[RESOLVED] Upload Image Help

drax007

Hi there,

Im trying to get an image to upload to a folder and update the record with the url link in my database forthat image.

Trouble is, the image is uploaded to the folder ok, it is just the the url is never updated to the databasse.....Theres no errors either???

Please somebody have mercy someone, im in danager of failing!😕

<?php require_once('Connections/woodside.php'); ?>
<?php error_reporting(E_ALL);
ini_set('display_errors', '1');
//image upload test

$file_dir = "C:/wamp/www/Woodside/Images/";
$link_dir = "./Images/";
$file_url = "http://localhost/woodside/Images/";

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}


$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
if (isset($_POST['submit']))
	{
$image_name = $_FILES['image']['name'];
$image_size = $_FILES['image']['size'];
$image_type = $_FILES['image']['type'];
$uploadfile = $file_dir.basename($image_name);
print_r($_FILES);

print "</pre>";
	  print "<center>Image path: $file_dir<br>\n";
	  print "<center>Image name: $image_name<br>\n";
	  print "<center>Image size: $image_size bytes<br>\n";
	  print "<center>Image type: $image_type<p><br>\n\n";
      print "<img src=\"$file_url/$image_name\"><p>\n\n";

if (move_uploaded_file($_FILES['image']['tmp_name'], $uploadfile)) 
{
   echo "File is valid, and was successfully uploaded.\n";

  $updateSQL = sprintf("UPDATE animal SET Image=('".$link_dir.$image_name."') WHERE AnimalID=%s",
                       GetSQLValueString($_POST['image'], "text"),
                       GetSQLValueString($_POST['panimal'], "int"));

  mysql_select_db($database_woodside, $woodside);
  $Result1 = mysql_query($updateSQL, $woodside) or die(mysql_error());



} else {
   echo "Possible file upload attack!\n";
}
//Uncomment these lines if you are having problems
echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";
	  print "<center>Image path: $file_dir<br>\n";
	  print "<center>Image name: $image_name<br>\n";
	  print "<center>Image size: $image_size bytes<br>\n";
	  print "<center>Image type: $image_type<p><br>\n\n";
      print "<img src=\"$file_url/$image_name\"><p>\n\n";

  $updateGoTo = "latestTESTv2.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}}

$colname_animal = "-1";
if (isset($_GET['recordID'])) {
  $colname_animal = (get_magic_quotes_gpc()) ? $_GET['recordID'] : addslashes($_GET['recordID']);
}
mysql_select_db($database_woodside, $woodside);
$query_animal = sprintf("SELECT AnimalID, Image FROM animal WHERE AnimalID = %s", $colname_animal);
$animal = mysql_query($query_animal, $woodside) or die(mysql_error());
$row_animal = mysql_fetch_assoc($animal);
$totalRows_animal = mysql_num_rows($animal);

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<form name="form1" action="<?php echo $editFormAction; ?>" method="POST" enctype="multipart/form-data"><br/>

<input type="hidden" name="MAX_FILE_SIZE" value="100000">
<input type="file" accept=".jpg" size="20" name="image" title="Image Upload" /><br>

<input type="submit" name=submit value="Submit">
<input name="panimal" type="hidden" value="<?php echo $row_animal['AnimalID']; ?>" />
<input type="hidden" name="MM_update" value="form1">
</form>
</body>
</html>
<?php
mysql_free_result($animal);
?>

cahva

I think you have misunderstood the usage of sprintf and theres also an ( ) in that query that you dont need

This would probably be correct:

  $updateSQL = sprintf("UPDATE animal SET Image='%s' WHERE AnimalID=%u",
                       $link_dir.$image_name,
                       GetSQLValueString($_POST['panimal'], "int"));

If you are wondering whats "%u" is. That is unsigned integer. Usually ID:s dont have minus signs 🙂

Anyway, if you have such problems in the future(and you will 🙂 ), just print the query and you will see more clearly whats wrong with it. In this case simple "echo $updateSQL;" would have revealed that the query is not what its supposed to be.

drax007

Hi there,

Thanks for replying 🙂. It works a charm, the image is uploaded to the folder and the url link is updated into the record in the database! - 🙂 yee haa!

Thank You very much 🙂

There is one thing that is strange, i tried to echo $update (to test)and nothing is outputed to the screen...Also in my code there were 2 occurances of the print_r($_FILES); function (that printed to screen the image name, type and size)...These also dont appear either when running the page????

Why would the image details not be displayed as the query is clearly working as it uploads the image and saves the url in the database record.

Thanks again

drax007

Hi there,

Thank You for your first reply! It fixed it! it works a charm!

Thank You

p.s. where is "topic solved link" 🙂