Update, where and $variables

BenDov

Hi - my problem is that I am trying to update from a form. I pass the $HTTP_POST_VARS to the new file. Set a variable to this and try and use the variable in a WHere statement. Thinking that the type might be wrong I then set the type of the variable to integer. I thought this would work. To test I have set a number into the where statement and it works fine so I am doing something wrong with the $variable. The code is as below and the form variable I pass to this file is property.

I have spent three weeks trying to figure this out so any help is greatly received

<?php
include 'db.inc';

$jeremy = $HTTP_POST_VARS['property'];
settype ($jeremy, "integer");
$jeremys = $jeremy;
if (empty($short) || empty($userfile))
{
?>
<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Upload an Image File</title>

</head>

<body bgcolor="white">
<form method="post" action="imupdate.php" enctype="multipart/form-data">
<h1>Upload an Image File</h1> 
<h3>Please fill in the details below to upload your file. 
Fields shown in <font color="red">red</font> are mandatory.</h3>
<table>
<col span="1" align="right">


<tr>
  <td>PropertyID</td>
  <td><?php echo $jeremy; ?></td>
</tr>
<tr>
   <td><font color="red">Short description:</font></td>
   <td><input type="text" name="short" size=50></td>
</tr>

<tr>    
   <td><font color="red">File:</font></td>
   <td><input name="userfile" type="file"></td>
</tr>

<tr>
      <td><input type="submit" value="Submit"></td>
</tr>
</table>
<input type="hidden" name="MAX_FILE_SIZE" value="30000">
</form>
<h3>Click <a href="index.php">here</a> to browse the images instead.</h3>
<?php echo gettype ($jeremy).'<br />'?>;
<?php echo gettype ($jeremys).'<br />'?>;
<?php echo ($jeremy).'<br />'?>;
<?php echo ($jeremys).'<br />'?>;
<?php echo ($jeremy2).'<br />'?>;
</body>
</html>

<?php

}
else
{
$short = clean($short, 50);
$userfile = clean($userfile, 50);

 if (!($connection = @ mysql_pconnect($hostName, 
                                     $username, 
                                     $password)))
    showerror();

 if (!mysql_select_db("running2_REMAX", $connection))
    showerror();

 // Was a file uploaded?
 if (is_uploaded_file($userfile))
 {

   switch ($userfile_type)
   {
      case "image/gif";       
         $mimeName = "GIF Image";
         break;
      case "image/jpeg";          
         $mimeName = "JPEG Image";
         break;
      case "image/png";       
         $mimeName = "PNG Image";
         break;
      case "image/x-MS-bmp";       
         $mimeName = "Windows Bitmap";
         break;
      default: 
         $mimeName = "Unknown image type";
   }

   // Open the uploaded file
   $file = fopen($userfile, "r");

   // Read in the uploaded file
   $fileContents = fread($file, filesize($userfile)); 

   // Escape special characters in the file
   $fileContents = AddSlashes($fileContents);
 }  
 else
   $fileContents = NULL;

$insertQuery = ("UPDATE propertiesall SET carnum = '7',
heading = \"{$short}\",
mimeType = \"{$userfile_type}\",
mimeName = \"{$mimeName}\",

image5 = \"{$fileContents}\" WHERE propertyID='$jeremy'");

 if ((@ mysql_query ($insertQuery, $connection)) 
     && @ mysql_affected_rows() == 1)
   header("Location: imagereceipt.php?status=T&file="
     . mysql_insert_id($connection));
 else
   header("Location: imagereceipt.php?status=F&file=" 
     . mysql_insert_id($connection));

} // if else empty()
?>

Thanks for your help

Jeremy

tsinka

Hi,

did I oversee it or doesn't the form contain any input (hidden, text or whatever) with the name "property" ?

Thomas

BenDov

The form I use to send the field is

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>

<body>
<form action="/allproperties/imupdate.php" method="post" enctype="multipart/form-data" name="form1">
<table width="100%" border="0">
<tr>
<td width="17%">propertyID</td>
<td width="83%"><input name="property" type="text" id="property" size="4" maxlength="4"></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>

 </table>

so the input name is property and the type is text.

When I print the variable $jeremy I get the correct value. It is only when I put this into the Where that it does not work?

tsinka

Just to understand:

You have the first form that submits the property to imupdate.php. That script first displays the second form (with the file input) and tries to store the data in the table after submission of the second form.
If that is the case then you need to add e.g. a hidden input to the second form named property that holds the value of the property variable. You'll loose the property value otherwise.

Additionally, you should check if the value of property is numeric at all before doing anything with the data or even displaying the second form.

Correct me if I'm wrong.

Thomas

BenDov

Hi again and a happy new year

Now that the holidays are over I am back and running. Sorry for the delay and thankyou for your help.

I am trying to get my head around hidden fields. From what you say, and I am sure you are right, I need a hidden field variable, property, in the second form.

This is because the second form cannot see the variable 'property' from the first POST. What then do I add to the script to add this.

Thanks for your help.

Jeremy

tsinka

I wish you a happy new year, too 🙂

It's been a while ... but I think it should work if you add just a hidden input to the form in your first post. Modify the code so that it looks like:

....
  <form method="post" action="imupdate.php" enctype="multipart/form-data"> 
  <input type="hidden" name="property" value="<?PHP echo $jeremy; ?>">
....

Besides that, you should check if the POST values (like property) are set at all and have a valid value instead of just using them in the code.

With error_reporting set to E_ALL your code might show some warnings about undefined variables or indexes. You can test that by adding error_reporting(E_ALL); on top of the script.

Thomas

BenDov

Thanks so much - after being away from the office, and recovering from stomach flu I am once again up and running! Your code worked. I dont quite know where I would have been without your input

Thanks so much for your help. 🙂

Jeremy