I'm using this form to add the title,link of the image and the text of the article to the database.
I'm using type="text" for the image link,now,it's getting borring to upload an image on a external image upload service and copy the link.
I want to upload the image with this for and store THE LINK of the image in the database.
The form:
<?php if (!$_POST["go"]){ ?>
<form method="post" action="">
<input name="article_title" type="text">
<input name="article_image_url" type="text"> <!-- i want here type="file" -->
<textarea name="article_text"></textarea>
<input type="submit" name="go" value="Submit">
</form>
<?php
} else {
$date=date("Y.m.d");
$title = $_POST["article_title"];
$image_url = $_POST["article_image_url"];
$text = $_POST["text"];
$sql="INSERT INTO articles (title,image_url,text,date) VALUES ('$title', '$image_url', '$text', '$date')";
if (mysql_query($sql)){
echo "done";}
else {echo "error<br>" . mysql_error();}}
?>
Please help me with this :)
ps:sorry for my English :$
The first thing you should do, and it seems you are clueless about SQL escaping, is add following before you access the first $_POST var:
$_POST = array_map("mysql_real_escape_string", $_POST);
Then you seemingly want to use a file upload for the image. If so change the url field to:
<input type=file name=image>
This uploaded file will show up in $_FILES. Use it like this, preferrably after you've read the other fields from $_POST:
if ($img = $_FILES["image"]["tmp_name"]) {
$image_url = md5_file($img) . ".jpeg";
move_uploaded_file($img, "./upload/$image_url");
$image_url = "http://www.example.org/where/$image_url";
}
There are lot's of security concerns with that. But that's out of scope here, so I hardwired it to .jpeg. There's lots of information in the manual and its comments: http://de2.php.net/manual/en/features.file-upload.php
Related
Im attempting to allows users to choose from a simple set of 4 avatars that they can use as their profile picture.
I've tried using:
<input type="image" class="profile-image-icon" src="img/avatar/avatar1.png" name="image" id="image">
But I finally found that using input type="image" is only for using an image as a submit button.
The avatars in question are already in my img/avatar folder, which I then only want to store the image path in the database.
I have echoed any error messages on changeProfile.php, which is returning "Nothing getting through" so I know it is an issue with my form, but I am unsure how to proceed.
Is there anyway to allow the user to simply click on the image and it 'POSTS' to changeProfile.php where I can then retrieve the file path to store in my database?
Thanks for any help provided!
edit_profile_image.php
<form class="profile-image-form" method="POST" action="profileChanged.php">
<fieldset>
<div class="image-control">
<input type="image" class="profile-image-icon"src="img/avatar/avatar1.png" name="image" id="image">
</div>
<?php echo "<input type='text' class='form-control' id='studentNumber' name='studentNumber' value='$studentID'>"; ?>
</fieldset>
</form>
changeProfile.php
if (isset($_POST['image'])) {
$image = mysqli_real_escape_string($conn, $_POST['image']);
$studentNumber = mysqli_real_escape_string($conn, $_POST['studentNumber']);
} else {
echo "Nothing coming thorugh";
}
Good Day.
So i am struggling with inserting a blob into a mySQL DB that is being sent from a form. in any case it fails on insert and i receive this screen when i use the var_dump to view the $sql variable.
My final point of this is to insert a file of any type into the db, regardless of size. Please note that i am trying to do be able to do this with any file type (zip, docx or otherwise).
here is my form
<form name="frmImage" enctype="multipart/form-data" action="upload.php"method="post" >
<label>Upload File:</label><br />
<input autocomplete="off" type="text" id="notes" style="width:50%" name="notes" placeholder="Write Something about this upload">
<input id="myfile" name="myfile" type="file"/>
<button style="width:20%" id="sendFile" name="sendFile" type="sendFile" value="sendFile">Submit</button>
</form>
and here is the PHP script that handles the input from the form.
<?php
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 'On'); //On or Off
session_start();
require_once('connect.php');
if (isset($_POST['sendFile'])) {
$imgData = ($_FILES['myfile']['tmp_name']);
$imageProperties = getimageSize($_FILES['myfile']['tmp_name']);
$notes = mysqli_real_escape_string($connection,$_POST['notes']);
$email = mysqli_real_escape_string($connection, $_SESSION['email']);
$comentity = mysqli_real_escape_string($connection,$_SESSION['entityname']);
$file_size = $_FILES['myfile']['size'];
$sql = "INSERT INTO `supportcontent` (`sentity`,`scontentdata`, `scontentnotes`, `suseremail`, `stype`,`ssize`)
VALUES('$comentity', '".file_get_contents($imgData)."','$notes','$email','{$imageProperties['mime']}','$file_size')";
var_dump($sql);
$current_id = mysqli_query($connection, $sql)
or die("<b>Error:</b> Problem on Image Insert<br/>" . mysqli_error($connection));
if (isset($current_id)) {
header("Location: landingpage.php?upload=success");
}
exit();
}
else{
echo 'pedestrian';
}
?>
So i am not sure whats wront, i am aware the issue is happening in my insert, but i am not exactly sure what could be causing it.
You might want to try the base64_encode function according to this answer: Error in SQL syntax when trying to upload image to BLOB field
I had the same issue once but this code worked fine on me:
Remember to change the column that stores the file to longblob
I have an html form that is used to upload text files:
<div class="form">
<h3>Upload File:</h3>
<form action="networkSelector.php" method="post" enctype="multipart/form-data" name="FileUploadForm" id="FileUploadForm">
<label for="UploadFileField"></label>
<input type="file" name="UploadFileField" id="UploadFileField" />
<input type="submit" name="UploadButton" id="UploadButton" value="Upload" />
</form>
</div>
The php portion of the code for the form:
<?php
require('db.php');
include("auth.php");
if(isset($_FILES['UploadFileField'])){
// Creates the Variables needed to upload the file
$UploadName = $_FILES['UploadFileField']['name'];
$UploadName = mt_rand(100000, 999999).$UploadName;
$UploadTmp = $_FILES['UploadFileField']['tmp_name'];
$UploadType = $_FILES['UploadFileField']['type'];
$FileSize = $_FILES['UploadFileField']['size'];
// Removes Unwanted Spaces and characters from the files names of the files being uploaded
$UploadName = preg_replace("#[^a-z0-9.]#i", "", $UploadName);
// Upload File Size Limit
if(($FileSize > 125000)){
die("Error - File too Big");
}
// Checks a File has been Selected and Uploads them into a Directory on your Server
if(!$UploadTmp){
die("No File Selected, Please Upload Again");
}else{
move_uploaded_file($UploadTmp, "C:/xampp/htdocs/meg/$UploadName");
}
}
?>
It works great and as seen in the 'move_upload_file command it puts them directly into that directory.
However what I am trying to achieve is to upload these files with this form and then to add it to another form that is on the same page.
Here is an example of my other form:
<form action="networkCompiler.php" method="POST">
<h3>Choose Network/Function:</h3>
<select id ="network" name="network" />
<option value="networkA">A</option>
<option value="networkB">B</option>
</select>
So ideally if I upload networkC on the first form, I want it to then display on the second form. I am using PHP primarily on this project and was attempting to find a solution in that language. So far I have tried saving the file upload as a variable and then adding that to the bottom of the form.
<?php
if (isset($_POST['UploadButton'])) {
if (is_uploaded_file($_FILES['UploadFileField']['tmp_name'])) {
$trying = $_POST['FileUploadForm'];
}
}
?>
Any input would be appreciated. Thank you.
Use file_get_contents():
<?php
if(your_condition)
echo '<option value="the_value_you_want">' . file_get_contents('path_of_uploaded_file') . '</option>';
?>
My teacher,he was uploading and retrieving images from folder with ID recognition. It works with database.
So, when we upload an image, it will be stored in a folder with it's name changing automatically with ID.
Example: The upload form must be on "yourwebsite.com/yourpages/3144242" so the image will be stored as "3144242" and blablabla the same for other pages with ID
This is how he upload and retrieve it
<?php
$ff = './assets/images/kegiatan/'.$_SESSION['idkeg'].'.jpg';
if( file_exists( $ff ) ) {
<img src="<?= base_url()?>assets/images/kegiatan/<?=$_SESSION['idkeg']?>.jpg" />
<?php
}
?>
Retrieve images part:
if( file_exists( $ff ) ) {
<img src="<?= base_url()?>assets/images/kegiatan/<?=$_SESSION['idkeg']?>.jpg" />
<?php
}
?>
However, I change it a bit so I don't have to use a database and $_SESSION things. With this:
<?php
$ff = './assets/images/kegiatan/'.$this->input->post('img_name').'.jpg';
?>
<form id="form" class="kart" action="<?= base_url()?>gallery/upload2" method="post" enctype="multipart/form-data">
<div class="form-group">
<input type="text" class="form-control" name="img_name" required="required">
</div>
<div class="form-group">
<input type="file" class="form-control" name="foto">
</div>
<div class="form-group">
<button type="submit" class="btn btn-common" value="Update"><i class="fa fa-upload fa-2x"> Upload</i></button>
</div>
</form>
It works uploading images into folder "kegiatan" (means activity) with simply write the names of images in a form. The img_name that you have input, now become the name of that image.
Now I have a little problem to retrieve that images. How?
mistake in your form I realized is asking user to enter image name and get image from folder by using that input value.
First of all, I haven't tried upload an image with codeigniter but I will answer reference to php itself.
When we get an image as input from user by form, then we use "move_uploaded_file" function in php and we send temp_file, path with file name arguments to this function to save the file user selected in the form we prepared.
move_uploaded_file(string $filename , string $target);
// $filename: I use $_FILES['getFileUpload']['tmp_name'] for this argument
// $target: I define path with file name, eg: uploads/files/new_file_25.jpg for jpg image
So, you souldn't ask user to enter file name, because you will deifne it. Or, you must use "img_name" that you asked user to enter as file name which is most probably won't satisfy your ID prediction.
I hope this will help you.
I'm trying to post form data through ajax
form1.php
I use request to get all URL parameter data
$_REQUEST["Ename"];
$_REQUEST["eImg"];
To upload the image,i use this code http://www.9lessons.info/2011/08/ajax-image-upload-without-refreshing.html
In the above link,you can see the source code,in the place of $_FILES['photoimg']['name'];,i use $_FILES['image']['name']; but it is not uploading the file and giving success message.
include('db.php');
session_start();
$session_id='1'; // User session id
$path = "uploads/";
I removed script that is marked with **
$valid_formats = array("jpg", "png", "gif", "bmp","jpeg");
**if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST")
{**
$name = $_FILES['image']['name'];
$size = $_FILES['image']['size'];
if(strlen($name)) {
list($txt, $ext) = explode(".", $name);
if(in_array($ext,$valid_formats)) {
if($size<(1024*1024)) { // Image size max 1 Mb
$actual_image_name = time().$session_id.".".$ext;
$tmp = $_FILES['image']['tmp_name'];
if(move_uploaded_file($tmp, $path.$actual_image_name)) {
mysql_query("UPDATE users SET profile_image='$actual_image_name' WHERE uid='$session_id'");
echo "<img src='uploads/".$actual_image_name."' class='preview'>";
} else {
echo "failed";
}
} else {
echo "Image file size max 1 MB";
}
} else {
echo "Invalid file format..";
}
} **else {
echo "Please select image..!";
exit();
}**
you simply can't upload files via $.ajax().
you'll have to use some trycky iframe-stuff or something like that to make this work. luckily, there are ready-to-go plugins for jquery to handle this for you (like $.ajaxForm() for example wich seems to be the one that's used in the tutorial you're reading).
EDIT:
the plugin also allows to add extra data thats not present in the form itself. to quote the documentation:
data
An object containing extra data that should be submitted along with the form.
data: { key1: 'value1', key2: 'value2' }
For upload image by ajax you should use an iframe and set its id to form target.
Please have a look at
http://www.coursesweb.net/ajax/upload-images
It is very simple code to upload image
That won't work!
Images are handled differently from the text data in Ajax so you would have to do more than just post it using the $.ajax({}) method.
You can however use the jquery.form.js plugin it works perfect http://jquery.malsup.com/form/#download there is a tutorial on how to use it
here
Any ways I have used it my self so let me elaborate for you.
The JavaScript code is here
$('.uploadForm').live('click', function(evt){
$('#feedback').html(' ');
$('#feedback').html('<img src="images/loader_image.gif" alt="Uploading...."/>');
$("#formID").ajaxForm({
target: '#feedback'
}).submit();
evt.preventDefault();
});
If your PHP code is fine this should work .....
Just post the rest of the form fields in the normal way way
This should work for you. If the PHP code is fine
For example if you had other form fields like firstname and lastname in form like this one
<div class="form">
<fieldset class="ui-corner-all">
<h3 class="ui-widget-header ui-corner-top" align="center">Client information</h3>
<form action="save_new_client.php" enctype="multipart/form-data" id="clientForm" method="POST">
<label>First Name</label>
<input name="firstname" type="text" id="firstname" class="required" minlength="3"/>
<label>Lastname</label>
<input name="date_added" type="text" id="date_added" class="dateEst" />
<label>Image</label>
<input name="photo" type="file" id="photo" />
<input type="submit" name="button" id="button" value="Save" class="uploadForm"/>
<input type="reset" name="reset" id="button" value="Cancel" /></td>
</form>
</fieldset>
<div id="feedback"></div>
</div>
Below it you'll just need to add a div or paragraph to hold your feedback message ....
then the rest will be just fine (like I said if your PHP code is okay)I have not looked through it alot