uploading images into database

aray

Hi - need some help on images! what I want to do is upload an image into a database. I need to upload the image (just the path - not as a blob) and have the php script convert that image to a thumbnail (I have the GD library installed). However, I need to keep the full size image also. I have two fields in my database table : image_name which I want to store the path to full size image and image_name_th where I want to store the path to converted thumbnail. I think I can get the scripts to display whichever image I want. The trouble I'm having is how to tailor my upload form so that it both keeps the full sized image in my uploads folder AND converts that image to a thumbnail that would be put in a 'thumbs' folder AND then adds both those paths to the appropriate fields in the datatable. whew! I am using php 5 on a (?) windows server (I believe - still a newbie at this stuff). Here is my regular upload form which works great. What php script and where would I place it in order to accomplish what I need or am I asking for the impossible?? It seems like what I have found out there only does one or the other...

// Check if the form has been submitted.
if (isset($_POST['submitted'])) {

// Validate the product_name, image_name,  price, and description.

// Check for a product name.
if (!empty($_POST['product_name'])) {
	$pn = escape_data($_POST['product_name']);
} else {
	$pn = FALSE;
	echo '<p><font color="red">Please enter the product\'s name!</font></p>';
}

// Check for an image.
if (is_uploaded_file ($_FILES['image']['tmp_name'])) {
	if (move_uploaded_file($_FILES['image']['tmp_name'], "./uploads/{$_FILES['image']['name']}")) { // Move the file over.

		echo '<p>The file has been uploaded!</p>';
		//include ('footer.html');			

	} else { // Couldn't move the file over.
		echo '<p><font color="red">The file could not be moved.</font></p>';
		$i = FALSE;
	}
	$i = $_FILES['image']['name'];
} else {
	$i = FALSE;
}	

// Check for a price.
if (is_numeric($_POST['price'])) {
	$p = (float) $_POST['price'];
} else {
	$p = FALSE;
	echo '<p><font color="red">Please enter the product\'s price!</font></p>';
}

// Check for a description (not required).
if (!empty($_POST['description'])) {
	$d = escape_data($_POST['description']);
} else {
	$d = '<i>No description available.</i>';
}


if ($pn && $i && $p) { //If everything is okay and this is a new simpler attemp.

	// Add the product to the database.
	$query = "INSERT INTO products (product_name, price, description, image_name) VALUES ('$pn', $p, '$d', '$i')";
	$result = mysqli_query ($dbc, $query); // RUN THE QUERY.	
	echo '<p>Your product has been sucessfully added to the database!!</p>';	
	$pid = @mysqli_insert_id($dbc); //get the product id		
	include ('./includes/footer.html');		

} else { // If the query did not run OK and a test failed.
	echo '<p><font color="red">Your submission could not be processed due to a system error.</font></p>'; 		
}

} else { // Display the upload form.
?>

<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

	<input type="hidden" name="MAX_FILE_SIZE" value="524288">

	<fieldset><legend>Fill out the form to add a product to the catalog:</legend>

	<p><b>Product Name:</b> <input type="text" name="product_name" size="30" maxlength="60" ></p>

	<p><b>Image:</b> <input type="file" name="image" > <small>The file name 
	should not include spaces or other invalid characters and should have a 
	file extension.</small></p>				

	</select></p> 		

	<p><b>Product Price:</b> <input type="text" name="price" size="10" maxlength="10" > <small>
	Do not include the dollar sign or commas.</small></p>		

	<p><b>Product Description:</b> <textarea name="description" cols="40" rows="5"></textarea></p>

	</fieldset>

	<div align="center"><input type="submit" name="submit" value="Submit" ></div>
	<input type="hidden" name="submitted" value="TRUE" >

</form>

<?php
include ('./includes/footer.html');
} // End of main conditional.
?>

theelectricwiz

Hello,

Here is an OLD script I made for uploading and storing photos. It has everything you need, you will just need to pick through it and then duplicate the resizing part... or copy the original image before resizing it.

Hope this helps

<HTML>
<HEAD>
<TITLE>Uploading Photo...</TITLE>
<STYLE TYPE="text/css">
<!--
H5 {
	font-family: "Courier New", Courier, mono;
	font-size: 10px;
	color: #000000;
}
-->
</STYLE>
</HEAD>
<BODY>
<?
///////////////////////////////////////////////////////////////////////////////////////
// This script is copyright Xeno Jacobyte Designs and shall not be used by any       //
// parties without first obtaining explicit permission from Xeno Jacobyte Designs    //
//                                                                                   //
// © 2005 XJDesigns                                       http://www.xjdesigns.co.nz //
///////////////////////////////////////////////////////////////////////////////////////

// GET MAX FILE SIZE
$max_size = $_POST['MAX_FILE_SIZE'];

// ECHO START CONSOLE
echo "
<H5>Welcome to XJImage 0.4. Starting process of uploading your image.<BR>
Please stand by...</H5>
<H5>Current user name: $_SERVER[PHP_AUTH_USER]<BR>
Current Date: " . date("d-m-y") . "<BR>
Formatting date...</H5>
<H5>Checking file integrety...</H5>
<H5>";

/*// TEST FOR FILE UPLOAD ATTACK
if (!is_uploaded_file($file)) {
	echo "!! ERROR WITH UPLOAD: Possible file upload attack, shutting down !!</H5>";
	exit;
}
*/
// TEST EXISTS
echo "File Name: $file_name<BR>Temp Name: $file<BR>";
if ($file == "none") {
	echo "!! ERROR WITH UPLOAD: No file to upload !!</H5>";
	exit;
}

echo "File ok. Uploading file...</H5>";
// TEST TO SEE IF ZIP FILE WAS UPLOADED AND ACT
if (strstr($file_name, ".zip")) {
	// COPY TO ZIP FILE TMP FOLDER
	$new_file = "/home/xjdesign/public_html/sos/photos" . $file . "/temp.zip";
	$folder = "/home/xjdesign/public_html/sos/photos" . $file . "/";
	mkdir($folder);
	copy($file, $new_file);
	chdir($folder);
	shell_exec("unzip temp.zip");
	unlink("temp.zip");
	$dir = opendir($folder);
	while ($name = readdir($dir)) {
		if (strstr($name, ".jp") || strstr($name, ".gif")) {
			make_img($folder . $name);
			unlink($name);
		} else {
			echo "Ignoring $name - not a supported image<BR>";
			if ($name != "." && $name != "..") {
				unlink($name);
			}
		}
	}
	closedir($dir);
	rmdir($folder);
} else {
	make_img($file);
}


function make_img($file) {
	echo "<H5>";
	global $conn;
	global $ok;
	// TEST TO SEE IF IMAGE IN FILE BOX MEETS CRITERIA
	echo "<BR>Image Info...<BR>";

// TEST IMAGE FORMAT
echo "Current File: $file<BR>";

// GET IMAGE SIZE AND DETAILS
$img_info = getimagesize($file);
// TEST WHAT TYPE OF IMAGE IT IS AND ACT
switch ($img_info[2]) {
	case "2":
		$img = imagecreatefromjpeg($file);
		break;

	case "1":
		$img = imagecreatefromgif($file);
		break;

	default:
		echo "!! ERROR WITH IMAGE TRANSFER: Not supported type - only gif and jpeg</H5>";
		return;
}

// TEST FOR RESIZING	
if ($img_info[0] > 640) {
	$ratio = $img_info[1]/$img_info[0];
	$new_w = 640;
	$new_h = 640 * $ratio;
} else if ($img_info[1] > 480) {
	$ratio = $img_info[0]/$img_info[1];
	$new_h = 480;
	$new_w = 480 * $ratio;
} else {
	$new_w = $img_info[0];
	$new_h = $img_info[1];
}

// OUTPUT IMAGE
$new_img = imagecreatetruecolor($new_w, $new_h) or die("new image error");

// RESIZE LOADED IMAGE
imagecopyresized($new_img, $img, 0, 0, 0, 0, $new_w, $new_h, $img_info[0], $img_info[1]) or die("copy image");
imagejpeg($new_img, $file);
// UPLOAD FILE

/*
FOLLOWING ARE THE COLUMNS IN THE PHOTO ALBUM TABLE, onslowimg (ALL REQUIRED)
- photo_id	INT 5	AUTO-INCREMENT	PRIMARY KEY
- comments	TEXT
- date		DATE
- event		VAR 5
- views		INT 5
- okeyed	INT 1	
*/

// GET LAST ID NUMBER
$get_last_id = "SELECT photo_id FROM sos_photo ORDER BY photo_id DESC LIMIT 1";
$cmd_last_id = mysql_query($get_last_id, $conn) or error("getting last id");
if (mysql_num_rows($cmd_last_id) != "0") {
$last_id = mysql_result($cmd_last_id, "0", "photo_id");
$id = $last_id + 1;
} else {
	$id = 1;
}

// CHECK WHETHER TO AUTO OK
if (isset($_POST['cm_pass']) && $_POST['cm_user'] && $_POST['cm_pass'] == "3856sos" && $_POST['cm_user'] == "sos@xjdesigns.co.nz") {
	$ok = "1";
} else {
	$ok = "0";
}

// CHECK FOR DATE AND GET IF NECESSARY
echo "event: $_POST[event]<BR>";
if (!empty($_POST['event'])) {
	$get_date_cmd = "SELECT date FROM sos_events where event_id = '$_POST[event]'";
	$get_date = mysql_query($get_date_cmd, $conn) or error("getting event date");
	$date = mysql_result($get_date, 0, "date") or error("getting date value");
	$add_img = "INSERT INTO sos_photo VALUES ('$id', '$_POST[comments]', '$date', '$_POST[event]', '0', '$ok')";
} else {
	// FORMAT DATE
	$date = explode("/", $_POST['date']);
	$add_img = "INSERT INTO sos_photo VALUES ('$id', '$_POST[comments]', '$date[2]-$date[1]-$date[0]', '$_POST[event]', '0', '$ok')";
}

// INSERT DATA INTO DATABASE

$cmd_img = mysql_query($add_img, $conn) or error("adding image to database");
if ($cmd_img) {
	echo mysql_affected_rows() . " photo added to database.<BR>";
}

// COPY PHOTO
$img_loc = "/home/xjdesign/public_html/sos/photos/$id.jpg";
copy($file, $img_loc);
//if (!copy($file, $img_loc)) {
//	echo "<H5>!! ERROR WITH UPLOAD: Photo could not be copied into directory !!</H5>";
//	require_once ("photo board add.php");
//	exit;
//}

echo "Your photo has been uploaded to the server.<BR>
It will not show up until it has been looked at first.";

// SHOW PHOTO
echo "<IMG SRC=\"photos/$id.jpg\">";

echo "</H5>";

}

// END
if ($ok == "0") {
mail("photo_sos@xjdesigns.co.nz", "New Photo Added", "A new photo has been added to the photo board.\n The Comments are: $_POST[comment] \n http://www.xjdesigns.co.nz/sos/photos/$id.jpg to look at");
}
echo "<H5>Sending Alert</H5>";
echo "<H5>XJImage process complete.<BR>
Click <A HREF=\"gallery.php\">here</a> to go to the photo board page.</H5>";
?>
</BODY>
</HTML>

theelectricwiz

Did I mention old? cough cough. Don't use it as an example of good scripting.....

aray

hello 'theelectricwiz'
Thanks for the script. I will give it a try here as soon as i get a chance. I appreciate the help!
aray