I have a basic image upload which is working nice but now I need to save it in my MySql DB 3 images not only one, How can I save 3 images in the same form with my upload script?
I need to save 3 images because is an article blog in my page and I want to show the 3 images in a slider in the preview, so because that, I need to save 3 images in the same id.
Another think is, How can just save one or two without the upload script show me error because one or two or even the three files upload are empty?
Here I show you my upload script:
<?php
require_once("connection.php");
require_once("settings.php");
$alert = "";
if(isset($_FILES['foto_ser1'])) {
$extension = pathinfo($_FILES['foto_ser1']['name']);
$extension = $extension["extension"];
$allowed_paths = explode(", ", $allowed_ext);
$valid = 0;
for($i = 0; $i < count($allowed_paths); $i++) {
if ($allowed_paths[$i] == "$extension") {
$valid = 1;
}
}
if ($valid == 1 && $_FILES["foto_ser1"]["size"] <= $max_weight) {
if (file_exists("../assets/img/servicios/" . $_FILES["foto_ser1"]["name"])) {
$alert = '<p class="error">' . $_FILES["foto_ser1"]["name"] . ' El nombre del archivo ya existe!' . '</p>';
} else {
move_uploaded_file($_FILES["foto_ser1"]["tmp_name"], "../assets/img/servicios/" . $_FILES["foto_ser1"]["name"]);
$save1 = $_FILES["foto_ser1"]["name"];
$statement = $conn->prepare("INSERT INTO SERVICIOS (titulo, descripcion, categoria, foto_ser1, foto_ser2, foto_ser3) VALUES (?, ?, ?, ?, ?, ?)");
if ($statement->execute(array($_POST['titulo'],$_POST['descripcion'],$_POST['categoria'],$save1,$save2,$save3)));
$dbSuccess = true;
$alert = '<p class="ok">' . ' Servicio agregado satisfactoriamente!' . '</p>';
$dbh = null;
}
} else {
$alert = '<p class="error">' . ' Tipo de archivo inválido!' . '</p>';
}
}
?>
form page.php:
<form class="form-horizontal" id="servicios" name="data" method="post" enctype="multipart/form-data">
<fieldset>
<?php echo $alert1; ?>
<div class="control-group">
<label class="control-label col-md-4"><?php echo $translate->__('Title'); ?> :</label>
<div class="col-md-5">
<input type="text" class="form-control" name="titulo" />
</div>
</div>
<div class="control-group">
<label class="control-label col-md-4"><?php echo $translate->__('Article info'); ?> :</label>
<div class="col-md-5">
<textarea id="maxlength_textarea" class="form-control" maxlength="225" name="descripcion" /></textarea>
</div>
</div>
<div class="control-group">
<label class="control-label col-md-4"><?php echo $translate->__('Article category'); ?> :</label>
<div class="col-md-5">
<input type="text" class="form-control" name="categoria" />
</div>
</div>
<div class="control-group">
<label class="control-label col-md-4"><?php echo $translate->__('File to upload 1'); ?> :</label>
<div class="col-md-3">
<input name="foto_ser1" type="file" />
</div>
</div>
<div class="control-group">
<label class="control-label col-md-4"><?php echo $translate->__('File to upload 2'); ?> :</label>
<div class="col-md-3">
<input name="foto_ser2" type="file" />
</div>
</div>
<div class="control-group">
<label class="control-label col-md-4"><?php echo $translate->__('File to upload 3'); ?> :</label>
<div class="col-md-3">
<input name="foto_ser3" type="file" />
</div>
</div>
<div class="control-group">
<div class="row">
<div class="col-md-12">
<div class="col-sd-offset-9 col-md-12"><br />
<button class="btn btn-info" name="enviar"><i class="fa fa-check"></i> <?php echo $translate->__('Save'); ?></button>
</div>
</div>
</div>
</div>
</fieldset>
</form>
<div id="loading" style="display:none;"><img src="assets/img/ajax_loader.gif" /></div>
EDIT
The new code:
<?php
require_once("includes/connection.php");
require_once("includes/settings.php");
$alert = "";
if(isset($_FILES['foto_ser{$i}'])) {
for($i = 1; $i <= 3; $i++) {
if ($_FILES["foto_ser{$i}"]['error'] === UPLOAD_ERR_OK) {
if ($valid == 1 && $_FILES["foto_ser{$i}"]["size"] <= $max_weight) {
if (file_exists("assets/img/servicios/" . $_FILES["foto_ser{$i}"]["name"])) {
$alert = '<div class="alert alert-block alert-danger fade in">
<button type="button" class="close" data-dismiss="alert"></button>
<h4 class="alert-heading">Error!</h4>
<p>' . $_FILES["foto_ser{$i}"]["name"] . ' El nombre de la foto ya existe!' . '</p></div>';
} else {
move_uploaded_file($_FILES["foto_ser{$i}"]["tmp_name"], "assets/img/servicios/" . $_FILES["foto_ser{$i}"]["name"]);
$save1 = $_FILES["foto_ser{$i}"]["name"];
$save2 = $_FILES["foto_ser{$i}"]["name"];
$save3 = $_FILES["foto_ser{$i}"]["name"];
$activo = is_array($_POST['activo'])
? implode(', ', $_POST['activo'])
: $_POST['activo'];
$statement = $conn->prepare("INSERT INTO SERVICIOS (titulo_ser, stitulo_ser, servicios, precio, foto_ser1, foto_ser2, foto_ser3, categoria, subcategoria, visto, activo) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
if ($statement->execute(array($_POST['titulo_ser'],$_POST['stitulo_ser'],$_POST['servicios'],$_POST['precio'],$save1,$save2,$save3,$_POST['categoria'],$_POST['subcategoria'],$_POST['visto'],$activo)));
$dbSuccess = true;
$alert = '<div class="alert alert-block alert-success fade in">
<button type="button" class="close" data-dismiss="alert"></button>
<h4 class="alert-heading">Success!</h4>' . ' Nuevo servicio agregado satisfactoriamente!' . '</p></div>';
$dbh = null;
}
} else {
$alert = '<div class="alert alert-block alert-danger fade in">
<button type="button" class="close" data-dismiss="alert"></button>
<h4 class="alert-heading">Error!</h4>
<p>' . ' Tipo de imagen inválida!' . '</p></div>';
}
}
}
}
?>
You need to have upload handling. Right now your code is simply ASSUMING that all uploads will always succeed. Indeed, it assumes there will NEVER not be an upload.
In short, you need something like this:
for ($i = 1; $i <= 3; $i++) {
if ($_FILES["foto_ser{$i}"]['error'] === UPLOAD_ERR_OK) {
...file #$i has succeeded...
}
}
Your code is also quite dangerous - you're directly using the user-provided ['name']parameter in your move_uploaded_files call, which allows a malicious user to scribble a file of their choosing ANYWHERE on your server.
Related
I wanted to update the image "name" to SQL and store the new image file in the directory, But I'm not able to find a good way to do it and my existing code is not working as well for the file upload.
.PHP file
<?PHP
$base_url = "https://example.com/"; // Current page path URL: https://example.com/settings#/edit-profile
$uniqueid = $_SESSION['uniqueid']; // Current user unique id.
// For Extension
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
?>
<?php
if(!empty($uniqueid))
{
$edituserid = $uniqueid;
$query_result=mysqli_query($con,"SELECT * FROM tbl_admin WHERE uniqueid='$edituserid'");
$numrows=mysqli_num_rows($query_result);
if(!$numrows)
{
$_SESSION['error'] = "Somthing went wrong!";
header('Location:'.$base_url.'settings#/edit-profile');
}
else
{
$Query = mysqli_query($con,"SELECT * FROM tbl_admin WHERE uniqueid='$edituserid'");
$editRow = mysqli_fetch_array($Query);
$edituserid = $editRow['uniqueid'];
$previousimage = $editRow['profile_image'];
}
}
?>
<?php
if(isset($_POST['update_user_info']))
{
$first_name = mysqli_real_escape_string($con,$_POST['first_name']);
$last_name = mysqli_real_escape_string($con,$_POST['last_name']);
$uniqueid1 = mysqli_real_escape_string($con,$_POST['uniqueid']);
// Image preparation
$profile_image = $_FILES['profile_image']['name'];
if($profile_image)
{
$profile_image_original = ($_FILES['profile_image']['name']);
$profile_image = ($uniqueid);
$profile_image_extension = getExtension($profile_image_original);
$extension = strtolower($profile_image_extension);
$dot = ".";
$profile_image_type = $_FILES['profile_image']['type'];
$profile_image_size = $_FILES['profile_image']['size'];
$image_file_name = "assets/user_images/".$profile_image.=$dot.=$extension;
move_uploaded_file($_FILES['profile_image']['tmp_name'], $image_file_name);
}
else
{
$profile_image = $previousimage;
}
if(!empty($_FILES['profile_image']['name']))
{
$sql2 = "UPDATE `tbl_admin` SET `first_name`='$first_name', `last_name`='$last_name', `uniqueid`='$uniqueid1', `profile_image`='$profile_image' WHERE uniqueid='$edituserid'";
}
else
{
$sql2 = "UPDATE `tbl_admin` SET `first_name`='$first_name', `last_name`='$last_name', `uniqueid`='$uniqueid1' WHERE uniqueid='$edituserid'";
}
//var_dump($sql); exit();
$result2 = mysqli_query($con, $sql2);
if($result2)
{
$_SESSION['success'] = "Update successful!";
header('Location:'.$base_url.'settings#/edit-profile');
} else {
$error="Something went wrong !";
}
$first_name = '';
$last_name = '';
$uniqueid1 = '';
}
?>
HTML form
<form method="POST" enctype="multipart/form-data">
<div class="row">
<div class="col-md-4 col-sm-12">
<div class="container">
<div class="avatar-upload">
<div class="avatar-edit">
<input type="file" id="imageUpload" name="profile_image" accept="image/*" />
<label for="imageUpload"></label>
</div>
<div class="avatar-preview">
</div>
</div>
</div>
</div>
<div class="form-group row">
<label for="staticEmail" class="col-sm-4 col-form-label">Email</label>
<div class="col-sm-8">
<input type="text" readonly class="form-control" id="staticEmail" value="<?php if(!empty($editRow)){ echo $editRow['email']; } ?>">
</div>
</div>
<div class="form-group row">
<label for="inputFirstName" class="col-sm-4 col-form-label">First Name</label>
<div class="col-sm-8">
<input type="text" class="form-control" id="inputFirstName" name="first_name" value="<?php if(!empty($editRow)){ echo $editRow['first_name']; } ?>">
</div>
</div>
<div class="form-group row">
<label for="inputLastName" class="col-sm-4 col-form-label">Last Name</label>
<div class="col-sm-8">
<input type="text" class="form-control" id="inputLastName" name="last_name" value="<?php if(!empty($editRow)){ echo $editRow['last_name']; } ?>">
</div>
</div>
<div class="form-group row">
<label for="inputSxID" class="col-sm-4 col-form-label">ID</label>
<div class="col-sm-8">
<input type="text" readonly class="form-control" id="inputSxID" name="uniqueid" value="<?php if(!empty($editRow)){ echo $editRow['uniqueid']; } ?>">
</div>
</div>
<button type="submit" class="btn btn-primary" name="update_user_info">Update</button>
</div>
</div>
</form>
It handles This table
id
first_name
last_name
email
profile_image
1
Joe
Dilon
abc#mail.com
abc.jpg
To // after success post update
id
first_name
last_name
email
profile_image
1
Changed
Changed
abc#mail.com
abc.jpg //No Response
And also there is no image file transfer into the targeted directory path. I'm not able to figure what's wrong or best way to do it correctly.
how to overcome the failure to change the username and password for the admin, this code succeeded in the profile of the user page, but it was not successfully used in the admin profile. Does anyone know where my code error is?
<?php
include('header.php');
$admin_user_name = '';
$admin_password = '';
$error_admin_user_name = '';
$error_admin_password = '';
$error = 0;
$success = '';
if (isset($_POST["button_action"])) {
if (empty($_POST["admin_user_name"])) {
$error_admin_user_name = 'Nama Admin harus di isi';
$error++;
} else {
$admin_user_name = $_POST["admin_user_name"];
}
if (!empty($_POST["admin_password"])) {
$admin_password = $_POST["admin_password"];
}
if ($error == 0) {
if ($admin_password != "") {
$data = array(
':admin_user_name' => $admin_user_name,
':admin_password' => password_hash($admin_password, PASSWORD_DEFAULT),
':admin_id' => $_POST["admin_id"]
);
$query = "
UPDATE tbl_admin
SET admin_user_name = :admin_user_name,
admin_password = :admin_password,
WHERE admin_id = :admin_id
";
} else {
$data = array(
':admin_user_name' => $admin_user_name,
':admin_id' => $_POST["admin_id"]
);
$query = "
UPDATE tbl_admin
SET admin_user_name = :admin_user_name,
WHERE admin_id = :admin_id
";
}
$statement = $connect->prepare($query);
if ($statement->execute($data)) {
$success = '<div class="alert alert-success">Profil anda sudah diperbaharui</div>';
}
}
}
$query = "
SELECT * FROM tbl_admin
WHERE admin_id = '" . $_SESSION["admin_id"] . "'
";
$statement = $connect->prepare($query);
$statement->execute();
$result = $statement->fetchAll();
?>
<div class="container" style="margin-top:30px">
<span id="message_operation"><?php echo $success; ?></span>
<div class="card">
<form method="post" id="profile_form">
<div class="card-header">
<div class="row">
<div class="col-md-9">Profil</div>
<div class="col-md-3" align="right">
</div>
</div>
</div>
<div class="card-body">
<div class="form-group">
<div class="row">
<label class="col-md-4 text-right">Nama Admin<span class="text-danger">*</span></label>
<div class="col-md-8">
<input type="text" name="admin_user_name" id="admin_user_name" class="form-control" />
<span class="text-danger"><?php echo $error_admin_user_name; ?></span>
</div>
</div>
</div>
<div class="form-group">
<div class="row">
<label class="col-md-4 text-right">Password <span class="text-danger">*</span></label>
<div class="col-md-8">
<input type="password" name="admin_password" id="admin_password" class="form-control" placeholder="Kosongkan Jika Tidak Ingin Diubah" />
<span class="text-danger"></span>
</div>
</div>
</div>
</div>
<div class="card-footer" align="center">
<input type="hidden" name="admin_id" id="admin_id" />
<input type="submit" name="button_action" id="button_action" class="btn btn-success btn-sm" value="Simpan" />
</div>
</form>
</div>
</div>
</body>
</html>
<script>
$(document).ready(function() {
<?php
foreach ($result as $row) {
?>
$('#admin_user_name').val("<?php echo $row['admin_user_name']; ?>");
$('#admin_id').val("<?php echo $row['admin_id']; ?>");
<?php
}
?>
});
</script>
This code aims to change the admin name and change the admin password on the admin profile page
I Have A form that's have two inputs file one regular and the second is multiple and in one if statment i get them both but in the part
if (!empty($_FILES['logo']['name']) && !empty($_FILES['materials']['name']))
the
$_FILES['materials']
is the multiple
i have tried to
json_encode()
the
$_FILES['materials']
but isn't work, its not pass the first if to the
is_uploaded_file()
/php/
define('IMG_MAX_SIZE', 1024 * 1024 * 5);
if (isset($_POST['submit'])) {
$ex = ['jpg', 'png', 'jpeg', 'gif', 'bmp'];
if (!empty($_FILES['logo']['name']) && !empty($_FILES['materials']['name'])
) {
$matToStr = json_encode($_FILES['materials']);
if (is_uploaded_file($_FILES['logo']['tmp_name']) &&
is_uploaded_file($matToStr)) {
echo "in";
if ($_FILES['logo']['error'] == 0 && $_FILES['logo']['size'] <=
IMG_MAX_SIZE && $_FILES['materials']['error'] == 0 &&
$_FILES['materials']['size'] <= IMG_MAX_SIZE) {
echo "in2";
$logoInfo = pathinfo($_FILES['logo']['name']);
$materialsInfo = pathinfo($_FILES['materials']['name']);
if (in_array(strtolower($logoInfo['extension']), $ex) && in_array(strtolower($materialsInfo['extension']), $ex)) {
$logo = date('Y.m.d.H.i.s') . '-' . $_FILES['logo']['name'];
$materials = date('Y.m.d.H.i.s') . '-' . $_FILES['materials']['name'];
$_SESSION['logo'] = $logo;
$_SESSION['materials'] = $materials;
move_uploaded_file($_FILES['logo']['tmp_name'], 'uploads/' . $logo);
move_uploaded_file($_FILES['materials']['tmp_name'], 'uploads/' . $materials);
$pdo = DB();
$stmt = $pdo->prepare("INSERT INTO client_form_7 (client_id, logo, materials, websites) VALUES (:client_id, :logo, :materials, :websites)");
$stmt->bindParam("client_id", $user_id, PDO::PARAM_INT);
$stmt->bindParam("logo", $logo, PDO::PARAM_STR);
$stmt->bindParam("materials", $materials, PDO::PARAM_STR);
$stmt->bindParam("websites", $websites, PDO::PARAM_STR);
$stmt->execute();
if ($stmt->rowCount() > 0) {
header('location: client-form-7.php?sm=תמונת הפרופיל עודכנה');
exit;
}
}
}
}
}
}
/html/
<form action="" method="post" class="col s12" enctype="multipart/form-data">
<h4>7. קבצים וחומרים</h4>
<div class="row">
<div class="file-field input-field col s6">
<p>לוגו</p>
<div class="btn">
<span>בחר קובץ</span>
<input type="file" name="logo" id="logo">
</div>
<div class="file-path-wrapper">
<input class="file-path validate" type="text">
</div>
</div>
</div>
<div class="row">
<div class="file-field input-field col s6">
<p>צילומים וחומרים שעלולים להיות רלוונטי</p>
<div class="btn">
<span>בחר קובץ</span>
<input type="file" name="materials[]" id="materials" multiple>
</div>
<div class="file-path-wrapper">
<input class="file-path validate" type="text">
</div>
</div>
</div>
<div class="row">
<div class="input-field col s6">
<input type="text" name="websites" id="websites" value="<?=old('websites')?>">
<label for="websites">אתרי אינטרנט שניתן למשוך משם חומרים</label>
</div>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<input type="submit" class="btn left" value="העלה קבצים" name="submit">
</div>
</div>
</form>
i expected tha'ts upload the one regular file input
and the scond upload like array because i want to fetch it later
When i click on submit, it redirects and show Object Not Found.But the Url shows that it is on the action page.Please help to resolve this issue.....
//addprograms.php - action page
//funtions.php - common page that contain class and functions
HTML CODE
<div class="col-xs-12 col-sm-9 content">
<div class="content-row">
<div class="panel panel-default">
<div class="panel-heading">
<div class="panel-title"><b>Add Programs</b>
</div>
</div>
<div class="panel-body">
<form role="form" class="form-horizontal"
action="../actions/addprograms.php" method="post">
<div class="form-group">
<label class="col-md-2 control-label">Title</label>
<div class="col-md-10">
<input type="text" required="" placeholder="Title"
id="title" class="form-control" name="title">
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label"
for="description">Description</label>
<div class="col-md-10">
<textarea required="" class="form-control"
placeholder="Description" rows="10" cols="30"
name="description"></textarea>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label"
for="exampleInputFile">File input</label>
<div class="col-md-10">
<input type="file" id="exampleInputFile"
name="uploadedfile">
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<button class="btn btn-info" type="submit"
name="addprogramsubmit">Submit</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div><!-- content -->
addprograms.php
<?php
require_once '../includes/functions.php';
if(isset($_POST['addprogramsubmit'])){
echo '12';
exit();
}
?>
This is my functions.php file
functions.php(it is not complete)
<?php
session_start();
class Auth extends DB {
function login($tablename, $username, $password) {
$result = mysqli_query($this->con, "SELECT username,password FROM
$tablename WHERE username='$username'") or die("Error: " .
mysqli_error($this->con));;
$login_result = mysqli_fetch_array($result, MYSQLI_ASSOC);
if (($login_result['username'] == $username) &&
($login_result['password'] == $password)) {
$_SESSION['login_id'] = $username;
}
return true;
}
}
class DB {
public $con;
function __construct() {
$this->con = mysqli_connect("localhost", "root", "", "heatsds");
}
// INSERT
function insert($tablename, $data = array(), $avoid_data = array()) {
$i = 0;
$fields = "";
$values = "";
foreach ($data as $col => $val) {
if (!in_array($col, $avoid_data)) {
if ($i === 0) {
$fields .= "`" . $col . "`";
$values .= "'" . $val . "'";
} else {
$fields .= ",`" . $col . "`";
$values .= ",'" . $val . "'";
}
}
$i++;
}
mysqli_query($this->con, "INSERT INTO $tablename ($fields) VALUES
($values)");
}
function __destruct() {
mysqli_close($this->con);
}
}
Image of the directory
ERROR MESSAGE image
your <form> has action="../actions/addprograms.php", so it will search for addprograms.php file. In your listings it's only actions.php. Move actions.php content into addprograms.php and this should work.
I'm trying to enter data into a mysql database using php / html form but it isn't working and I don't know why. The record is not inserted and the page just refresh
I apologize for some of it being written in Danish
I have 2 files 1 with html and php and 1 with only php
My database: Database image
This is the html form and php:
<div class="row">
<div class="col-sm-12">
<?php
if (isset($_POST['Submit'])) {
// echo "<pre>", print_r($_POST), "</pre>";
$apply_name = mysqli_real_escape_string($db, $_POST ['apply_name']);
$apply_age = mysqli_real_escape_string($db, $_POST ['apply_age']);
$apply_ingame_name = mysqli_real_escape_string($db, $_POST ['apply_ingame_name']);
$apply_email = mysqli_real_escape_string($db, $_POST ['apply_email']);
$apply_steamID = mysqli_real_escape_string($db, $_POST ['apply_steamID']);
$apply_text = mysqli_real_escape_string($db, $_POST ['apply_text']);
$errors = []; // Array
if ($apply_name == "") {
$errors['apply_name'] = "<div class='alert alert-danger'>
<strong>Du har ikke angivet noget navn!</strong>
</div>";
} elseif (strlen($apply_name) < 2) {
$errors['apply_name'] = "<div class='alert alert-info'>
<strong>Dit navn skal minimum være 2 karatere</strong>
</div>";
}
if ($apply_age == "") {
$errors['create_apply_age'] = "<div class='alert alert-danger'>
<strong>Du har ikke angivet din alder!</strong>
</div>";
}
if ($apply_ingame_name == "") {
$errors['create_apply_ingame_name'] = "<div class='alert alert-danger'>
<strong>Du har ikke angivet noget In-Game navn!</strong>
</div>";
} elseif (strlen($apply_ingame_name) < 2) {
$errors['create_apply_ingame_name'] = "<div class='alert alert-info'>
<strong>Dit In-Game navn skal minimum være 2 karatere</strong>
</div>";
}
if ($apply_email == "") {
$errors['create_apply_email'] = "<div class='alert alert-danger'>
<strong>Email skal udfyldes!</strong>
</div>";
} elseif (!filter_var($apply_email, FILTER_VALIDATE_EMAIL)) {
$errors['create_apply_email'] = "<div class='alert alert-info'>
<strong>Email er ugyldig</strong>
</div>";
}
if ($apply_steamID == "") {
$errors['create_apply_steamID'] = "<div class='alert alert-danger'>
<strong>Du har ikke angivet noget SteamID!</strong>
</div>";
} elseif (strlen($apply_steamID) < 18) {
$errors['create_apply_steamID'] = "<div class='alert alert-info'>
<strong>Dit SteamID ser sådan her ud STEAM_0:0:XXXXXXXX</strong>
</div>";
}
if ($apply_text == "") {
$errors['create_apply_text'] = "<div class='alert alert-danger'>
<strong>Du har ikke skrevet noget om dig selv!</strong>
</div>";
}
if (empty($errors)) {
// Send ansøning
$created = create_apply($apply_name, $apply_age, $apply_ingame_name, $apply_email, $apply_steamID, $apply_text);
if ($created) {
echo "
<div class='alert alert-info'>
<strong>Din ansøning er sendt.</strong>
</div>
";
} else {
// Ansøning kunne ikke sendes
$create_error = "Ansøningen kunne ikke sendes, SteamID eksistere i forvejen";
}
} else {
$create_error = "Der opstod en fejl, Prøv igen";
}
}
?>
<section>
<hr>
<form class="form-horizontal" enctype="multipart/form-data" id="signup" method="post" name="signup" action="?p=askforsignup">
<?php
if (isset($errors['apply_name'])) {
echo $errors['apply_name'];
}
?>
<div class="form-group">
<label class="control-label col-sm-3">Navn <span class="text-danger">*</span></label>
<div class="col-md-8 col-sm-9">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user"></i></span><input class="form-control" id="mem_name" name="apply_name" placeholder="Navn" type="text" value="" >
</div>
</div>
</div>
<?php
if (isset($errors['create_apply_age'])) {
echo $errors['create_apply_age'];
}
?>
<div class="form-group">
<label class="control-label col-sm-3">Alder <span class="text-danger">*</span></label>
<div class="col-md-8 col-sm-9">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-calendar"></i></span><input class="form-control" id="age" name="apply_age" placeholder="Alder" type="date" value="" >
</div>
</div>
</div>
<?php
if (isset($errors['create_apply_ingame_name'])) {
echo $errors['create_apply_ingame_name'];
}
?>
<div class="form-group">
<label class="control-label col-sm-3">In-Game Name <span class="text-danger">*</span></label>
<div class="col-md-8 col-sm-9">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user"></i></span><input class="form-control" id="ingame_game" name="apply_ingame_name" placeholder="In-Game Name" type="text" value="" >
</div>
</div>
</div>
<?php
if (isset($errors['create_apply_email'])) {
echo $errors['create_apply_email'];
}
?>
<div class="form-group">
<label class="control-label col-sm-3">Email <span class="text-danger">*</span></label>
<div class="col-md-8 col-sm-9">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-envelope"></i></span><input class="form-control" id="emailid" name="apply_email" placeholder="Email" type="email" value="" >
</div><small>Your Email is being used for ensuring the security of your account, authorization and access recovery.</small>
</div>
</div>
<?php
if (isset($errors['create_apply_steamID'])) {
echo $errors['create_apply_steamID'];
}
?>
<div class="form-group">
<label class="control-label col-sm-3">Steam ID <span class="text-danger">*</span></label>
<div class="col-md-5 col-sm-8">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-steam"></i></span><input class="form-control" id="contactnum" name="apply_steamID" placeholder="Steam ID" type="text" value="" >
</div>
</div>
</div>
<?php
if (isset($errors['create_apply_text'])) {
echo $errors['create_apply_text'];
}
?>
<div class="form-group">
<label class="control-label col-sm-3">Beskriv dig selv <span class="text-danger">*</span></label>
<div class="col-md-8 col-sm-9">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-id-card"></i></span>
<textarea class="form-control" rows="5" id="message" name="apply_text" placeholder="Beskriv dig selv." ></textarea>
</div><br>
<div class="col-xs-offset-8 col-xs-10 pull-right">
<input class="btn btn-primary" name="Submit" type="submit" value="Sign Up">
</div>
</div>
</div>
</form>
</section>
</div><!--/.col-sm-8-->
</div>
And this is the php code:
function create_apply($apply_name, $apply_age, $apply_ingame_name, $apply_email, $apply_steamID, $apply_text) {
global $db;
$steamID_exists = steamID_exists($apply_steamID);
if ($steamID_exists == false) {
$apply_name = mysqli_real_escape_string($db, $apply_name);
$apply_age = mysqli_real_escape_string($db, $apply_age);
$apply_ingame_name = mysqli_real_escape_string($db, $apply_ingame_name);
$apply_email = mysqli_real_escape_string($db, $apply_email);
$apply_steamID = mysqli_real_escape_string($db, $apply_steamID);
$apply_text = mysqli_real_escape_string($db, $apply_text);
$query = "INSERT INTO member_applys
(apply_name, apply_age, apply_ingame_name, apply_email, apply_steamID, apply_text, apply_date)
VALUES
('$apply_name', '$apply_age', '$apply_ingame_name', '$apply_email', '$apply_steamID', '$apply_text', NOW())";
$result = $db->query($query);
return true;
} else {
// Brugeren eksistere opret = falsk
return false;
}
}
Solved
the problem was google autocomplete was on not off
Di you be sure that your script call well the form?
I see:
....action="?p=askforsignup">
try:
....action="your_script.php">