I am facing a problem with send variable data to mysql, one of my variable is passing but other is not.
<?php
session_start();
if(!isset($_SESSION["PAT_ID"])){
ob_start();
header("location: login.php");
ob_end_flush();
}
$patient_id ="";
$complainID = "";
$patient_id = $_SESSION["PAT_ID"];
if(isset($_GET["ComplainID"])){
$complainID = $_GET["ComplainID"];
}
include "config/connect_to_mysql.php";
?>
<?php
//Diesease photo\
echo "Hello Patient Your Complain ID: " . $complainID;
$imageerr = "";
$typeerr = "";
$sizeerr = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if( (isset($_FILES['galleryField_1']) && $_FILES['galleryField_1']['error'] == 0)
|| (isset($_FILES['galleryField_2']))
|| (isset($_FILES['galleryField_3']))
|| (isset($_FILES['galleryField_4']))
){
$allowedExts = array("JPEG", "jpeg", "jpg", "JPG");
$temp = explode(".", $_FILES["galleryField_1"]["name"]);
$extension = end($temp);
if ((
($_FILES["galleryField_1"]["type"] == "image/JPEG")
|| ($_FILES["galleryField_1"]["type"] == "image/jpeg")
|| ($_FILES["galleryField_1"]["type"] == "image/jpg")
|| ($_FILES["galleryField_1"]["type"] == "image/JPG"))
&& in_array($extension, $allowedExts)){
if($_FILES['galleryField_1']['size'] > 1048576) { //1 MB (size is also in bytes)
$sizeerr = "Photo must be within 1 MB";
} else{
// Add this image into the database now
$sql = mysql_query("INSERT INTO `shasthojito`.`sdispic` (`sdis_pic_id`, `pat_id`, `comp_id`) VALUES (NULL, '$patient_id', '$complainID')")
or die (mysql_error());
$gallery_id = mysql_insert_id();
// Place image in the folder
$newgallery = "$gallery_id.jpg";
move_uploaded_file( $_FILES['galleryField_1']['tmp_name'], "dpic/$newgallery");
}
}else{
$typeerr = "You have to put JPEG Image file";
}
}else{
$imageerr = "No Image Selected";
}
Here the variable $patientID is working fine and passing the data into it, but the $complainID is not working on sql query but its showing the value in echo ...
Your are mixing GET with POST Since you're using this line:
if ($_SERVER["REQUEST_METHOD"] == "POST")
You need to change this:
if(isset($_GET["ComplainID"])){
$complainID = $_GET["ComplainID"];
}
To:
if(isset($_POST["ComplainID"])){
$complainID = $_POST["ComplainID"];
}
Or maybe you only need to change this:
if ($_SERVER["REQUEST_METHOD"] == "POST")
To:
if ($_SERVER["REQUEST_METHOD"] == "GET")
Be sure about the method you are using to transfer date to your actual file.
EDIT 1:
Following your answers through your comments above, please change this:
$sql = mysql_query("INSERT INTO `shasthojito`.`sdispic` (`sdis_pic_id`, `pat_id`, `comp_id`) VALUES (NULL, '$patient_id', '$complainID')")
or die (mysql_error());
To:
$sql = mysql_query("INSERT INTO `shasthojito`.`sdispic` (`sdis_pic_id`, `pat_id`, `comp_id`) VALUES (NULL, '$patient_id', '".$complainID."')")
or die (mysql_error());
EDIT 2:
Before inserting the variable, be sure it is of the same type as the column comp_id of your table:
if (isset($_GET['ComplainID']) && ctype_digit($_GET['ComplainID']))
{
$complainID = $_GET["ComplainID"];
}
Related
Hi I am trying the data like title,Description and image.If i give only title and description without adding image the data should be inserted into database.But if I am trying that getting error.Here is my error and code:
error: error while uploading
my code
$title=$_POST['blog_title'];
$result = str_replace(" ", "-", $title);
$description=$_POST['blog_description'];
$name=$_FILES["image"]["name"];
$type=$_FILES["image"]["type"];
$size=$_FILES["image"]["size"];
$temp=$_FILES["image"]["tmp_name"];
$error=$_FILES["image"]["error"];
if($error>0)
die("error while uploading");
else
{
if($type == "image/png" || $type == "image/jpg"|| $type == "image/jpeg" || $type == "image/svg" || $type == "image/jpe" )
{
move_uploaded_file($temp,"upload/".$name);
$sql=mysql_query("INSERT INTO blogs(image,blog_title,blog_description)values('$name','$result','$description')");
echo "upload complete";
session_start();
header("Location:blogimage.php");
}
else
{
echo "failure";
}
Html Code
<form method="POST" action="blogs.php" enctype="multipart/form-data">
<div>
<label for="title">Title</label>
<input type="text" name="blog_title" value="">
</div>
<div>
<label for="image">IMAGE</label>
<input type="file" name="image">
</div>
<div>
<label for="blog_description">Description</label>
<textarea name="blog_description" class="text" style="width:50%;"> </textarea>
</div>
<input type="submit" value="Submit"/>
</form>
According to your code if you are not uploading the image, value of $error becomes 4. So your if() condition is getting executed. So remove your if condition.
if ($name = $_FILES["image"]["name"] != '') {
if ($type == "image/png" || $type == "image/jpg" || $type == "image/jpeg" || $type == "image/svg" || $type == "image/jpe") {
move_uploaded_file($temp, "upload/" . $name);
$sql = mysql_query("INSERT INTO blogs(image,blog_title,blog_description)values('$name','$result','$description')");
echo "upload complete";
}else{
echo "File type not supported.";
}
session_start();
header("Location:blogimage.php");
} else {
$sql = mysql_query("INSERT INTO blogs(blog_title,blog_description)values('$result','$description')");
echo "upload complete";
session_start();
header("Location:blogimage.php");
}
First of all, start session at the very top of your PHP script, like this:
<?php
session_start();
?>
And now comes your issue. First use is_uploaded_file() function to check whether a file is uploaded or not, and then process your form accordingly.
So your code should be like this:
$title=$_POST['blog_title'];
$result = str_replace(" ", "-", $title);
$description=$_POST['blog_description'];
if(is_uploaded_file($_FILES['image']['tmp_name'])){
$name=$_FILES["image"]["name"];
$type=$_FILES["image"]["type"];
$size=$_FILES["image"]["size"];
$temp=$_FILES["image"]["tmp_name"];
$error=$_FILES["image"]["error"];
$ext = strtolower(pathinfo($name, PATHINFO_EXTENSION));
if($error > 0){
die("error while uploading");
}else{
$permissible_extension = array("png", "jpg", "jpeg", "svg", "jpe");
if(in_array($ext, $permissible_extension)){
if(move_uploaded_file($temp,"upload/".$name)){
$sql = mysql_query("INSERT INTO blogs(image,blog_title,blog_description)values('$name','$result','$description')");
if($sql){
header("Location:blogimage.php");
exit();
}else{
echo "Insertion failed";
}
}else{
echo "File couldn't be uploaded";
}
}else{
echo "Invalid format";
}
}
}else{
$sql = mysql_query("INSERT INTO blogs(blog_title,blog_description)values('$result','$description')");
if($sql){
header("Location:blogimage.php");
exit();
}else{
echo "Insertion failed";
}
}
Sidenote: Don't use mysql_* functions, they are deprecated as of PHP 5.5 and are removed altogether in PHP 7.0. Use mysqli or pdo instead. And this is why you shouldn't use mysql_* functions.
You have to use like below:
...
if($type == "image/png" || $type == "image/jpg"|| $type == "image/jpeg" || $type == "image/svg" || $type == "image/jpe" )
{
move_uploaded_file($temp,"upload/".$name);
$sql=mysql_query("INSERT INTO blogs(image,blog_title,blog_description)values('$name','$result','$description')");
} else {
$sql=mysql_query("INSERT INTO blogs(blog_title,blog_description)values('$result','$description')");
}
session_start();
header("Location:blogimage.php");
...
I am using mysqli_query with your code, because mysql_* is deprecated:
Modified Code:
<?php
$link = mysqli_connect("localhost", "root", "", "yourDb");
if (!$link) {
echo "Error: Unable to connect to MySQL." . PHP_EOL;
echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
exit;
}
$title=$_POST['blog_title'];
$result = str_replace(" ", "-", $title);
$description=$_POST['blog_description'];
$name = "";
$failure = "";
if(isset($_FILES["image"]["name"])){
$name=$_FILES["image"]["name"];
$type=$_FILES["image"]["type"];
$size=$_FILES["image"]["size"];
$temp=$_FILES["image"]["tmp_name"];
$error=$_FILES["image"]["error"];
if($error>0){
$name = "";
}
else{
if($type == "image/png" || $type == "image/jpg"|| $type == "image/jpeg" || $type == "image/svg" || $type == "image/jpe" )
{
move_uploaded_file($temp,"upload/".$name);
}
}
}
$sql = mysqli_query($link,"INSERT INTO blogs (image,blog_title,blog_description)
values('$name','$result','$description')");
if($sql){
//echo "upload complete";
session_start();
header("Location:blogimage.php");
die();
}
else{
echo 'failure';
}
?>
Explanation:
I am checking if if $_FILES["image"]["name"] is set than execute the file upload code.
further more if $error is not equal to 0 use move_uploaded_file()
Query will run in default either file empty or not, if empty than use $name as empty else use file name.
From PHP Manual:
mysqli::query -- mysqli_query — Performs a query on the database
Note that, its a procedural structure of mysqli_* extension, ist param of mysqli_query should be your connection identifier and second param should be your MYSQL Statement.
You have to make your fields and values dynamic :
Try this :
$_POST = array('image'=>'','blog_title'=>'yes','blog_description'=>'nothing');
foreach ($_POST as $key => $value) {
if(!empty($value)){
$fields .= $key.',';
$values .= "'".$value."'".',';
}
}
$fields = substr($fields, 0, -1);
$values = substr($values, 0, -1);
echo "INSERT INTO blogs($fields)values($values)";
This is my image insert into database.but it won't show image path or image in folder?
This code shows err=imgpro this error in URL.
Any idea ?
If possible edit my code and post it in comment.
Also want add multiple checkbox and its value into the database.
<?php
include "config.php";
extract($_POST);
$file_exts = array("jpg", "bmp", "jpeg", "gif", "png");
$upload_exts = end(explode(".", $_FILES["img"]["name"]));
if ((($_FILES["img"]["type"] == "img/gif")
|| ($_FILES["img"]["type"] == "img/jpeg")
|| ($_FILES["img"]["type"] == "img/png")
|| ($_FILES["img"]["type"] == "img/pjpeg"))
&& ($_FILES["img"]["size"] < 2000000)
&& in_array($upload_exts, $file_exts))
{
if ($_FILES["img"]["error"] > 0)
{
header("Location: Add_Decoration_Item_form.php?err=imgpro1");
//echo "Return Code: " . $_FILES["img"]["error"] . "<br>";
}
else
{
$tempupname = time().$_FILES["img"]["name"];
$imgpathtostore="imgs/".$tempupname;
$imgpathtostoreDB="imgs/".$tempupname;
// Enter your path to upload file here
move_uploaded_file($_FILES["img"]["tmp_name"], $imgpathtostore);
$sql= "INSERT INTO user_regi.u_reg (u_id, u_name, u_gender, u_mail, u_pwd, u_dob,u_hobbies,u_image,u_about) VALUES (NULL, '$uname', '$gender', '$email', '$pwd', '$DOB',$team, $img,'$about')";
mysqli_query($con,$sql);
if(mysqli_errno($con))
{
echo mysqli_errno();
/*header("Location: Form.php?msg=err");*/
}
else
{
header("Location: Form.php?msg=ok");
}
}
}
else
{
header("Location: Form.php?err=imgpro");
}
?>
Any Helpful answers?
In your $sql you store a variable called $img, but it is never set, you should store $imgpathtostoreDB instead. Which contains the path to your image.
I am trying to save a image file name at database, but i cannot make it, please help me
my database have no wrong, duno why it cannot update to databse, but i can get the $newname correctly
?php session_start();
include_once("connectDB.php");
$ID = $_SESSION['ID'];
if(isset($_POST['upload'])){
$ID = $_SESSION['ID'];
$loc = "profilepicture/";
if($_FILES["Adminpic"]["type"] == "image/png" || $_FILES["Adminpic"]["type"] ==
"image/jpeg" || $_FILES["Adminpic"]["type"] == "image/jpg" || $_FILES["Adminpic"]
["type"] == "image/gif")
{
$ID = $_SESSION['ID'];
$file = explode(".", $_FILES["Adminpic"]["name"]);
$newname = "$ID.$file[0].$file[1]";
mysql_query("UPDATE admin SET Adminpic == '$newname' WHERE ID='$ID'");
$path = "$loc$newname";
move_uploaded_file($_FILES["Adminpic"]["tmp_name"], $path) ;
echo "Your image has been uploaded success, $newname";
}
else{
echo"invalid file.";
}
}
Because your query is incorrect
mysql_query("UPDATE admin SET Adminpic ='$newname' WHERE ID=$ID");
try with this because you use double equal after Adminpic .
i am uploading some data to the db that contain title, news date and image, but when i want to update it i am facing problems.what i want to do basically if i update all the row except image then updation do not take place. what i want basically when i have to update lets suppose title only then it should update it but all other data should remain same but problem is that i have to select image again from my pc in updation. my scenario is that i just save the name in db not the whole path and hard code the path where ever i need to display the image
here is html
<div class="row">
<label>Image upload</label>
<div class="right"><input type="file" name="file" value="<?php echo $row['images'];?>" /></div>
</div>
here is php
if(($_GET['mod']=='edit') && (isset($_POST['hidden'])))
{
echo $_FILES["file"]["name"];
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $images));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo $_FILES["file"]["error"] . "<br>";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"], "upload-images/" . $images);
$update="UPDATE headline SET
headline_title = '$title',
headline_des = '$description',
month = '$month_name',
day = '$day_name',
year = '$year_name',
featured = '$featured',
headline = '$headline',
images = '$images'
where id = ".$_GET['id']."";
$result = mysql_query($update);
}
}
Submitting the form again will cause the new value of the file input which will be empty
so you have to check if it's empty or not and act according to the status
For example
if($_FILES['file']['name'] != "")
{
//upload the image with what ever you want
//move_uploaded_file($_FILES['file']['tmp_name'],$target.$image );
//the SQL query should contain the updating the image column
if(($_GET['mod']=='edit') && (isset($_POST['hidden'])))
{
echo $_FILES["file"]["name"];
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $images));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& in_array($extension, $allowedExts))
{
if ($_FILES["file"]["error"] > 0)
{
echo $_FILES["file"]["error"] . "<br>";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"], "upload-images/" . $images);
$update="UPDATE headline SET
headline_title = '$title',
headline_des = '$description',
month = '$month_name',
day = '$day_name',
year = '$year_name',
featured = '$featured',
headline = '$headline',
images = '$images'
where id = ".$_GET['id']."";
$result = mysql_query($update);
}
}
}
else
{
//SQL update without image
$update="UPDATE headline SET
headline_title = '$title',
headline_des = '$description',
month = '$month_name',
day = '$day_name',
year = '$year_name',
featured = '$featured',
headline = '$headline'
WHERE id = ".$_GET['id']."";
$result = mysql_query($update);
}
if you don't want the image to be edited simply you can remove it from the update and the form used for that or but it's path in hidden input
Hope this will help
According to your comment the query should look something like this
$update="UPDATE headline SET
headline_title = '$title',
headline_des = '$description',
month = '$month_name',
day = '$day_name',
year = '$year_name',
featured = '$featured',
headline = '$headline'
WHERE id = ".$_GET['id']."";
$result = mysql_query($update);
I think you need to use good intending to make your code more readable and maintainable in the future :)
Solution
check the file is not empty: if(!empty($_FILES['fileToUpload']['name']))
Take update query with mentioning image column in your table in IF statement,
if images not uploaded, then it will upload.
Take update query without mentioning image column in your table in ELSE statement,if file is empty, it will upload
CONCLUSION
Next time when you update any other field the image won't get disappeared, meaning file path wont be empty in your database, and if already present it won't change unless you manually change it..
i am trying to allow users to update their profile picture using this code.
require("../connection.php");
$imgName = $_FILES['pic']['name'];
$imgTmp = $_FILES['pic']['tmp_name'];
$imgtype = $_FILES['pic']['type'];
$imgSize = $_FILES['pic']['size'];
$maxFileSize = 200000;
$pic = "../uploads/" . $user_id . "_" . time() . $imgName;
if ($imgSize > $maxFileSize) {
$error = "size";
}
if ($imgType == "image/jpeg" || $imgType == "image/gif") {
$error .= "";
} else {
$error = "type";
}
if (file_exists($pic)) {
$error = "exists";
}
if ($error == "" && $imgName != "") {
move_uploaded_file($imgTmp, $pic);
mysql_query("UPDATE users SET pic = '$pic', WHERE username = '$username'");
if (!mysql_query($query, $connect)) {
die(mysql_error());
} else {
mysql_close($connect);
header('location:http://www.WEBSITE.co.uk/users/upload-pic-thanks.php');
}
} else {
header("Location:edit-pic-error.php?e=".$error);
}
and it gives me this in the address bar: edit-pic-error.php?e=type, however the file i am trying to upload is .jpg, and its smaller than the 20000kb allowance.
The table in my mysql database is called 'users', and the table row is called 'pic', its Varchar, 60, allow null ticked.
The table is not being updated with the new time stamped profile picture.
Please help.
Thanks very much
$imgtype = $_FILES['pic']['type'];
if ($imgType == "image/jpeg" || $imgType == "image/gif") {
$imgType vs. $imgtype, notice the case.