file uploading help....

scot

i have redone the coding and almost everything works, all the fields are being inserted to the database, however, the file isnt uploading and the cover on the page is broken and not pointing to the correct DIR

// define the base image dir
$base_img_dir = "/home/scottay/www/cds/";
$orig_name = $HTTP_POST_FILES["cover"]["name"];
$filename = $base_img_dir.$orig_name;
move_uploaded_file($HTTP_POST_FILES["cover"]["tmp_name"], $filename);
mysql_query ("insert into reviews (user, band, title, label, review, favsong, cover, year, rate) VALUES ('" . $SESSION['userinfo']['username'] . "', '" . $POST['band'] . "', '" . $POST['title'] . "', '" . $POST['label'] . "', '" . $POST['review'] . "', '" . $POST['favsong'] . "', '" . $HTTP_POST_FILES["cover"]["name"] . "', '" . $POST['year'] . "', '" . $POST['rate'] . "')") or die(mysql_error());

planetsim

Are you sure its not uploading

if not try this

if($HTTP_POST_FILES['cover']['error']==0){
  $base_img_dir = "/home/scottay/www/cds/"; 
$orig_name = $HTTP_POST_FILES["cover"]["name"]; 
$filename = $base_img_dir.$orig_name; 
move_uploaded_file($HTTP_POST_FILES["cover"]["tmp_name"], $filename); 
mysql_query ("insert into reviews (user, band, title, label, review, favsong, cover, year, rate) VALUES ('" . $_SESSION['userinfo']['username'] . "', '" . $_POST['band'] . "', '" . $_POST['title'] . "', '" . $_POST['label'] . "', '" . $_POST['review'] . "', '" . $_POST['favsong'] . "', '" . $HTTP_POST_FILES["cover"]["name"] . "', '" . $_POST['year'] . "', '" . $_POST['rate'] . "')") or die(mysql_error());
}else{
  echo "Sorry the File wasnt Uploaded<br /><b>Error:</b> ".$HTTP_POST_FILES['cover']['error'] ;
}

But if your image isnt being shown properly because you didnt give the correct directory path you'll need the change the

$HTTP_POST_FILES["cover"]["name"] in your query to $filename

scot

i just tried it and its doing the exact same thing as it was with my code, nothing being uploaded and the properties of the photo on the album page is still pointing to the wrong DIR

if($HTTP_POST_FILES['cover']['error']==0){
$base_img_dir = "/home/scottay/www/cds/";
$orig_name = $HTTP_POST_FILES["cover"]["name"];
$filename = $base_img_dir.$orig_name;
move_uploaded_file($HTTP_POST_FILES["cover"]["tmp_name"], $filename);
mysql_query ("insert into reviews (user, band, title, label, review, favsong, cover, year, rate) VALUES ('" . $SESSION['userinfo']['username'] . "', '" . $POST['band'] . "', '" . $POST['title'] . "', '" . $POST['label'] . "', '" . $POST['review'] . "', '" . $POST['favsong'] . "', '" . $HTTP_POST_FILES["cover"]["name"] . "', '" . $POST['year'] . "', '" . $POST['rate'] . "')") or die(mysql_error());
}else{
echo "Sorry the File wasnt Uploaded<br /><b>Error:</b> ".$HTTP_POST_FILES['cover']['error'] ;
}
};

Kinsbane

I coded something like this just this past week for my work.

Take a look, and use as needed:
This first page is my form data to insert into the database.

 <form enctype="multipart/form-data" action="add.php" method="post" name="addprint" style="margin-height:0px; margin-width: 0px; padding: 0px;">

	<tr> 
        <td colspan="2" class="title"><div align="center" class="heading">Add a Print</div></td>
      </tr>
      <tr> 
        <td height="32" class="addrow"> <div align="left">Scan ID Code: 
            <input name="scan_id_text" type="text" class="addtext" size="20" maxlength="8">
          </div></td>
        <td height="32" class="addrow">&nbsp;</td>
      </tr>
      <tr> 
        <td width="50%" height="32" class="addrow">Park Site: 
          <select name="p_Site_select" id="p_Site_select" class="addtext">
<option></option>
                              </select> </td>
            <td width="50%" class="addrow">&nbsp;</td>
          </tr>
          <tr> 
            <td width="50%" height="32" class="addrow">Park Project: 
              <input name="p_Project_textfield" type="text" size="20" maxlength="30" class="addtext"> 
            </td>
            <td width="50%">&nbsp;</td>
          </tr>
          <tr> 
            <td width="50%" height="32" class="addrow">Sheet Type: 
              <select name="s_Type_select" id="s_Type_select" class="addtext">
                <option>Demolition</option>
                <option>Layout</option>
                <option>Construction</option>
                <option>Irrigation</option>
                <option>Planting</option>
                <option>Lighting</option>
                <option>Details</option>
                <option>Notes</option>
                <option>Planning</option>
              </select> </td>
            <td width="50%" class="addrow"></td>
          </tr>
          <tr> 
            <td width="50%" height="32" class="addrow">Sheet Iteration: 
              <select name="s_Iteration_select" id="s_Iteration_select" class="addtext">
                <option>As Built</option>
                <option>Bid Set</option>
                <option>Markups</option>
              </select> </td>
            <td width="50%">&nbsp;</td>
          </tr>
          <tr> 
            <td height="100" colspan="2" class="addrow"> <div align="center"> 
                <p align="left">Sheet Description:<br>
                  <textarea name="s_Description_textarea" cols="50" rows="5" wrap="PHYSICAL" id="s_Description_textarea" class="addtext"></textarea>
                </p>
              </div></td>
          </tr>
          <tr> 
            <td height="45" colspan="2" class="addrow">Select the Print's Image 
              File to Upload:<br>
			  <input name="MAX_FILE_SIZE" type="hidden" value="5242880">
              <input name="image" type="file" id="image" size="30" maxlength="100" class="addtext">
              Max Filesize is approx. 5mb</td>
          </tr>
          <tr> 
            <td width="50%" height="32"> <div align="center"> 
                <input name="sheet_add_button" type="submit" id="sheet_add_button" value="Add Print" class="addbutton">
              </div></td>
            <td width="50%"><div align="center"> 
                <input name="sheet_add_reset" type="reset" id="sheet_add_reset" value="Reset" class="addbutton">
              </div></td>
          </tr>
        </form>
        <td height="13"></tbody> </table></td></tr></table>

This next page is the meat and bones of the whole deal, add error checking and notification as you see fit:

<?php
$User = "user"; 
$Pass = "pass"; 
$Host = "localhost"; 
$DB = "intranet"; 

$fullpath = "http://localhost/intranet_test/images/".$_POST['p_Site_select']."/".$_FILES['image']['name'];
$abspath = "C:/Program Files/Apache Group/Apache/htdocs/intranet_test/images/".$_POST['p_Site_select']."/";

if(!(copy($_FILES['image']['tmp_name'], $abspath.$_FILES['image']['name']))) die("Cannot upload files.");

if(!($link_id = mysql_connect($Host, $User, $Pass))) die('Sorry, cannot connect to the database. Please e-mail John Shaw at [email]jshaw@crpd.org[/email] to notify him of the situation.');
$sql_db=mysql_select_db($DB);
$sql = "INSERT INTO images VALUES ('" . $_POST['scan_id_text'] . "', '" . $_POST['p_Site_select'] . "', '" . $_POST['p_Project_textfield'] . "', '" . $_POST['s_Type_select'] . "', '" . $_POST['s_Description_textarea'] . "', '" . $_POST['s_Iteration_select'] . "', '" . $fullpath . "')";
if(!($result = mysql_query($sql))) {
	die(mysql_error());
} else {
?>

g'luck!

planetsim

Ok then did you CHMOD the directory to where your uploading the file.

It should have displayed and error if it didnt upload, just make sure its there..

Also did you read the last bit i said about changing the $HTTP_POST_FILES["cover"]["name"] to $filename in your query

Because $filename will have the exact Directory information for the file. I also think that your Path is flawed..

Try this

$docroot_dir = "/cds";
base_img_dir = $HTTP_SERVER_VARS['DOCUMENT_ROOT'].$docroot_dir;
$orig_name = $HTTP_POST_FILES["cover"]["name"]; 
$filename = $base_img_dir.$orig_name;

$queryfilename = $docroot_dir.$origname;

move_uploaded_file($HTTP_POST_FILES["cover"]["tmp_name"], $filename);  

mysql_query ("insert into reviews (user, band, title, label, review, favsong, cover, year, rate) VALUES ('" . $_SESSION['userinfo']['username'] . "', '" . $_POST['band'] . "', '" . $_POST['title'] . "', '" . $_POST['label'] . "', '" . $_POST['review'] . "', '" . $_POST['favsong'] . "', '" .$queryfilename. "', '" . $_POST['year'] . "', '" . $_POST['rate'] . "')") or die(mysql_error());

planetsim

Kinsbane

i found a few non fatal errors in your script

Firstly using copy(); this shouldnt be used to upload files

if(!($result = mysql_query($sql))) {

you should never have a variable in front a query that is uploading, it wont always work.

Other than those errors its not a bad script

scot

ok, i just tried it again and on submitting the form, i get these errors...

Notice: Undefined variable: origname in /home/scottay/www/new/useraddcd.php on line 336

Warning: move_uploaded_file(/home/scottay/www//cdsHow_It_Ends_so_shall_it_be.jpg): failed to open stream: Permission denied in /home/scottay/www/new/useraddcd.php on line 338

Warning: move_uploaded_file(): Unable to move '/tmp/phpcvqtkx' to '/home/scottay/www//cdsHow_It_Ends_so_shall_it_be.jpg' in /home/scottay/www/new/useraddcd.php on line 338

Kinsbane

Originally posted by planetsim
Kinsbane

i found a few non fatal errors in your script

Firstly using copy(); this shouldnt be used to upload files

if(!($result = mysql_query($sql))) {

you should never have a variable in front a query that is uploading, it wont always work.

Other than those errors its not a bad script

http://www.darwenstheory.net/intranet_test/addprint.php

Try it and see for yourself. 🙂

Kinsbane

Originally posted by scot
ok, i just tried it again and on submitting the form, i get these errors...

Notice: Undefined variable: origname in /home/scottay/www/new/useraddcd.php on line 336

Warning: move_uploaded_file(/home/scottay/www//cdsHow_It_Ends_so_shall_it_be.jpg): failed to open stream: Permission denied in /home/scottay/www/new/useraddcd.php on line 338

Warning: move_uploaded_file(): Unable to move '/tmp/phpcvqtkx' to '/home/scottay/www//cdsHow_It_Ends_so_shall_it_be.jpg' in /home/scottay/www/new/useraddcd.php on line 338

The first error is about a variable named $origname... in your original post, it is defined as $orig_name

Your last two errors are more than likely because the path is www// .. follow planetsim's examble above and you should be golden.

scot

Kinsbane

i took some code out of yours that you posted from a previous project....

$fullpath = "/cds/".$POST['cover']."/".$FILES['cover']['name'];
$abspath = "/home/scottay/www/cds/".$_POST['']."/";

if(!(copy($FILES['cover']['tmp_name'], $abspath.$FILES['cover']['name']))) die("Cannot upload files.");

mysql_query ("insert into reviews (user, band, title, label, review, favsong, cover, year, rate) VALUES ('" . $SESSION['userinfo']['username'] . "', '" . $POST['band'] . "', '" . $POST['title'] . "', '" . $POST['label'] . "', '" . $POST['review'] . "', '" . $POST['favsong'] . "', '" . $fullpath . "', '" . $POST['year'] . "', '" . $POST['rate'] . "')") or die(mysql_error());

i tried it and it worked, however, im getting an error on the page after submitted

Notice: Undefined index: cover in /home/scottay/www/new/useraddcd.php on line 331

Notice: Undefined index: cover in /home/scottay/www/new/useraddcd.php on line 332

the only thing i can think of is "cover" being changed to "file"

Kinsbane

Which lines are 331 and 332?
Is it the if(!copy($_FILES line and the mysql_query line?

Those two errors could very well be that the value 'cover' in your $_POST array isn't getting passed from your form. If, in your form, the upload box & button is named userfile, change cover below to whatever your upload box & button is named as in your form.

Originally posted by scot
Kinsbane

i took some code out of yours that you posted from a previous project....

$fullpath = "/cds/".$POST['cover']."/".$FILES['cover']['name'];
$abspath = "/home/scottay/www/cds/".$_POST['']."/";

if(!(copy($FILES['cover']['tmp_name'], $abspath.$FILES['cover']['name']))) die("Cannot upload files.");

mysql_query ("insert into reviews (user, band, title, label, review, favsong, cover, year, rate) VALUES ('" . $SESSION['userinfo']['username'] . "', '" . $POST['band'] . "', '" . $POST['title'] . "', '" . $POST['label'] . "', '" . $POST['review'] . "', '" . $POST['favsong'] . "', '" . $fullpath . "', '" . $POST['year'] . "', '" . $POST['rate'] . "')") or die(mysql_error());

i tried it and it worked, however, im getting an error on the page after submitted

Notice: Undefined index: cover in /home/scottay/www/new/useraddcd.php on line 331

Notice: Undefined index: cover in /home/scottay/www/new/useraddcd.php on line 332

the only thing i can think of is "cover" being changed to "file"

scot

line 331 and 332 are these....

$fullpath = "/cds/".$POST['file']."/".$FILES['cover']['name'];
$abspath = "/home/scottay/www/cds/".$_POST['file']"/";

it seems im a little confused as to what variables i should change to 'cover'. on my submit page, the upload browse field is called 'cover'

on my last try, i changed all of them to cover in the insert line and got tons of errors....

Notice: Undefined index: file in /home/scottay/www/new/useraddcd.php on line 331

Notice: Undefined index: file in /home/scottay/www/new/useraddcd.php on line 332

Notice: Undefined index: file in /home/scottay/www/new/useraddcd.php on line 334

Notice: Undefined index: file in /home/scottay/www/new/useraddcd.php on line 334
Cannot upload files.

planetsim

Where is $_POST['file'] coming from. From the error that is been given the index file doesnt exist anywhere in the script.

scot

im having a little problem with some of your script that i copied for my page...

$fullpath = "http://localhost/intranet_test/images/".$POST['p_Site_select']."/".$FILES['image']['name'];
$abspath = "C:/Program Files/Apache Group/Apache/htdocs/intranet_test/images/".$_POST['p_Site_select']."/";

if(!(copy($FILES['image']['tmp_name'], $abspath.$FILES['image']['name']))) die("Cannot upload files.");

what should be my replacement for p_Site_select. im clueless on that. on my browse upload form on the submit page, it looks like this...

and the column name in the databse for my cd cover is called "cover"

Kinsbane

On my site, p_Site_select contains a list of parks - each image uploaded goes into the appropriate folder corresponding to the park it belongs to. So, the variable fullpath goes into the database so I can easily call that for image linking and such... so if say the park was BAP, and the filename was 001.jpg, the entry in the database under my image_path column would be http://localhost/intranet_test/images/BAP/001.jpg

When working with $_FILES global variable, keep in mind the first value in the array will be the name of your upload field - since it's the CD cover, you can name it 'cover'. The 2nd value denotes the filename selected, simply named 'name'.

Now, seeing as how I don't know how your database is lined out, nor your images directory - it really depends on how you want to categorize. If, say, you have www/cds/bands/A_G/, then your fullpath variable would read:

$fullpath="http://localhost/cds/".$POST['band']."/".$FILES['cover']['name']";

Like I said, I don't know how you've got your directory or database structure lined out - but in my script, it's all tailored as to what's being $POSTed from the previous page. All the data $POSTed has it's place.

Here's a tutorial that helped me out a lot, and should help you out a lot in determining what ya need to do:

http://robouk.mchost.com/tuts/tutorial.php?tutorial=fileupload

Basically, the $abspath variable I defined is the determining factor in where the image will be uploaded to.

Originally posted by scot
im having a little problem with some of your script that i copied for my page...

$fullpath = "http://localhost/intranet_test/images/".$POST['p_Site_select']."/".$FILES['cover']['name'];
$abspath = "C:/Program Files/Apache Group/Apache/htdocs/intranet_test/images/".$_POST['p_Site_select']."/";

if(!(copy($FILES['image']['tmp_name'], $abspath.$FILES['image']['name']))) die("Cannot upload files.");

what should be my replacement for p_Site_select. im clueless on that. on my browse upload form on the submit page, it looks like this...

<form enctype="multipart/form-data" method="post" action="useraddcd.php" onsubmit="return formCheck(this);">

and the column name in the databse for my cd cover is called "cover"

scot

hey again...

thanks for all the help, after sitting here and reading what you had to say, and going over my code countless times, i finally clued in to what was going on, and why i was having errors. i got it working, it works perfectly... heres the finished version....

<?
if (isset($POST['submitcd'])) {

mysql_connect ("", "", "");
mysql_select_db ("board");
$fullpath = "/cds/".$FILES['image']['name'];
$abspath = "/home/scottay/www/cds/";

if(!(copy($FILES['image']['tmp_name'], $abspath.$FILES['image']['name']))) die("Cannot upload files.");

};

just for an added feature, how would i go about adding a file size quota and file type restrictor?

say for maybe 100k and only jpg, gifs, jpegs are allowed?

also, if a user doenst have a cover to upload, how can i get around that so a default "no cover available" picture will be displayed?

Kinsbane

Check out this tutorial for more advanced file uploading procedures and techniques:
http://www.zend.com/zend/spotlight/uploading.php

And in regards to no cover image, all it would be is checking your upload file box for a filename, and if there is none, then to submit to the database your static, [url]http://[/url] path of your nocover.jpg, elseif there is, insert the given value into the database, else just die.

I'm sorry I can't be a bit more exact, I've had a few brews tonight and all I can really come up with is theoretical logic on how to do that. 🙂

Originally posted by scot
hey again...

thanks for all the help, after sitting here and reading what you had to say, and going over my code countless times, i finally clued in to what was going on, and why i was having errors. i got it working, it works perfectly... heres the finished version....

<?
if (isset($POST['submitcd'])) {

mysql_connect ("", "", "");
mysql_select_db ("board");
$fullpath = "/cds/".$FILES['image']['name'];
$abspath = "/home/scottay/www/cds/";

if(!(copy($FILES['image']['tmp_name'], $abspath.$FILES['image']['name']))) die("Cannot upload files.");

mysql_query ("insert into reviews (user, band, title, label, review, favsong, cover, year, rate) VALUES ('" . $SESSION['userinfo']['username'] . "', '" . $POST['band'] . "', '" . $POST['title'] . "', '" . $POST['label'] . "', '" . $POST['review'] . "', '" . $POST['favsong'] . "', '" . $fullpath . "', '" . $POST['year'] . "', '" . $POST['rate'] . "')") or die(mysql_error());

};

?>

just for an added feature, how would i go about adding a file size quota and file type restrictor?

say for maybe 100k and only jpg, gifs, jpegs are allowed?

also, if a user doenst have a cover to upload, how can i get around that so a default "no cover available" picture will be displayed?