<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL);
session_start();
if(!isset($_SESSION['user_id'])){
header('Location: login.php');
exit();
}
include('includes/db_connect.php');
$userid = $_SESSION['user_id'];
$sql = ("SELECT file_id FROM files WHERE user_id='$userid'");
$query = $db->query($sql);
if($query->num_rows ===1){
echo "Sorry you have already uploaded a file, to delete the current file and upload another please select retieve file from the homepage";
}else{
echo "you can upload a file";
}
?>
The above checks to see if the user has uploaded a file. It does this by seeing if their is a file with their user id. some reason the page is just blank when loaded.
include just hold the connection string
been looking at this for ages, help would be appreciated, thank you in advance
This line has a syntax error:
echo "Sorry you have already uploaded a file, to delete the current file and upload another please select retieve file from the homepage";
If you define a string with double quotes ("), you must escape all double quotes contained in the string.
Replace it with this:
echo "Sorry you have already uploaded a file, to delete the current file and upload another please select retieve file from the homepage";
Related
I want to make profile upload image for users so they can upload their own avatars on their profile...So the issue here is whenever i click the upload button session gets destroyed.
Here is the form:
if(isset($_SESSION['profileimgID'])){
echo "<form action='upload.php' method='POST' enctype='multipart/form-data'>
<input type='file' name='file'>
<button type='submit' name='uploadimgsubmt' class='button1'>upload</button></form>";
}
?>
partial code of upload.php file:
<?php
session_start();
include_once 'includes/dbh.inc.php';
$id = $_SESSION['profileimgID'];
if(isset($_POST['uploadimgsubmt'])){
**code code code**
if($fileError === 0){
if($filesize < 1000000){
$fileNameNew = "profile".$id.".".$fileActualExt;
$fileDestination = 'uploads/'.$fileNameNew;
move_uploaded_file($filetmpname, $fileDestination);
$sql = "UPDATE profileimg SET STATUS=0 WHERE userid='$id';";
$result = mysqli_query($conn, $sql);
header("Location: index.php?upload=success");
}
}
**code code code**
Code if user is successfully logged in, inside loginCheck.php:
session_start();
$_SESSION['userID'] = $row['idusers'];
$_SESSION['username'] = $row['uidusers'];
$cmpor = $row['idusers'];
$sql = "SELECT * FROM profileimg WHERE id";
$result = mysqli_query($conn, $sql);
while($row = mysqli_fetch_assoc($result)){
if($row['id'] == $cmpor){
$_SESSION['profileimgID'] = $row['id'];
}
}
header("Location: ../index.php?login=success");
exit();
}
And the last code section that is related to the problem is located to index.php:
<?php
session_start();
include_once 'includes/dbh.inc.php';
?>
**code code**
<?php
if(isset($_SESSION['profileimgID'])){
echo 'Show this content';
}else{
echo 'Show this content';
}
?>
**code code**
If i remove the 'profileimgID' to nothing ('') everything works fine but isset method doesnt hide-show the content.
If i keep it as it's isset method works fine but upload button destroys the session and user is logged out.
print_r($_SESSION) results in both index.php and upload.php if user is successfully logged in:
for user #2
Array ( [userID] => 2 [username] => popa [profileimgID] => 2 )
I checked the console for requests , when i click the upload button i get this message:
Form contains a file input,
but is missing method=POST and
enctype=multipart/form-data on the form.
The file will not be sent.
This part (isset($_SESSION['profileimgID'])) is interfering somehow with this process. When i remove it, session is maintained and it works fine upload works too.
UPDATE:
this is what i get when i click the upload-button:
https://i.stack.imgur.com/So7OD.png
this is i guess the right one ?:
https://i.stack.imgur.com/HcBqz.png
Im new to php so... sorry for my mistakes.
Exactly how are you maintaining the session-identifier now? "Sessions" rely upon a "session-id" being somehow sent from the client to the host with each exchange: normally, this is done using a cookie, but it could be done using a GET parameter (e.g. &sessionid=XXXX) It sounds to me like this information isn't being sent: the session hasn't been "destroyed," actually, but you can't find it.
Probably the fastest way to solve this is to use the network debugging features of your browser: look at the complete packet of data that's being sent, including the HTML headers (which is where cookies will be). First, look at "normal" exchanges. Then, look at the one that happens when you click that button. "Cookies" will be sent every time since they live in the header. But, if you're actually using a GET parameter to send the session-info, you'll have to do it.
Found the problem it seems like i didnt close the form on the index isset condition where logout form was located, my bad because i didnt show u guys the code :D so the problem was </form> ... pff sorry
Lesson of the day , guys always close ur </...> :)
Ok, I'm confused. I have some code that searches a database table for a username, and then uses an if else statement to run some code depending on if the user is found or not. My code is below. The problem is that the code isn't even seeing the if else statement, and I have no idea why. Any help is appreciated.
$sqluser = "select * from users where username='" . $user ."'"; //Searching to see if the user is in the database
echo $sqluser . "<br><br>"; //writes out the select statement to make sure it is correct
$query = mssql_query($sqluser); //returns the results
$num_rows = mssql_num_rows($query); //gets the number of rows returned
echo $num_rows; //writes out the number of rows
if ($num_rows==0) //determines what happens next if the user exists or not
{
//displays an error box if the user doesn't exist
echo "<script type=text/javascript>";
echo "alert('That user doesn't exist. Please try again.')";
echo "</script>";
}
else
{
//will be code to run if the user does exist
echo "<script type=text/javascript>alert('Testing.')</script>";
}
I couldn't add a comment. So I will write this as an answer instead.
Since you state that the alert JavaScript is showing in the page source, this mean that the IF/ELSE statement in PHP is working fine. The problem is with the single quote. You have a single quote inside a single quoted alert function. Hence the JavaScript alert function cannot be executed.
echo "alert('That user doesn't exist. Please try again.')";
Try using this instead
echo "alert('That user doesn\'t exist. Please try again.');";
if(isset($_POST['submit']) and isset($_GET['slider_id']))
{
$date=date('Y-m-j');
$imgName=$_FILES['image']['name'];
$cont=file_get_contents($imgName);
$cont=addslashes($cont);
if($imgName=="")
{
//$imgData =addslashes(file_get_contents($_FILES['image']['name']));
$res=mysqli_query($connect,'UPDATE `slider_images` SET `image`=\''.$cont.'\' WHERE id=\''.$_GET['slider_id'].'\'');
if($res)
{
echo "Updated";
}
else
{
echo "Not Updated";
}
}
}
Not understanding the real issue behind this and i have refereed many solution's but no success in that.All solution's i found they tell to store images in folder and store the file name in database table.Reason behind storing images in database is, only 4 images are to be stored, so why not to store them in database. Please guide me through this issue. Following is the issue i am talking about.
Warning Message
Thank's in advance.
$_FILES['file']['name'] is the original name of the uploaded file from the user's computer.
$_FILES['file']['tmp_name'] will contain the temporary file name of the file on the server. This is just a temporary placeholder until you process the file.
So you should access the file like this:
$cont=file_get_contents($_FILES['image']['tmp_name']);
Sidenote: Instead of if($res){ ... } use mysqli_affected_rows() to get number of rows affected by this UPDATE query, like this:
mysqli_query($connect,"UPDATE `slider_images` SET `image`='".$cont."' WHERE id='".$_GET['slider_id']."'");
if(mysqli_affected_rows($connect)){
echo "Updated";
}else{
echo "Not Updated";
}
Here's the reference:
mysqli_affected_rows()
i have problem with my code and unlink function
here my code
if(isset($_GET['delimg'])){
$id= $_GET['delimg'];
$sql = "delete from images_img where id='$id'";
$res=mysqli_query($con,$sql);
$getname="select * from images_img";
$res2=mysqli_query($con,$getname);
$image=mysqli_fetch_array($res2);
$image1=$image['image_url'];
$image2=$image['image_url_big'];
unlink('../../images/photo'.$image1);
unlink('../../images/photo'.$image2);
}
when i run my delete.php in the database the images deleted just fine
but the unlink function don't work and don't delete anything from the path and no error shows !
my thought that the select way return empty value ! as i use
this $image=mysqli_fetch_array($res2); to select the images name
so any error with my code please ?
UPDATE ::
i'm sure that the delete excuted before selecting the data for name to delete >>
so how i would arraying the order ?
UPDATE 2 :::
this is the upload code
$nameimg=$_FILES['image']['name'];
$tmp=$_FILES['image']['tmp_name'];
$type=$_FILES['image']['type'];
$size=$_FILES['image']['size'];
$dir="/images/photo/";
if($_POST['upload']){
if(!empty($nameimg)){
if(in_array($type,array('image/png','image/jpg','image/gif','image/jpeg'))){
if(filesize($tmp) <= 20242880){
move_uploaded_file($tmp,$dir.$nameimg) ;
$done ="done";
}
else {$errorsize= "it's bigger than the allowed size";}
}
else {
$errortype= "the file not image,please choose image to upload";
}
}
if(empty($nameimg)){$errorchoose= "no file choosen,please choose file";}
}
echo "<meta http-equiv='refresh' content='5;url=../../admin.php#ajax/add_img.php'>";
?>
check with file exists function like below also enable php errors
error_reporting(E_ALL);
ini_set('display_errors', 1);
$imgPath = ''../../images/photo'.$image1';
if (file_exists($imgPath)) {
unlink($imgPath);
} else {
echo "not exists";
}
ooh it's worked finally !!!
the all problem .. all time we have spend it was for nothing !
from first time and my first code it was work just fine and every code i have given by you guys it was worked .. but just we all [except "Parasad"] forgot [/] after "photo" !!!!!!! to be like this
unlink('../../images/photo/'.$image1)
not like this
unlink('../../images/photo'.$image1)
really i make you guys work hard to try slove my problem and i take your time
so million huge thanks to all of you specially [WordpressCoder] .. thanks a lot
Copy this code and tell me whether it is working or not?
if(isset($_GET['delimg'])){
$id= $_GET['delimg'];
$getname="select * from images_img where id='$id'";
$res2=mysqli_query($con,$getname);
$image=mysqli_fetch_array($res2);
$image1=$image['image_url'];
$image2=$image['image_url_big'];
$sql = "delete from images_img where id='$id'";
$res=mysqli_query($con,$sql);
unlink('../../images/photo/'.$image1);
unlink('../../images/photo/'.$image2);
}
if(isset($_GET['delimg'])){
$id= $_GET['delimg'];
$sql = "delete from images_img where id='$id'";
$res=mysqli_query($con,$sql);
$getname="select * from images_hair";
$res2=mysqli_query($con,$getname);
$image=mysqli_fetch_array($res2);
$image1=$image['image_url'];
$image2=$image['image_url_big'];
unlink('../../images/photo/'.$image1);//check your url
unlink('../../images/photo/'.$image2);//check your url
}
I am building a profile pictures system and for some reason my table doesn't seem to be working with the MYSQL UPDATE query. Below you should just select your image and click upload, it moves the image to the folder but not the directory to the database.
Help please:
if (file_exists("userdata/profile_pics/".#$_FILES["profilepic"]["name"]))
{
echo #$_FILES["profilepic"]["name"]." Already exists";
}
else
{
move_uploaded_file(#$_FILES["profilepic"]["tmp_name"],"userdata/profile_pics/".$_FILES["profilepic"]["name"]);
echo "Uploaded and stored in: userdata/profile_pics/".#$_FILES["profilepic"]["name"];
$profile_pic_name = #$_FILES["profilepic"]["name"];
$profile_pic_query = mysql_query("UPDATE users SET profile_pic='$profile_pic_name' WHERE username={$_SESSION['user_login']}");
}
}
else
{
echo "Invailid File! Your image must be no larger than 1MB and it must be either a .jpg, .jpeg, .png or .gif";
}
}
Try this: add quote to the username variable
$username = $_SESSION['user_login'];
"...WHERE username='$username'";
try session variable put into quotes username='".$_SESSION['user_login']."'