Hi All

I think this is my last problem with this site. On the admin side of the site is a update form. All data updates fine when it is changed, however when selecting a new image, it doesn't upload or add the filename to the DB.

I have tried combining two separate scripts but can't get it to work. My limited PHP knowledge wont let me adapt the code to make it work.

I have attached the PHP code in the hope that somebody can show me the error of my ways. I apologise in advance for my very poor code.

Thanks

<?php require_once('Connections/xxxxxxxx.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
  $updateSQL = sprintf("UPDATE WickerOutdoor SET ProductName=%s, Materials=%s, P_sizeOne=%s, P_sizeTwo=%s, P_sizeThr=%s, P_sizeFour=%s, Colour=%s, Description=%s, Dimensions=%s, PriceOne=%s, PriceTwo=%s, PriceThr=%s, PriceFour=%s WHERE idProdCode=%s",
                       GetSQLValueString($_POST['ProductName'], "text"),
                       GetSQLValueString($_POST['Materials'], "text"),
                       GetSQLValueString($_POST['P_sizeOne'], "text"),
                       GetSQLValueString($_POST['P_sizeTwo'], "text"),
                       GetSQLValueString($_POST['P_sizeThr'], "text"),
                       GetSQLValueString($_POST['P_sizeFour'], "text"),
                       GetSQLValueString($_POST['Colour'], "text"),
					   GetSQLValueString($_POST['Description'], "text"),
                       GetSQLValueString($_POST['DImensions'], "text"),
                       GetSQLValueString($_POST['PriceOne'], "int"),
                       GetSQLValueString($_POST['PriceTwo'], "int"),
                       GetSQLValueString($_POST['PriceThr'], "int"),
                       GetSQLValueString($_POST['PriceFour'], "int"),
                       GetSQLValueString($_POST['idProdCode'], "int"));

  mysql_select_db($database_xxxxx, $xxxxx);
  $Result1 = mysql_query($updateSQL, $xxxxxx) or die(mysql_error());

  $updateGoTo = "wicker_view2.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}

$colname_rsWickerDown = "-1";
if (isset($_GET['ID'])) {
  $colname_rsWickerDown = $_GET['ID'];
}
mysql_select_db($database_xxxxx, $xxxx);
$query_rsWickerDown = sprintf("SELECT * FROM WickerOutdoor WHERE idProdCode = %s", GetSQLValueString($colname_rsWickerDown, "int"));
$rsWickerDown = mysql_query($query_rsWickerDown, $casalivi_CASA) or die(mysql_error());
$row_rsWickerDown = mysql_fetch_assoc($rsWickerDown);
$totalRows_rsWickerDown = mysql_num_rows($rsWickerDown);$colname_rsWickerDown = "-1";
if (isset($_GET['ID'])) {
  $colname_rsWickerDown = $_GET['ID'];
}
mysql_select_db($database_xxxxx, $xxxxxx);
$query_rsWickerDown = sprintf("SELECT * FROM WickerOutdoor WHERE idProdCode = %s", GetSQLValueString($colname_rsWickerDown, "int"));
$rsWickerDown = mysql_query($query_rsWickerDown, $casalivi_CASA) or die(mysql_error());
$row_rsWickerDown = mysql_fetch_assoc($rsWickerDown);
$totalRows_rsWickerDown = mysql_num_rows($rsWickerDown);
?>

<?php
$uploadDir = 'img/';

if(isset($_POST['upload']))
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];


$filePath = $uploadDir . $fileName;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}

mysql_select_db($database_xxxxxxx, $xxxxxx);
//include '../library/config.php';
//include '../library/opendb.php';

if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
$filePath = addslashes($filePath);
}

$query = "UPDATE INTO WickerOutdoor (name, size, type, name_loc ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$filePath')";

mysql_query($query) or die('Error, query failed : ' . mysql_error());

//include '../library/closedb.php';

echo "<br>Files uploaded<br>";

}
?>

you could start by doing

if(isset($_FILES['userfile'])){
  foreach($_FILES['userfile'] as $k => $v){
    echo "<br />".$k." = ".$v;
  }
}

which should output a list of the keys and values in $_FILES['userfile'] to check that the data is at least getting there

did that, nothing happened

are you sure you've got a 'file' type input called 'userfile' in your form ?

and that your form has

method="post"

and

enctype="multipart/form-data"

in the opening form tag ?

I will attach my form code for you to see.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/casa_backend.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title></title>
<link href="css/stylesheet.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" type="text/css" href="css/menu_style.css" />
<!-- InstanceBeginEditable name="head" -->
<title>CASA Backend Management</title>
<!-- InstanceEndEditable -->
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div class="HeaderContainerOuter">
  <div class="HeaderContainer">
    <div class="SmallNavContainer"></div>
    <div class="NavContainer">
      <div id="container">
        <ul id="MenuNav" class="MenuBarHorizontal">
          <li><a href="admin_home.php">admin home</a>          </li>
          <li><a href="#" class="MenuBarItemSubmenu">edit profile</a>
            <ul>
              <li><a href="reg.php">user access</a></li>
              <li><a href="about_view.php">about us</a></li>
            </ul>
          </li>
          <li><a class="MenuBarItemSubmenu" href="#">edit product</a>
            <ul>
              <li><a href="wicker_view2.php">wicker &amp; outdoor</a></li>
              <li><a href="table_view.php">tables &amp; chairs</a></li>
              <li><a href="bed_view.php">beds &amp; mattresses</a></li>
              <li><a href="lounges_view.php">lounges</a></li>
              <li><a href="access_view.php">accessories</a></li>
            </ul>
          </li>
          <li><a href="#" class="MenuBarItemSubmenu">edit support</a>
            <ul>
              <li><a href="faq_view.php">edit faq's</a></li>
              <li><a href="warranty_view.php">edit warranty</a></li>
              <li><a href="details.php">edit care</a></li>
              <li><a href="testimonial_admin.php">edit testimonials</a></li>
            </ul>
          </li>
          <li><a href="#" class="MenuBarItemSubmenu">contact info</a>
            <ul>
              <li><a href="contact.php">edit contact info</a></li>
            </ul>
          </li>
        </ul>
      </div>
    </div>
  </div>
</div>
<div class="ContentContainerOuter"> 
<div class="ContentContainerText"><!-- InstanceBeginEditable name="Body" -->
  <span class="setting">Wicker &amp; Outdoor Furniture Details Update<br />
  </span><br />
    If you need to change the details of one of the Wicker Products, you can do that in this form.
    <form action="<?php echo $editFormAction; ?>" method="POST" enctype="multipart/form-data" name="form1" id="form1">
      <input type="hidden" name="MM_update" value="form1" />
      <table width="580" border="0" align="center" cellpadding="1" cellspacing="1" class="table">
        <tr>
          <td width="128"><label for="ProductName">Product Name</label></td>
          <td width="258" bgcolor="#CCCCCC"><input name="ProductName" type="text" id="ProductName" value="<?php echo $row_rsWickerDown['ProductName']; ?>" size="40" /></td>
          <td width="56">&nbsp;</td>
          <td width="125">&nbsp;</td>
        </tr>
        <tr>
          <td>Product Size 1</td>
          <td bgcolor="#CCCCCC"><input name="P_sizeOne" type="text" id="P_sizeOne" value="<?php echo $row_rsWickerDown['P_sizeOne']; ?>" size="40" /></td>
          <td>Price</td>
          <td bgcolor="#CCCCCC"><input name="PriceOne" type="text" id="PriceOne" value="<?php echo $row_rsWickerDown['PriceOne']; ?>" size="15" /></td>
        </tr>
        <tr>
          <td>Product Size 2</td>
          <td bgcolor="#CCCCCC"><input name="P_sizeTwo" type="text" id="P_sizeTwo" value="<?php echo $row_rsWickerDown['P_sizeTwo']; ?>" size="40" /></td>
          <td>Price</td>
          <td bgcolor="#CCCCCC"><input name="PriceTwo" type="text" id="PriceTwo" value="<?php echo $row_rsWickerDown['PriceTwo']; ?>" size="15" /></td>
        </tr>
        <tr>
          <td>Product Size 3</td>
          <td bgcolor="#CCCCCC"><input name="P_sizeThr" type="text" id="P_sizeThr" value="<?php echo $row_rsWickerDown['P_sizeThr']; ?>" size="40" /></td>
          <td>Price</td>
          <td bgcolor="#CCCCCC"><input name="PriceThr" type="text" id="PriceThr" value="<?php echo $row_rsWickerDown['PriceThr']; ?>" size="15" /></td>
        </tr>
        <tr>
          <td>Product Size 4</td>
          <td bgcolor="#CCCCCC"><input name="P_sizeFour" type="text" id="P_sizeFour" value="<?php echo $row_rsWickerDown['P_sizeFour']; ?>" size="40" /></td>
          <td>Price</td>
          <td bgcolor="#CCCCCC"><input name="PriceFour" type="text" id="PriceFour" value="<?php echo $row_rsWickerDown['PriceFour']; ?>" size="15" /></td>
        </tr>
        <tr>
          <td>&nbsp;</td>
          <td colspan="2">(All prices include chairs, Table height is 77cm)</td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td>Colour</td>
          <td><input name="Colour" type="text" id="Colour" value="<?php echo $row_rsWickerDown['Colour']; ?>" size="40" /></td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td>Description</td>
          <td bgcolor="#CCCCCC"><textarea name="Description" id="Description" cols="40" rows="5"><?php echo $row_rsWickerDown['Description']; ?></textarea></td>
          <td>&nbsp;</td>
          <td></td>
        </tr>
        <tr>
          <td>Dimensions</td>
          <td bgcolor="#CCCCCC"><input name="DImensions" type="text" id="DImensions" value="<?php echo $row_rsWickerDown['Dimensions']; ?>" size="40" /></td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td>Materials</td>
          <td bgcolor="#CCCCCC"><textarea name="Materials" id="Materials" cols="40" rows="3"><?php echo $row_rsWickerDown['Materials']; ?></textarea></td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td>Select Image</td>
          <td bgcolor="#CCCCCC"><input name="userfile" type="file" id="userfile"  />
          <input type="hidden" name="MAX_FILE_SIZE" value="2000000" /></td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td><input name="upload" type="submit" class="button" id="upload" value=" Upload " /></td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td><input name="idProdCode" type="hidden" id="idProdCode" value="<?php echo $row_rsWickerDown['idProdCode']; ?>" /></td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
          <td>&nbsp;</td>
        </tr>
      </table>
    </form><!-- InstanceEndEditable -->
<br />
  <table width="400" border="0" align="center" cellpadding="1" class="shopheader_categorytree">
    <tr>
      <td><div align="center"><a href="index.php">home</a></div></td>
      <td align="center"><a href="contact.php">contact us</a></td>
      <td><a href="logout.php">log out</a></td>
    </tr>
  </table>
</div>
</div>
<div class="FooterContainerOuter">
<div class="FooterContainer">
  <br />
  <table width="611" border="0" align="center" cellpadding="1">
    <tr>
      <td align="center"><p><img src="images/call.jpg" alt="Call: 0466 110 109" width="192" height="25" /></p>
        <p>© 2010 casa collezione<br />
        <strong>abn: </strong>61 134 546 704</p></td>
    </tr>
  </table>
  <p>&nbsp;</p> 
  </div>
</div>
<script type="text/javascript">
var MenuBar1 = new Spry.Widget.MenuBar("MenuNav", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
</script>
</body>
<!-- InstanceEnd --></html>

Hi Guys

Have seemed to get it working. Added in extra code that deals with "userfile" and re-worked the UPDATe code. I will attach so that you can see.

However when I go to update now, the form needs the an image to be selected to update. I only want to have to upload an image if it needs to be changed. Any ideas on how I would accomplish this.

Thanks again for everyone who has been trying to help. Code below.

<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
  $updateSQL = sprintf("UPDATE WickerOutdoor SET ProductName=%s, Materials=%s, P_sizeOne=%s, P_sizeTwo=%s, P_sizeThr=%s, P_sizeFour=%s, Colour=%s, Description=%s, Dimensions=%s, PriceOne=%s, PriceTwo=%s, PriceThr=%s, PriceFour=%s WHERE idProdCode=%s",
                       GetSQLValueString($_POST['ProductName'], "text"),
                       GetSQLValueString($_POST['Materials'], "text"),
                       GetSQLValueString($_POST['P_sizeOne'], "text"),
                       GetSQLValueString($_POST['P_sizeTwo'], "text"),
                       GetSQLValueString($_POST['P_sizeThr'], "text"),
                       GetSQLValueString($_POST['P_sizeFour'], "text"),
                       GetSQLValueString($_POST['Colour'], "text"),
					   GetSQLValueString($_POST['Description'], "text"),
                       GetSQLValueString($_POST['DImensions'], "text"),
                       GetSQLValueString($_POST['PriceOne'], "int"),
                       GetSQLValueString($_POST['PriceTwo'], "int"),
                       GetSQLValueString($_POST['PriceThr'], "int"),
                       GetSQLValueString($_POST['PriceFour'], "int"),
                       GetSQLValueString($_POST['idProdCode'], "int"));


				   $uploadDir = 'img/';

if(isset($_POST['upload']))
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];


$filePath = $uploadDir . $fileName;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}

mysql_select_db($database_casalivi_CASA, $casalivi_CASA);
//include '../library/config.php';
//include '../library/opendb.php';

if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
$filePath = addslashes($filePath);
}

//set query that updates the photo field
$query = "UPDATE WickerOutdoor SET name='". $_FILES['fileName'] ."', size='". $_FILES['fileSize'] ."', type='".  $_FILES['fileType'] ."', name_loc='". $_FILES['filePath'] ."' WHERE idProdCode='".$idProdCode."'";    

mysql_query($query) or die('Error, query failed : ' . mysql_error());
}



  mysql_select_db($database_casalivi_CASA, $casalivi_CASA);
  $Result1 = mysql_query($updateSQL, $casalivi_CASA) or die(mysql_error());

  $updateGoTo = "wicker_view2.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}

$colname_rsWickerDown = "-1";
if (isset($_GET['ID'])) {
  $colname_rsWickerDown = $_GET['ID'];
}
mysql_select_db($database_casalivi_CASA, $casalivi_CASA);
$query_rsWickerDown = sprintf("SELECT * FROM WickerOutdoor WHERE idProdCode = %s", GetSQLValueString($colname_rsWickerDown, "int"));
$rsWickerDown = mysql_query($query_rsWickerDown, $casalivi_CASA) or die(mysql_error());
$row_rsWickerDown = mysql_fetch_assoc($rsWickerDown);
$totalRows_rsWickerDown = mysql_num_rows($rsWickerDown);$colname_rsWickerDown = "-1";
if (isset($_GET['ID'])) {
  $colname_rsWickerDown = $_GET['ID'];
}
mysql_select_db($database_casalivi_CASA, $casalivi_CASA);
$query_rsWickerDown = sprintf("SELECT * FROM WickerOutdoor WHERE idProdCode = %s", GetSQLValueString($colname_rsWickerDown, "int"));
$rsWickerDown = mysql_query($query_rsWickerDown, $casalivi_CASA) or die(mysql_error());
$row_rsWickerDown = mysql_fetch_assoc($rsWickerDown);
$totalRows_rsWickerDown = mysql_num_rows($rsWickerDown);
?>