] . "<br>";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
echo "Stored in: " . $_FILES["file"]["tmp_name"]."<br>";
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"], $fname);
echo "Moved to: " . $fname . "<br>";
}
}
}
else
{
echo "Invalid file<br>";
echo "Type: " . $_FILES["file"]["type"] . "<br>";
echo "Upload: " . $_FILES["file"]["name"] . "<br>";
echo "Extension: " . $extension . "<br>\n";
}
At this point the file $fname is ok, no duplicated lines. The next part is called as a function declared in the same PHP file. $link, $fname, and $cart_id are declared as globals
$bn = basename($fname);
$sfd = fopen($fname, "r");
$store_number = "$bn[0]";
if(is_numeric($bn[1]))
$store_number .= $bn[1];
$a = stripos($bn, "SCAN");
$a += 4;
$dt = substr($bn, $a);
// echo "Date = $dt \n";
$fy = substr($dt, 0, 4);
$fM = substr($dt, 4, 2);
$fd = substr($dt, 6, 2);
$fh = substr($dt, 8, 2);
$fm = substr($dt, 10, 2);
$fs = substr($dt, 12, 2);
$fdate = "$fy-$fM-$fd $fh:$fm:$fs";
// echo $fname . ",";
// echo $store_number . ",";
while ($line = fgets($sfd))
{
$li = explode(",", $line);
if (sizeof($li) == 5)
{
$scan = $li[0];
$poQty = $li[1];
$cntQty = $li[2];
$limd = $li[3];
$lihms = $li[4];
$query = "INSERT INTO upload_datalog (file_name, store, filedate, scan, po_qty, cnt_qty, scan_md, scan_hms, cart_id)\n"
. "VALUES (\"$bn\", $store_number, \"$fdate\", \"$scan\", $poQty, $cntQty, \"$limd\", \"$lihms\", $cart_id)";
mysqli_query($link, $query);
}
else if ($fM < 8 || ($fM == 8 && $fd < 16 ))
{
$scan = $li[0];
$poQty = $li[2];
$cntQty = $li[1];
$limd = $li[3];
$lihms = $li[4];
$query = "INSERT INTO upload_datalog (file_name, store, filedate, scan, po_qty, cnt_qty, scan_md, scan_hms, cart_id)\n"
. "VALUES (\"$bn\", $store_number, \"$fdate\", \"$scan\", $poQty, $cntQty, \"$limd\", \"$lihms\", $cart_id)";
mysqli_query($link, $query);
}
else if (sizeof($li) == 3 && $li[0] != "" && $li[1] != "" &&$li[2] != "" )
{
$scan = $li[0];
$poQty = $li[2];
$cntQty = $li[1];
$query = "INSERT INTO upload_datalog (file_name, store, filedate, scan, po_qty, cnt_qty)\n"
. "VALUES (\"$bn\", $store_number, \"$fdate\", \"$scan\", $poQty, $cntQty)";
mysqli_query($link, $query);
}
}
fclose($sfd);
The file contains this information:
This all works more than 99 percent of the time, but twice in the past 2 weeks, the entries in the upload_datalog table have been duplicated. There is another function after this that also reads the file and performs inserts based on different checks, and those are duplicated as well.
I know this is an edge case, but I couldn't find any information as to why this would happen on php.net or through google, and I have not been able to reproduce it mysqlf. But I know it occurs in the wild.
Is there a race condition I'm not seeing here?
You do your inserts in a while loop, so you run twice through that loop?
For debugging, add a counter in your loop and create a small debug function, and a debug table. Insert the counter and data in your debug table. Compare these values with your expectations
So i have a file upload feature on my site and rather than redirect to the php script page, I want to have an iframe that displays the message returned by the script. So here's my html:
<iframe class="iframe" name="my_iframe" src="upload_file.php" style="display:none;"></iframe>
<form id="uploadForm" action="upload_file.php" method="post" enctype="multipart/form-data" target="my_iframe">
So basically I want to hide my iframe UNTIL I the upload process finishes and the script returns a message. Here's my php script:
<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL | E_STRICT);
session_start();
$allowedExts = array("doc", "docx");
$extension = pathinfo( $_FILES["upload"]["name"],PATHINFO_EXTENSION);
$username = $_SESSION["username"];
if (($_FILES["upload"]["size"] < 200000)
&& in_array($extension, $allowedExts)) {
if ($_FILES["upload"]["error"] > 0)
{
echo "Return Code: " . $_FILES["upload"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["upload"]["name"] . "<br />";
echo "Type: " . $_FILES["upload"]["type"] . "<br />";
echo "Size: " . ($_FILES["upload"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["upload"]["tmp_name"] . "<br />";
$dir_exists = is_dir("/disks/*/*/*/*/". $_SESSION["FirstName"] ."-".$_SESSION["username"]."/");
$file_exists = file_exists("/disks/*/*/*/*/".$_SESSION["FirstName"] ."-".$_SESSION["username"]."/" . $_FILES["upload"]["name"]);
$folderName=$_SESSION["FirstName"];
$baseDir = "/disks/*/*/*/*/";
// Create directory if it does not exist
if (! $dir_exists) {
if (is_writable($baseDir)) {
mkdir($baseDir . $_SESSION["FirstName"]."-".$_SESSION["username"]);
} else {
trigger_error($baseDir. " is not writeable");
}
}
if ($file_exists) {
echo $_FILES["upload"]["name"] . " already exists. ";
} else {
$link = new PDO('mysql:host=***;dbname=***;charset=UTF-8','***','***');
$proptype = $_POST["prop_cat"];
$stmt = $link->prepare("UPDATE Table SET `PType`=:proptype WHERE Username=:username");
$stmt->bindParam(':username', $username);
$stmt->bindParam(':proptype', $proptype);
$stmt->execute();
move_uploaded_file($_FILES["upload"]["tmp_name"],
$baseDir. $_SESSION["FirstName"] ."-".$_SESSION["username"]."/". $_FILES["upload"]["name"]);
echo "Stored in: " . $baseDir. $_SESSION["FirstName"] ."-".$_SESSION["username"]."/". $_FILES["upload"]["name"];
}
}
} else {
echo "Invalid file";
}
?>
So basically to sum up my question: How can I hide the iframe until upload finishes, and then display it with the message that the user can close like an alert box?
Can you echo the Iframe at the end of the upload instead of trying to hide it then show it at the top?
if ($file_exists) {
echo $_FILES["upload"]["name"] . " already exists. ";
} else {
$link = new PDO('mysql:host=***;dbname=***;charset=UTF-8','***','***');
$proptype = $_POST["prop_cat"];
$stmt = $link->prepare("UPDATE Table SET `PType`=:proptype WHERE Username=:username");
$stmt->bindParam(':username', $username);
$stmt->bindParam(':proptype', $proptype);
$stmt->execute();
move_uploaded_file($_FILES["upload"]["tmp_name"],
$baseDir. $_SESSION["FirstName"] ."-".$_SESSION["username"]."/". $_FILES["upload"]["name"]);
echo "Stored in: " . $baseDir. $_SESSION["FirstName"] ."-".$_SESSION["username"]."/". $_FILES["upload"]["name"];
/// load the iframe now ///////////////
echo '<iframe class="iframe" name="my_iframe" src="upload_file.php"></iframe>';
///////////////////////////////////////
}