upload script, add to db form

helz

the main problem that i am having is that an upload script that i aquired uploads the files no problem but i decided to add a form into the script that enables the user to add to the sql db. the problem is that the script is used just for uploading a image and so after the image has been uploaded and the add form is displayed i want it to use the new file path to be automatically inserted into the textbox for the image url. here is the code:

<link href="style.css" rel="stylesheet" type="text/css">
<?php
$my_max_file_size 	= "1024000"; # in bytes
$image_max_width	= "300";
$image_max_height	= "300";
$the_path			= "upload";

$registered_types = array(
					"application/x-gzip-compressed" 	=> ".tar.gz, .tgz",
					"application/x-zip-compressed" 		=> ".zip",
					"application/x-tar"					=> ".tar",
					"text/plain"						=> ".html, .php, .txt, .inc (etc)",
					"image/bmp" 						=> ".bmp, .ico",
					"image/gif" 						=> ".gif",
					"image/pjpeg"						=> ".jpg, .jpeg",
					"image/jpeg"						=> ".jpg, .jpeg",
					"application/x-shockwave-flash" 	=> ".swf",
					"application/msword"				=> ".doc",
					"application/vnd.ms-excel"			=> ".xls",
					"application/octet-stream"			=> ".exe, .fla (etc)"
					); # these are only a few examples, you can find many more!

$allowed_types = array("image/bmp","image/gif","image/pjpeg","image/jpeg");

# --------------------------------------------------------------------

function form($error=false) {

global $PHP_SELF,$my_max_file_size;

if ($error) print $error . "<br><br>";

echo "<form ENCTYPE='multipart/form-data'  action='".$PHP_SELF."' method='post'>
<INPUT TYPE='hidden' name='MAX_FILE_SIZE' value='".$my_max_file_size."'>
<INPUT TYPE='hidden' name='task' value='upload'>
<P>Upload a file
<BR>NOTE: Max file size is ".($my_max_file_size / 1024). "KB
<br><INPUT NAME='the_file' TYPE='file' SIZE=35><br>
<input type='submit' Value='Upload'>
</form><br><--<a href='manage.php'>Back to the main menu</a>";

} # END form

# ---------------------------------------------------------------------

if (!ereg("^4",phpversion())) {
	function in_array($needle,$haystack) { # we have this function in PHP4, so for you PHP3 people
		for ($i=0; $i < count($haystack); $i++) {
			if ($haystack[$i] == $needle) {	
				return true;
			}
		}
	}
}

# --

function validate_upload($the_file) {

global $my_max_file_size, $image_max_width, $image_max_height,$allowed_types,$the_file_type,$registered_types;

$start_error = "\n<b>Error:</b>\n<ul>";

if ($the_file == "none") { # do we even have a file?

	$error .= "\n<li>You did not upload anything!</li>";

} else { # check if we are allowed to upload this file_type

	if (!in_array($the_file_type,$allowed_types)) {
		$error .= "\n<li>The file that you uploaded was of a type that is not allowed, you are only 
					allowed to upload files of the type:\n<ul>";
		while ($type = current($allowed_types)) {
			$error .= "\n<li>" . $registered_types[$type] . " (" . $type . ")</li>";
			next($allowed_types);
		}
		$error .= "\n</ul>";
	}

	if (ereg("image",$the_file_type) && (in_array($the_file_type,$allowed_types))) {

		$size = GetImageSize($the_file);
		list($foo,$width,$bar,$height) = explode("\"",$size[3]);

		if ($width > $image_max_width) {
			$error .= "\n<li>Your image should be no wider than " . $image_max_width . " Pixels</li>";
		}

		if ($height > $image_max_height) {
			$error .= "\n<li>Your image should be no higher than " . $image_max_height . " Pixels</li>";
		}

	}

	if ($error) {
		$error = $start_error . $error . "\n</ul>";
		return $error;
	} else {
		return false;
	}
}
} # END validate_upload

# --

$image = "".$the_path."/".$file."";
function list_files() {

global $the_path;

$handle = dir($the_path);
print "\n<b>Uploaded files:</b><br>";
	while ($file = $handle->read()) {
	if (($file != ".") && ($file != "..")) {
		print "\n" . $file . "<br>";
# $image = "".$the_path."/".$the_file."";			
	   }
	}
	print "If you want to add a record into the database, use the form below.<br><hr><br>
				Please fill out the form below to add a record into the database.<br>
				<form name='adddatasql' method='post' action='add.php'>
				<table border='0' cellspacing='2' cellpadding='1'>
				<tr><td>Name:</td>
				<td><input name='name' type='text' size='50'></td></tr>
				<tr><td>Description:</td>
				<td><textarea name='description' cols='80' rows='5' id='description'></textarea></td></tr>
				<tr><td>Image URL:</td>
				<td><input name='image' type='text' size='80' value='".$image."'></td></tr>
				<tr><td colspan='2'><div align='center'><input type='submit' name='Submit' value='Add Data'></div></td></tr>
				</table></form><br><hr>";
}

function upload($the_file) {

global $the_path,$the_file_name;

$error = validate_upload($the_file);
if ($error) {
	form($error);
} else { # cool, we can continue
	if (!@copy($the_file, $the_path . "/" . $the_file_name)) {
		form("\n<b>Something barfed, check the path to and the permissions for the upload directory</b>");
	} else {
		list_files();
		form();
		$image = "".$the_path."/".$the_file_name."";
		global $image;
		global $the_file_name;
	}
}
} # END upload

# --

############ Start page

print "<html>\n<head>\n<title>Upload example</title>\n</head>\n<body>";

switch($task) {
	case 'upload':
		upload($the_file);
	break;
	default:
		form();
}

print "\n</body>\n</html>";

?>

Weedpacket

I guess the problem you're having is that the text field is blank or otherwise not correct, yes?
Your problem may be this line

$image = "".$the_path."/".$file."";

It needs to be inside the function, otherwise that value for $image wouldn't be used. In fact, a little further down is the line

# $image = "".$the_path."/".$the_file."";

Which is inside the functio, but commented out. But this won't work either, because $the_file won't have a value here, and because sitting inside a loop as it is, it will just be giving $image the same value a whole bunch of times before it ever gets used.

It would be a bit hairy to figure out a complete fix, because I'm not about to go poking around to figure out what the differences are between $file and $the_file and $the_file_name. But you'll need to get one of them into the list_files() function somehow, either by declaring it global or passing it as a parameter. Then put that $image= line (using $file or $the_file or whichever it is) immediately before the print statment (in fact, you could probably replace $image in the text field with $the_path.'/'.$somefile).

Incidentally, the two global lines in validate_upload() don't do anything, because they come after all the code in that function.

helz

thank you for the reply. i decided to do my trial and error thing which sometimes works eventually, so here it is:

the only thing that has changed is that i globalised $image at the beginning of the function and defined $image right after the file has been copied. not sure whether to globalise it afterwords or before the variable is defined. also another query: the global $variable. is that just to tell the script "hello im a variable, use me if you want" or is it aswell used to call a previous variable used? i think i know the answer but id like to make sure.

function upload($the_file) {

global $the_path,$the_file_name;
global $image;	
	$error = validate_upload($the_file);
	if ($error) {
		form($error);
	} else { # cool, we can continue
		if (!@copy($the_file, $the_path . "/" . $the_file_name)) {
			$image = "".$the_path."/".$the_file_name."";		
			form("\n<b>Something barfed, check the path to and the permissions for the upload directory</b>");
		} else {
			list_files();
			form();
			global $the_file_name;
		}
	}
} # END upload

and just to clear some things up:

$file = uploaded file used in the dir scan loop
$the_file = information in the text box where the image is locally stored (ie: c:\my documents\my pictures\image1.jpg)
$the_file_name = the image filename (ie: image1.jpg)

fnbcprog

Where do you set the variable, $the_file_type?

helz

like i said before i acquired this script.

only places where $the_file_type is mentioned is:

line 60

global $my_max_file_size, $image_max_width, $image_max_height,$allowed_types,$the_file_type,$registered_types;

line 70

if (!in_array($the_file_type,$allowed_types)) {

line 80

if (ereg("image",$the_file_type) && (in_array($the_file_type,$allowed_types))) {

as far as i can see. im not sure how it seperates the filename into two parts:
eg.. image1.jpg = "image1"".$the_file_type."