I have a problem with date in php
even if I fill the textbox of the date , in the database I find it empty
here is my php page :
<?php
session_start();
if (!array_key_exists("user", $_SESSION)) {
header('Location: index.php');
exit;
}
require_once("Includes/db.php");
$wisherID = WishDB::getInstance()->get_wisher_id_by_name($_SESSION['user']);
$wishDescriptionIsEmpty = false;
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (array_key_exists("back", $_POST)) {
header('Location: editWishList.php');
exit;
} else
if ($_POST['wish'] == "") {
$wishDescriptionIsEmpty = true;
} else if ($_POST["wishID"] == "") {
WishDB::getInstance()->insert_wish($wisherID, $_POST["wish"], $_POST["dueDate"]);
header('Location: editWishList.php');
exit;
} else if ($_POST["wishID"] != "") {
WishDB::getInstance()->update_wish($_POST["wishID"], $_POST["wish"], $_POST["dueDate"]);
header('Location: editWishList.php');
exit;
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link type="text/css" href="jquery-ui-1.8.24.custom/css/smoothness/jquery-ui-1.8.24.custom.css" rel="stylesheet" />
<script type="text/javascript" src="jquery-ui-1.8.24.custom/js/jquery-1.8.0.min.js"></script>
<script type="text/javascript" src="jquery-ui-1.8.24.custom/js/jquery-ui-1.8.24.custom.min.js"></script>
<script type="text/javascript" src="jquery-ui-1.8.24.custom\development-bundle\ui\i18n\jquery.ui.datepicker-fr.js"></script>
<script type="text/javascript">
$(function() {
$.datepicker.setDefaults( $.datepicker.regional[ "" ] );
$( "#datepicker" ).datepicker( $.datepicker.regional[ "fr" ] );
});
</script>
</head>
<body>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST")
$wish = array("id" => $_POST["wishID"], "description" => $_POST["wish"], "due_date" => $_POST["dueDate"]);
else
if (array_key_exists("wishID", $_GET))
$wish = mysqli_fetch_array(WishDB::getInstance()->get_wish_by_wish_id($_GET["wishID"]));
else
$wish = array("id" => "", "description" => "", "due_date" => "");
?>
<form name="editWish" action="editWish.php" method="POST">
<input type="hidden" name="wishID" value="<?php echo $wish["id"]; ?>" />
<table>
<tr>
<td>Describe your wish:</td>
<td><input type="text" name="wish" value="<?php echo $wish['description']; ?>" /></td>
<td><?php if ($wishDescriptionIsEmpty) echo "Please enter description"; ?></td>
</tr>
<tr>
<td>When do you want to get it?</td>
<td><input type="text" name="due_date" id="datepicker" value="<?php echo $wish['due_date']; ?>" /></td>
</tr>
</table>
<input type="submit" name="saveWish" value="Save Changes"/>
<input type="submit" name="back" value="Back to the List"/>
</form>
je suis
</br>
</body>
</html>
and here is the coresponding method in db.php :
function insert_wish($wisherID, $description, $dueDate) {
$description = $this->real_escape_string($description);
if ($duedate == '') {
$this->query("INSERT INTO wishes (wisher_id, description)" .
" VALUES (" . $wisherID . ", '" . $description . "')");
} else
$this->query("INSERT INTO wishes (wisher_id, description, due_date)" .
" VALUES (" . $wisherID . ", '" . $description . "', '" . $dueDate . "')");
}
public function update_wish($wishID, $description, $duedate) {
$description = $this->real_escape_string($description);
if ($duedate == null) {
$this->query("UPDATE wishes SET description = '" . $description . "', due_date = NULL WHERE id = " . $wishID);
} else
$this->query("UPDATE wishes SET description = '" . $description . "', due_date = '" . $duedate . "' WHERE id = " . $wishID);
}
I use the datepicker query component for date
can you detect me the location of the error
thanks
I think you have given a wrong name to input element. Replace below
<input type="text" name="due_date" id="datepicker"
value="<?php echo $wish['due_date']; ?>" />
With
<input type="text" name="dueDate" id="datepicker"
value="<?php echo $wish['due_date']; ?>" />
You are using $_POST["dueDate"] to get date value and the name is incorrect in your markup.
Edit ::
As #simonTifo said in comment "it return me the exact date, bit in the datatabase it saves like 00-00-0000", there might be some format related issue to overcome this problem just use the date function in php. So the code suppose to be :
WishDB::getInstance()->insert_wish($wisherID, $_POST["wish"],
date('Y-m-d H:i:s', $_POST["dueDate"]));
Check that function manual and set whatever format according to your need.
Hope this will help !!
Related
i try to challenge my self but i stuck(
I try to create a php form with 2 steps confirmation:
When the user fill up the form and hit Submit, it checks all the conditions(name, pass etc.). If everything ok automatically redirecting the user.
After redirecting (to the same page) the user can check all the details again.
If they ok, hit again the submit button which redirects to the final page.
I stuck on the 2nd phase...how to redirect to the final page?
I'm very beginner so i'm curios what could be done better or any advise.
<?php
// the php code
session_start();
if ($_SERVER['REQUEST_METHOD'] == "POST") {
// setting up the variables
$title = $_POST['title'];
$fName = trim(filter_input(INPUT_POST,'fName', FILTER_SANITIZE_STRING));
$lName = trim(filter_input(INPUT_POST,'lName',FILTER_SANITIZE_STRING));
$age = intval($_POST['age']);
$_SESSION['title'] = $title;
$_SESSION['fName'] = $fName;
$_SESSION['lName'] = $lName;
$_SESSION['age'] = $age;
//checking for possible errors
if ( $fName == "" || strlen($fName) <= 2 ) {
$errorMsg1 = "<span>Provide your First name!(minimum 3 characters)</span>";
$status = false;
}
else if ( $lName == "" || strlen($lName) <= 2 ) {
$errorMsg2 = "<span>Provide your Last name!(minimum 3 characters)</span>";
$status = false;
}
else if ( $age < 18 ) {
$errorMsg3 = "<span>You must be 18 or above!</span>";
$status = false;
}
else { $status = true; }
// redirecting to done page
if ($status) {
header("Location:TEST ZONE.php?status=awaiting");
}
}
?>
<!doctype html>
<html>
<head>
<title></title>
</head>
<body>
<div id="wrapper">
<?php
if ( isset($_GET['status']) && $_GET['status'] == "awaiting" ) {
echo "<form>"
. "Check your Details!<br>"
. $_SESSION['title'] . "<br>"
. $_SESSION['fName'] . "<br>"
. $_SESSION['lName'] . "<br>"
. $_SESSION['age'] . "<br>"
// **NOW WHEN I'M in the awaiting phase, i don't know what to do(**
. "<input type='submit' name='submit'/>";
echo "</form>";
}
else { ?>
<form action="TEST ZONE.php" method="post">
<h3>Register Form </h3>
<label for="title">Title </label>
<select name="title">
<option name="mr">Mr</option>
<option name="ms">Ms</option>
</select><br><br><br>
<label for="fName">First Name</label><br>
<input type="text" name="fName" id="fName" value="<?php if (isset($fName)) { echo $fName; } ?>"><br><?php
if (isset( $errorMsg1 )) {
echo $errorMsg1;
}
?><br><br>
<label for="lName">Last Name</label><br>
<input type="text" name="lName" id="lName" value="<?php if (isset($lName)) { echo $lName; } ?>"><br><?php
if (isset( $errorMsg2 )) {
echo $errorMsg2;
}
?><br><br>
<label for="age">Age</label><br>
<input type="text" name="age" id="age" value="<?php if (isset($age)) { echo $age; }?>"><br><?php
if (isset($errorMsg3)){
echo $errorMsg3;
} ?><br><br>
<input type="submit" value="Submit"><input type="reset">
</form> <?php } ?>
</div>
</body>
</html>
Add action in your form to redirect final page.
You already have all values in session so you can access it in final page also
<?php
// the php code
session_start();
if ($_SERVER['REQUEST_METHOD'] == "POST") {
// setting up the variables
$title = $_POST['title'];
$fName = trim(filter_input(INPUT_POST,'fName', FILTER_SANITIZE_STRING));
$lName = trim(filter_input(INPUT_POST,'lName',FILTER_SANITIZE_STRING));
$age = intval($_POST['age']);
$_SESSION['title'] = $title;
$_SESSION['fName'] = $fName;
$_SESSION['lName'] = $lName;
$_SESSION['age'] = $age;
//checking for possible errors
if ( $fName == "" || strlen($fName) <= 2 ) {
$errorMsg1 = "<span>Provide your First name!(minimum 3 characters)</span>";
$status = false;
}
else if ( $lName == "" || strlen($lName) <= 2 ) {
$errorMsg2 = "<span>Provide your Last name!(minimum 3 characters)</span>";
$status = false;
}
else if ( $age < 18 ) {
$errorMsg3 = "<span>You must be 18 or above!</span>";
$status = false;
}
else { $status = true; }
// redirecting to done page
if ($status) {
header("Location:TEST ZONE.php?status=awaiting");
}
}
?>
<!doctype html>
<html>
<head>
<title></title>
</head>
<body>
<div id="wrapper">
<?php
if ( isset($_GET['status']) && $_GET['status'] == "awaiting" ) {
echo "<form action='final_page.php'>"
. "Check your Details!<br>"
. $_SESSION['title'] . "<br>"
. $_SESSION['fName'] . "<br>"
. $_SESSION['lName'] . "<br>"
. $_SESSION['age'] . "<br>"
// **NOW WHEN I'M in the awaiting phase, i don't know what to do(**
. "<input type='submit' name='submit'/>";
echo "</form>";
}
else { ?>
<form action="TEST ZONE.php" method="post">
<h3>Register Form </h3>
<label for="title">Title </label>
<select name="title">
<option name="mr">Mr</option>
<option name="ms">Ms</option>
</select><br><br><br>
<label for="fName">First Name</label><br>
<input type="text" name="fName" id="fName" value="<?php if (isset($fName)) { echo $fName; } ?>"><br><?php
if (isset( $errorMsg1 )) {
echo $errorMsg1;
}
?><br><br>
<label for="lName">Last Name</label><br>
<input type="text" name="lName" id="lName" value="<?php if (isset($lName)) { echo $lName; } ?>"><br><?php
if (isset( $errorMsg2 )) {
echo $errorMsg2;
}
?><br><br>
<label for="age">Age</label><br>
<input type="text" name="age" id="age" value="<?php if (isset($age)) { echo $age; }?>"><br><?php
if (isset($errorMsg3)){
echo $errorMsg3;
} ?><br><br>
<input type="submit" value="Submit"><input type="reset">
</form> <?php } ?>
</div>
final_page.php
<?php
session_start();
$title = $_SESSION['title'];
$fName = $_SESSION['fName'];
$lName = $_SESSION['lName'];
$age = $_SESSION['age'];
?>
I'm making a process form in PHP and I'm trying to display the feedback but it's not wanting to show. The code that I have is:
<html>
<head>
<style type="text/css">
.error{color: #FF0000;}
</style>
</head>
<body>
<h1>Customer Feedback</h1>
<p1>Please tell us what you think</p1><br><br>
<?PHP
$name = trim($_POST[fullname]);
$email = trim($_POST[email]);
$text = trim($_POST[feedback]);
?>
<form method='POST' action='<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>' >
<p1>Your name:</p1><br>
<input type="text" name="fullname" value="<?php echo $fullname; ?>" required><br><br>
<p1>Your email address:</p1><br>
<input type="text" name="email" value="<?php echo $email; ?>" required><br><br>
<p1>Your feedback:</p1><br>
<textarea rows="5" cols="50" name="feedback"><?php echo nl2br($text);?></textarea>
<textarea><?php echo $text;?></textarea><br><br>
<input type="submit" Value="Send Feedback"><br><br>
</form>
<?php
if(isset($_POST[fullname]) && $_POST[fullname] != "" && !empty($_POST[fullname])) {
echo "Hi " . $name . ".<br>";
}
else{
echo "Please enter a name....";
}
if(isset($_POST[email]) && $_POST[email] != "" && !empty($_POST[email]) {
echo "Your email is " . $email . ".<br>";
}
else{
echo "Please enter a email address.";
}
if(isset($_POST[feedback]) && $_POST[feedback] != "") {
echo "Your feedback is:" . $feedback . "<br>";
}
else{
echo "No feedback.";
}
?>
</body>
</html>
When I run the page, it shows the name, email and 'Your feedback is: ' but not the feedback that was entered into the textarea.
EDIT
I want to use the nl2br() function round the text box.
Change following line to:
echo "Your feedback is:" . $text . "<br>";
Because you've never assign a value to $feedback variable.
Your code had too many errors I have corrected it, please fin the working code below:
<html>
<head>
<style type="text/css">
.error{color: #FF0000;}
</style>
</head>
<body>
<h1>Customer Feedback</h1>
<p1>Please tell us what you think</p1><br><br>
<?PHP
$name = trim($_POST[fullname]);
$email = trim($_POST[email]);
$text = trim($_POST[feedback]);
?>
<form method='POST' action='<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>' >
<p1>Your name:</p1><br>
<input type="text" name="fullname" value="<?php echo $fullname; ?>" required><br><br>
<p1>Your email address:</p1><br>
<input type="text" name="email" value="<?php echo $email; ?>" required><br><br>
<p1>Your feedback:</p1><br>
<textarea rows="5" cols="50" name="feedback"><?php echo nl2br($text);?></textarea>
<textarea><?php echo $text;?></textarea><br><br>
<input type="submit" Value="Send Feedback"><br><br>
</form>
<?php
if(isset($_POST['fullname']) && $_POST['fullname'] != "" && !empty($_POST['fullname'])) {
echo "Hi " . $name . ".<br>";
}
else{
echo "Please enter a name....";
}
if($_POST['email'] && $_POST['email'] != "" && $_POST['email']) {
echo "Your email is " . $email . ".<br>";
}
else{
echo "Please enter a email address.";
}
if(isset($_POST['feedback']) && $_POST['feedback'] != "") {
echo "Your feedback is:" . $_POST['feedback'] . "<br>";
}
else{
echo "No feedback.";
}
?>
</body>
</html>
I am still a beginner at PHP/MYSQL and I am having difficulties inserting data into my MYSQL database. (I've originally tried using my localhost database but once i moved to an online server, everything seems to stop working.)
Right now, as soon as i submit the data from my index.php page.. it only refreshes the page and doesn't add any data.
However, when I go to submit.php, everything works fine and it adds an empty set of data to my results.php.
My codes are as follows. Any help will be greatly appreciated. Thank you!
Index.php
<html>
<head>
<title>POST variables</title>
<link rel="stylesheet" type="text/css" href="css/style.css" media="all">
</head>
<body>
<?php
$con = mysqli_connect('localhost', 'anas12_test', 'a1b2c3d4', 'anas12_test');
if (!$con) {
die('Connect Error (' . mysqli_connect_errno() . ') '
. mysqli_connect_error());
}
echo '<div class="container">
<form id="profiles">
<div class="header">
<h3>Hello there!</h3>
<p>We want to know more about you! Share a few interesting details about yourself using the form below!</p>
</div>
<div class="sep"></div>
<div class="inputs">
<form action="submit.php" method="post">
<input id="name" name="name" placeholder="Full Name" required="" autofocus="" autocomplete="on" type="text">
<input id="email" name="email" placeholder="Email Address" required="" autofocus="" autocomplete="on" type="text">
<input id="colour" name="colour" placeholder="Favourite Colour" required="" autofocus="" autocomplete="on" type="text">
<input id="music" name="music" placeholder="Favourite Song" required="" autofocus="" autocomplete="on" type="text">
<input id="superpower" name="superpower" placeholder="If you had a superhero ability, what would it be?" required="" autofocus="" autocomplete="on" type="text">
<button id="submit" type="submit"name="submit" value="added">Submit!</button>
</form> </div>
</div>';
?>
</body>
</html>
Submit.php
$con = mysqli_connect('localhost', 'anas12_test', 'a1b2c3d4', 'anas12_test');
if(isset($_POST["name"])){
$name = $_POST["name"];
} else {
$name = "";
}
if(isset($_POST["email"])){
$email = $_POST["email"];
} else {
$email = "";
}
if(isset($_POST["colour"])){
$colour = $_POST["colour"];
} else {
$colour = "";
}
if(isset($_POST["music"])){
$music = $_POST["music"];
} else {
$music = "";
}
if(isset($_POST["superpower"])){
$superpower = $_POST["superpower"];
} else {
$superpower = "";
}
$sql = "INSERT INTO profiles (name, email, colour, music, superpower) VALUES ('$name', '$email', '$colour', '$music', '$superpower')";
if(mysqli_query($con, $sql)){
header ('location: results.php'.$query_string);
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($con);
}
if($name !== "" && $email !== "" && $colour !== "" && $music !== "" && $superpower !== "") {
$query_string = '?name=' . $name.'&email='.$email.'&colour='.$colour.'&music='.$music.'&superpower='.$superpower;
header('HTTP/1.1 303 See Other');
header ('location: results.php'.$query_string);
}
?>
And my results page.
<html>
<head>
<title>POST Success</title>
</head>
<body>
<?php
$con = mysqli_connect('localhost', 'anas12_test', 'a1b2c3d4', 'anas12_test');
if(isset($_GET["name"])){
$name = $_GET["name"];
} else {
$name = "no name";
}
if(isset($_GET["email"])){
$email = $_GET["email"];
} else {
$email = "no email";
}
if(isset($_GET["colour"])){
$colour = $_GET["colour"];
} else {
$colour = "no colour:";
}
if(isset($_GET["music"])){
$music = $_GET["music"];
} else {
$music = "music";
}
if(isset($_GET["superpower"])){
$superpower = $_GET["superpower"];
} else {
$superpower = "superpower";
}
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con, "SELECT * FROM profiles");
echo "<div style='border:solid 1px #ccc;padding:10px;float:left;margin-top:10px;'>";
echo "<table border='1'> <tr> <th>Name</th> <th>Email</th> <th>Favourite Colour</th>
<th>Favourite Music</th>
<th>Superhero Ability</th>
</tr>";
while ($row = mysqli_fetch_array($result)) {
echo "<tr>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['email'] . "</td>";
echo "<td>" . $row['colour'] . "</td>";
echo "<td>" . $row['music'] . "</td>";
echo "<td>" . $row['superpower'] . "</td>";
echo "</tr>";}
echo "</table>";
echo "</div>";
mysqli_close($con);
?>
</body>
</html>
Your form has no action, so it'll submit the form to the URL you loaded the page from, which will be index.php.
You need this:
<form id="profiles" action="Submit.php" method="POST">
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Note the method portion as well - with no method, forms default to using GET
Be careful you have two form in your index.php.
<form id="profiles">
and
<form action="submit.php" method="post">
I think the first one is useless.
I'm busy studying a book on php and they have an exercise on deleting records from a database. The issue I am having is deleting the image that is associated with the database entry. I have a defined constant of:
define(GW_UPLOADPATH, 'images/')
in a file called appvars.php. Here is the remove.php
<?php
require_once 'authorize.php';
?>
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<?php
require_once 'appvars.php';
require_once 'connectionvars.php';
if(isset($_GET['id']) && isset($_GET['name']) && isset($_GET['score']) && isset($_GET['date'])
&& isset($_GET['screenshot'])){
$id = $_GET['id'];
$name = $_GET['name'];
$score = $_GET['score'];
$date = $_GET['date'];
$screenshot = $_GET['screenshot'];
} else if(isset($_POST['id']) && isset($_POST['name']) && isset($_POST['score']) && isset($_POST['date'])){
$id = $_POST['id'];
$name = $_POST['name'];
$score = $_POST['score'];
$date = $_POST['date'];
} else {
echo 'No record selected';
}
if(isset($_POST['submit'])){
if(($_POST['confirm'] == 'Yes') && is_file(GW_UPLOADPATH.$screenshot)){
unlink(trim(GW_UPLOADPATH.$screenshot));
$query = "DELETE from guitarwars where id = $id limit 1";
mysqli_query($dbc, $query);
mysqli_close($dbc);
echo '<p class="error">The score of ' . $score . ' for' . $name . ' was successfully deleted</p>';
} else {
echo '<p class="error">Error removing record</p>';
}
}
else if(isset ($id) && isset($name) && isset($date) && isset($score) && isset($screenshot)){
echo '<p>Are you sure you want to delete the following high score?</p>';
echo '<p>Name: ' . $name . '<br />Date: ' . $date . '<br />Score: ' . $score . '<br />'
. 'PATH:' . GW_UPLOADPATH.$screenshot. '</p>' ;
echo '<form method="POST" action="remove.php">';
echo '<input type="radio" name="confirm" value="Yes" />Yes<br />';
echo '<input type="radio" name="confirm" value="No" checked="checked" />No<br />';
echo '<input type="submit" name="submit" value="Submit">';
echo '<input type="hidden" name="id" value="' . $id . '">';
echo '<input type="hidden" name="name" value="' . $name . '">';
echo '<input type="hidden" name="date" value="' . $date . '">';
echo '<input type="hidden" name="score" value="' . $score . '">';
echo '</form>';
}
echo '<p>Back to Admin page</p>';
?>
</body>
</html>
the database removes the entry 100% but i get an error that image is a directory. if you view the html it reports the path as images/imageName.gif
The is_file() I added to try figure out what is going on and as a result I now get my assigned error message "Error removing record". So what I think, its not seeing my imageName.gif as a file. not sure how else to remove the file, the book pacifically uses unlink.
Any guidance is greatly appreciated
ADDED: addscore.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Guitar Wars - Add Your High Score</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Guitar Wars - Add Your High Score</h2>
<?php
require_once 'appvars.php';
require_once 'connectionvars.php';
if (isset($_POST['submit'])) {
// Grab the score data from the POST
$name = $_POST['name'];
$score = $_POST['score'];
$screenshot = $_FILES['screenshot']['name'];
$screenshot_type = $_FILES['screenshot']['type'];
$screenshot_size = $_FILES['screenshot']['size'];
if (!empty($name) && !empty($score) && !empty($screenshot)) {
if((($screenshot_type == 'image/gif') || ($screenshot_type == 'image/jpeg') || ($screenshot_type == 'image/pjpeg')
|| ($screenshot_type == 'image/png')) && (($screenshot_size > 0) && ($screenshot_size <= GW_MAXUPLOADSIZE))){
$target = GW_UPLOADPATH.$screenshot;
if(move_uploaded_file($_FILES['screenshot']['tmp_name'], $target)){
// Write the data to the database
$query = "INSERT INTO guitarwars VALUES (0, NOW(), '$name', '$score', '$screenshot')";
mysqli_query($dbc, $query) or die('Error inserting data: ' . mysqli_error($dbc));
// Confirm success with the user
echo '<p>Thanks for adding your new high score!</p>';
echo '<p><strong>Name:</strong> ' . $name . '<br />';
echo '<strong>Score:</strong> ' . $score . '<br />';
echo '<img src="' . GW_UPLOADPATH.$screenshot . '" alt="screenshot image" /></p>';
echo '<p><< Back to high scores</p>';
// Clear the score data to clear the form
$name = "";
$score = "";
mysqli_close($dbc);
}
} else {
echo '<p class="error">Please ensure image file is corrent format and less than ' . (GW_MAXUPLOADSIZE / 1024) .
'Kb</p>';
}
#unlink($_FILES['screenshot']['tmp_name']);
}
else {
echo '<p class="error">Please enter all of the information to add your high score.</p>';
}
}
?>
<hr />
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="MAX_FILE_SIZE" value="32768"/>
<label for="name">Name:</label>
<input type="text" id="name" name="name" value="<?php if (!empty($name)) echo $name; ?>" /><br />
<label for="score">Score:</label>
<input type="text" id="score" name="score" value="<?php if (!empty($score)) echo $score; ?>" /><br />
<label for="screenshot">Screen Shot:</label>
<input type="file" id="screenshot" name="screenshot" />
<hr />
<input type="submit" value="Add" name="submit" />
</form>
</body>
</html>
I think the issue is that $screenshot is undefined...
Simplifying the code a bit, you have:
if(isset($_GET['screenshot'])) {
$screenshot = $_GET['screenshot'];
} else if(isset($POST['id')) {
}
if(isset($_POST['submit'])){
if(($_POST['confirm'] == 'Yes') && is_file(GW_UPLOADPATH.$screenshot)){
So... assuming you aren't doing something really weird, a request will either be a GET request, or a POST request. You only set $screenshot if it's a GET request, but you are checking is_file only on a POST request. So you are checking is_file("images/") and it is (correctly) telling you it is a directory.
Try this:
else if(isset($_POST['id']) && isset($_POST['name']) && isset($_POST['score']) && isset($_POST['date']) && isset($_POST['screenshot'])){
$id = $_POST['id'];
$name = $_POST['name'];
$score = $_POST['score'];
$date = $_POST['date'];
$screenshot = $_POST['screenshot']; //<-- add this line
}
...
echo '<form method="POST" action="remove.php">';
echo '<input type="radio" name="confirm" value="Yes" />Yes<br />';
echo '<input type="radio" name="confirm" value="No" checked="checked" />No<br />';
echo '<input type="hidden" name="screenshot" value="$screenshot" />'; //<-- add this line
<?php $prev_path = "./../../."; $dont_redirect = true; require_once "${prev_path}./config.php";
session_start();
function http_digest_parse($txt){
$needed_parts = array("nonce"=>1, "nc"=>1, "cnonce"=>1, "qop"=>1, "username"=>1, "uri"=>1, "response"=>1);
$data = array();
$keys = implode("|", array_keys($needed_parts));
preg_match_all("#(" . $keys . ")=(?:(['\"])([^\\2]+?)\\2|([^\s,]+))#", $txt, $matches, PREG_SET_ORDER);
foreach ($matches as $m) {
$data[$m[1]] = $m[3] ? $m[3] : $m[4];
unset($needed_parts[$m[1]]);
}
return $needed_parts ? false : $data;
}
if($_REQUEST["task"] == "logout") {
unset($_SESSION["KEY"]);
unset($_SESSION["SUCCESS"]);
unset($_SERVER["PHP_AUTH_DIGEST"]);
}
if (!isset($_SESSION["SUCCESS"])){
$_SESSION["KEY"] = $_SESSION["KEY"] ? $_SESSION["KEY"] : uniqid();
$realm = "Restricted area, KEY: " . $_SESSION["KEY"];
$users = array("user" => "pass", "google" => "stackoveflow");
header("HTTP/1.1 401 Unauthorized");
header("WWW-Authenticate: Digest realm=\"" . $realm . "\",qop=\"auth\",nonce=\"" . uniqid() . "\",opaque=\"" . md5($realm) . "\"");
echo "Hello Guest, you are not permitted to view this page..";
if (!($data = http_digest_parse($_SERVER["PHP_AUTH_DIGEST"])) || !isset($users[$data["username"]])) {
unset($_SESSION["SUCCESS"]);
die("Incorrect Username!");
}
$A1 = md5($data["username"] . ":" . $realm . ":" . $users[$data["username"]]);
$A2 = md5($_SERVER["REQUEST_METHOD"].":".$data["uri"]);
$valid_response = md5($A1.":".$data["nonce"].":".$data["nc"].":".$data["cnonce"].":".$data["qop"].":".$A2);
if ($data["response"] != $valid_response) {
unset($_SESSION["SUCCESS"]);
die("Incorect Password!");
}
$_SESSION["SUCCESS"] = true;
} else {
if($_REQUEST["task"]=="newItem") {
sql("INSERT INTO ITEM VALUES('','${_REQUEST["code"]}','${_REQUEST["pic"]}','${_REQUEST["size"]}','${_REQUEST["description"]}','${_REQUEST["retail"]}','','${_REQUEST["instock"]}','1')", 0);
}
?>
<!doctype html>
<html>
<head>
<title></title>
<head>
<body><?print_r($_REQUEST)?>
<fieldset>
<legend>Create one new shop item:</legend>
<form action="./?task=newItem" method="GET">
<table>
<tr><td>Pic:</td><td><input id="pic" /></td></tr>
<tr><td>Code:</td><td><input id="code" /></td></tr>
<tr><td>Description:</td><td><textarea id="description"></textarea></td></tr>
<tr><td>Retail:</td><td><input id="retail" /></td></tr>
<tr><td>In Stock:</td><td><input id="instock" /></td></tr>
<tr><td></td><td><input type="submit" /></td></tr>
</table>
</form>
</feildset>
</body>
</html>
<?}?>
The Login sort-of works but the form never works.. and fixes for both would be nice.
You'll have to include the "name" and "type" attributes in your form fields.
<input name="code" id="code" type="text" />