you are not setting up the variables anywhere that you want to insert into the database
these are not defined in your script
$query = "UPDATE products SET name = '$name', location = '$location', date_of_birth='$date_of_birth', car_number='$car_number', favourite_track='$favourite_track', least_favourite_track='$least_favourite_track', achievements='$achievements', achievements='$achievements' email='$email', image='$image' WHERE id = '$id'";
igorek;10963934 wrote:you are not setting up the variables anywhere that you want to insert into the database
these are not defined in your script
$query = "UPDATE products SET name = '$name', location = '$location', date_of_birth='$date_of_birth', car_number='$car_number', favourite_track='$favourite_track', least_favourite_track='$least_favourite_track', achievements='$achievements', achievements='$achievements' email='$email', image='$image' WHERE id = '$id'";
isnt the POST meant to do that or do i need to change toe GET?
$POST is a super global variable so is $GET and $_FILES
you can see the contents of the super global variable by printing it. Since its an array you can use the print_r($_POST); for example
if you do
<pre>
<?php print_r($_POST); ?>
</pre>
you will see the actual values you are passing to next page.
If your variables are the same names as the names of the input fields you can use the extract($_POST); function. this will give you variable names like $name if your <input name='name' /> .
or you will have to get the variable from the post array like
$name = $_POST['name'] ;
But make sure to validate the data before inserting it into the database like using the
foreach($POST as $key => $value):
$POST[$key] = mysql_real_escape_string($value);
endforeach;
so you dont get the MySQL errors. Let me know how you do.
igorek wrote:If your variables are the same names as the names of the input fields you can use the extract($_POST); function.
Note that doing this is basically going to replicate the effects of the dreaded register_globals directive. If you'll take a quick gander at this manual page: [man]security.globals[/man] you'll see that this isn't a good thing to do.
igorek wrote:But make sure to validate the data before inserting it into the database like using the
foreach($POST as $key => $value):
$POST[$key] = mysql_real_escape_string($value);
endforeach;
Two problems with that type of approach: 1) you destroy the original copy of the data (for example, if you later tried to echo "Thanks, $_POST[name]!" then you might see "Thanks, Rosie O\'Donnel!"), and 2) mysql_real_escape_string() is only meant to sanitize string data (hence why it's in the name of the function) - using it to sanitize numeric data isn't appropriate/sufficient.
is that what u mean adding these on the form
$id = $_GET['id'] ;
$name = $_POST['name'];
$location = $_POST['location'];
$date_of_birth = $_POST['date_of_birth'];
$car_number = $_POST['car_number'];
$favourite_track = $_POST['favourite_track'];
$least_favourite_track = $_POST['least_favourite_track'];
$achievements = $_POST['achievements'];
$sponsors = $_POST['sponsors'];
$email = $_POST['email'];
$image = $_FILES['image'];igorek;10963937 wrote:$POST is a super global variable so is $GET and $_FILES
you can see the contents of the super global variable by printing it. Since its an array you can use the print_r($_POST); for example
if you do
<pre>
<?php print_r($_POST); ?>
</pre>you will see the actual values you are passing to next page.
If your variables are the same names as the names of the input fields you can use the extract($_POST); function. this will give you variable names like $name if your <input name='name' /> .
or you will have to get the variable from the post array like
$name = $_POST['name'] ;But make sure to validate the data before inserting it into the database like using the
foreach($POST as $key => $value):
$POST[$key] = mysql_real_escape_string($value);
endforeach;so you dont get the MySQL errors. Let me know how you do.
i had that line and this what is showing stil not updateing thou
Array ( [id] => 81 [name] => rose [location] => location [date_of_birth] => dateof [car_number] => carnumber [favourite_track] => favourite [least_favourite_track] => least [achievements] => achivements [sponsors] => sponsors [email] => dnt [Update] => Submit )
so do i insert this on the action script??? welll i did bt didnt wrk so i'm guessing thats not what u mean
foreach($_POST as $key => $value):
$_POST[$key] = mysql_real_escape_string($value);
endforeach;print your $sql statement
@ I didnt mean to say validate I just meant to say escape the strings so you dont get the mysql error back. If you wanted to validate yes this function would not work it wont even tell you if the value is a string or Is_numeric(), extract yes does pose a security issue, but you can prefix variables OR you can tell it not to overwrite existing ones. I brought it up because it is a very useful tool to have on your belt when developing in PHP
because arrays play a huge role
igorek;10963949 wrote:print your $sql statement
dnt understand and whats the link for??
i didnt post the link the forum does that ... >< anyways you need to print your INSERT or UPDATE statement with all the variables intact and see if they go into the statement.
do u mean echo the update data??? is an update form
ok i getting confused now let restart right now the code is only doing the first part of the whole script which is unlink the image from the directory. this how is looking so far
modifyform.php
<?php
define('ROOT_DIR', './');
define('THIS_SCRIPT', 'news');
define('PROPER', TRUE);
/**
* include common files
*/
include_once(ROOT_DIR. 'includes/common.inc.php');
?>
<?php
// query to get records
$id = $_GET['id'] ;
$name = $_POST['name'];
$location = $_POST['location'];
$date_of_birth = $_POST['date_of_birth'];
$car_number = $_POST['car_number'];
$favourite_track = $_POST['favourite_track'];
$least_favourite_track = $_POST['least_favourite_track'];
$achievements = $_POST['achievements'];
$sponsors = $_POST['sponsors'];
$email = $_POST['email'];
$image = $_FILES['image'];
// create query to delete record
$query = "SELECT id, name, location, date_of_birth, car_number, favourite_track, least_favourite_track, achievements, sponsors, email, image FROM driversnew WHERE id = '$id' ";
//Run the query
$result = mysql_query($query);
//see if any rows were returned
if (mysql_num_rows($result) > 0) { // yes - Display Form
$row = mysql_fetch_array($result); //Fetch the row
//Display the form with original values
?>
<form action = 'modifydriveraction.php?drivers=<?php echo $row['id']; ?>' method="POST" enctype="multipart/form-data">
<p>ID: <input readonly="yes" name="id" type="text" value=<?php print $row["id"] ?> size="5" >
This has been made 'readonly' as cannot amend key field </p>
<p>dnt know: <input type="text" cols="40" rows="1" name="name" value=<?php print $row["name"] ?> ></p>
<p>name: <input type="text" name="location" value=<?php print $row["location"] ?> ></p>
<p>Artical: <input type="text" name="date_of_birth" value=<?php print $row["date_of_birth"] ?> ></p>
<p>Date: <input type="text" cols="40" rows="1" name="car_number" value=<?php print $row["car_number"] ?> ></p>
<p>Subject: <input type="text" name="favourite_track" value=<?php print $row["favourite_track"] ?> ></p>
<p>Artical: <input type="text" name="least_favourite_track" value=<?php print $row["least_favourite_track"] ?> ></p>
<p>Date: <input type="text" cols="40" rows="1" name="achievements" value=<?php print $row["achievements"] ?> ></p>
<p>Subject: <input type="text" name="sponsors" value=<?php print $row["sponsors"] ?> ></p>
<p>Date: <input type="text" cols="40" rows="1" name="email" value=<?php print $row["email"] ?> ></p>
<p>Subject: <input type="text" name="sponsors" value=<?php print $row["sponsors"] ?> ></p>
<p>image: <input type="file" name="image" value=<?php print $row["image"] ?> ></p>
<?php echo '<td><img class="picture" src="images/' . $row['image'] . ' " width="120" height="120 " /></td> '; ?>
<p><input type="submit" value="Submit" name="Update" > </p>
</form>
<?php
} //End if rows returned
//No rows returned
else print "No records were found";
?>
</body>
</html>
modifyaction.php
<?php
define('ROOT_DIR', './');
define('PROPER', TRUE);
/**
* include common files
*/
include_once(ROOT_DIR. 'includes/common.inc.php');
// No album id has been selected
if (isset($_GET['drivers']))
{
// get the image file name so we
// can delete it from the server
$sql = "SELECT id, image
FROM driversnew
WHERE id = {$_GET['drivers']}";
$result = mysql_query($sql)
or die('Delete photo failed. ' . mysql_error());
if (mysql_num_rows($result) == 1) {
$row = mysql_fetch_assoc($result);
define("GALLERY_IMG_DIR", "./images/");
// remove the image and the thumbnail from the server
unlink(GALLERY_IMG_DIR . $row['image']);
unlink(GALLERY_IMG_DIR . 'thumbs/' . $row['image']);
// and then remove the database entry
print_r($_POST);
}
}
foreach($_POST as $key => $value):
$_POST[$key] = mysql_real_escape_string($value);
endforeach;
/////////// this where the upload script starts/////////// this where the upload script starts//////// this where the upload script starts
//define a maxim size for the uploaded images
define ("MAX_SIZE","100");
// define the width and height for the thumbnail
// note that theese dimmensions are considered the maximum dimmension and are not fixed,
// because we have to keep the image ratio intact or it will be deformed
define ("WIDTH","150");
define ("HEIGHT","100");
// this is the function that will create the thumbnail image from the uploaded image
// the resize will be done considering the width and height defined, but without deforming the image
function make_thumb($img_name,$filename,$new_w,$new_h)
{
//get image extension.
$ext=getExtension($img_name);
//creates the new image using the appropriate function from gd library
if(!strcmp("jpg",$ext) || !strcmp("jpeg",$ext))
$src_img=imagecreatefromjpeg($img_name);
if(!strcmp("png",$ext))
$src_img=imagecreatefrompng($img_name);
//gets the dimmensions of the image
$old_x=imageSX($src_img);
$old_y=imageSY($src_img);
// next we will calculate the new dimmensions for the thumbnail image
// the next steps will be taken:
// 1. calculate the ratio by dividing the old dimmensions with the new ones
// 2. if the ratio for the width is higher, the width will remain the one define in WIDTH variable
// and the height will be calculated so the image ratio will not change
// 3. otherwise we will use the height ratio for the image
// as a result, only one of the dimmensions will be from the fixed ones
$ratio1=$old_x/$new_w;
$ratio2=$old_y/$new_h;
if($ratio1>$ratio2) {
$thumb_w=$new_w;
$thumb_h=$old_y/$ratio1;
}
else {
$thumb_h=$new_h;
$thumb_w=$old_x/$ratio2;
}
// we create a new image with the new dimmensions
$dst_img=ImageCreateTrueColor($thumb_w,$thumb_h);
// resize the big image to the new created one
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
// output the created image to the file. Now we will have the thumbnail into the file named by $filename
if(!strcmp("png",$ext))
imagepng($dst_img,$filename);
else
imagejpeg($dst_img,$filename);
//destroys source and destination images.
imagedestroy($dst_img);
imagedestroy($src_img);
}
// This function reads the extension of the file.
// It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
// This variable is used as a flag. The value is initialized with 0 (meaning no error found)
//and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.
$errors=0;
// checks if the form has been submitted
if(isset($_POST['Submit']))
{
//reads the name of the file the user submitted for uploading
$image=$_FILES['image']['name'];
// if it is not empty
if ($image)
{
// get the original name of the file from the clients machine
$filename = stripslashes($_FILES['image']['name']);
// get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
// if it is not a known extension, we will suppose it is an error, print an error message
//and will not upload the file, otherwise we continue
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png"))
{
echo '<h1>Unknown extension!</h1>';
$errors=1;
}
else
{
// get the size of the image in bytes
// $_FILES[\'image\'][\'tmp_name\'] is the temporary filename of the file in which the uploaded file was stored on the server
$size=getimagesize($_FILES['image']['tmp_name']);
$sizekb=filesize($_FILES['image']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($sizekb > MAX_SIZE*1024)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}
//we will give an unique name, for example the time in unix time format
$image_name=time().'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="images/".$image_name;
$copied = copy($_FILES['image']['tmp_name'], $newname);
//we verify if the image has been uploaded, and print error instead
if (!$copied)
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}
else
{
// the new thumbnail image will be placed in images/thumbs/ folder
$thumb_name='images/thumbs/'.$image_name;
// call the function that will create the thumbnail. The function will get as parameters
//the image name, the thumbnail name and the width and height desired for the thumbnail
$thumb=make_thumb($newname,$thumb_name,WIDTH,HEIGHT);
}} }}
//If no errors registred, print the success message and show the thumbnail image created
if(isset($_POST['Submit']) && !$errors)
{
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("eurico_edy", $con);
$query = "UPDATE products SET name = '$name', location = '$location', date_of_birth='$date_of_birth', car_number='$car_number', favourite_track='$favourite_track', least_favourite_track='$least_favourite_track', achievements='$achievements', achievements='$achievements' email='$email', image='$image' WHERE id = '$id'";
echo "<h1>Thumbnail created Successfully!</h1>";
echo '<img src="'.$thumb_name.'">';
echo ''.$newname.'';
mysql_close($con);
}
?>
which part instruction i'm missing?????
print $query = "UPDATE products SET name = '$name', location = '$location', date_of_birth='$date_of_birth', car_number='$car_number', favourite_track='$favourite_track', least_favourite_track='$least_favourite_track', achievements='$achievements', achievements='$achievements' email='$email', image='$image' WHERE id = '$id'";
I appologize I am use to calling it $sql now >< (structured query language)
put the $_POST variables into the modifyaction.php since thats where you are building your query and where you are missing the variables.
do u mean put this on the modifyaction.php page???
$id = $_GET['id'] ;
$name = $_POST['name'];
$location = $_POST['location'];
$date_of_birth = $_POST['date_of_birth'];
$car_number = $_POST['car_number'];
$favourite_track = $_POST['favourite_track'];
$least_favourite_track = $_POST['least_favourite_track'];
$achievements = $_POST['achievements'];
$sponsors = $_POST['sponsors'];
$email = $_POST['email'];
$image = $_FILES['image'];this is how is looking so far if anyone can find a spot of whats going wrong prtoblem is at the end the update query is not working
<?php
define('ROOT_DIR', './');
define('PROPER', TRUE);
/**
* include common files
*/
include_once(ROOT_DIR. 'includes/common.inc.php');
// No album id has been selected
if (isset($_GET['drivers']))
{
// get the image file name so we
// can delete it from the server
$sql = "SELECT id, image
FROM driversnew
WHERE id = {$_GET['drivers']}";
$result = mysql_query($sql)
or die('Delete photo failed. ' . mysql_error());
if (mysql_num_rows($result) == 1) {
$row = mysql_fetch_assoc($result);
define("GALLERY_IMG_DIR", "./images/");
// remove the image and the thumbnail from the server
unlink(GALLERY_IMG_DIR . $row['image']);
unlink(GALLERY_IMG_DIR . 'thumbs/' . $row['image']);
// and then remove the database entry
print_r($_POST);
}
}
$id = $_GET['id'] ;
$name = $_POST['name'];
$location = $_POST['location'];
$date_of_birth = $_POST['date_of_birth'];
$car_number = $_POST['car_number'];
$favourite_track = $_POST['favourite_track'];
$least_favourite_track = $_POST['least_favourite_track'];
$achievements = $_POST['achievements'];
$sponsors = $_POST['sponsors'];
$email = $_POST['email'];
$image = $_FILES['image'];
/////////// this where the upload script starts/////////// this where the upload script starts//////// this where the upload script starts
/////////// this where the upload script starts/////////// this where the upload script starts//////// this where the upload script starts
//define a maxim size for the uploaded images
define ("MAX_SIZE","100");
// define the width and height for the thumbnail
// note that theese dimmensions are considered the maximum dimmension and are not fixed,
// because we have to keep the image ratio intact or it will be deformed
define ("WIDTH","150");
define ("HEIGHT","100");
// this is the function that will create the thumbnail image from the uploaded image
// the resize will be done considering the width and height defined, but without deforming the image
function make_thumb($img_name,$filename,$new_w,$new_h)
{
//get image extension.
$ext=getExtension($img_name);
//creates the new image using the appropriate function from gd library
if(!strcmp("jpg",$ext) || !strcmp("jpeg",$ext))
$src_img=imagecreatefromjpeg($img_name);
if(!strcmp("png",$ext))
$src_img=imagecreatefrompng($img_name);
//gets the dimmensions of the image
$old_x=imageSX($src_img);
$old_y=imageSY($src_img);
// next we will calculate the new dimmensions for the thumbnail image
// the next steps will be taken:
// 1. calculate the ratio by dividing the old dimmensions with the new ones
// 2. if the ratio for the width is higher, the width will remain the one define in WIDTH variable
// and the height will be calculated so the image ratio will not change
// 3. otherwise we will use the height ratio for the image
// as a result, only one of the dimmensions will be from the fixed ones
$ratio1=$old_x/$new_w;
$ratio2=$old_y/$new_h;
if($ratio1>$ratio2) {
$thumb_w=$new_w;
$thumb_h=$old_y/$ratio1;
}
else {
$thumb_h=$new_h;
$thumb_w=$old_x/$ratio2;
}
// we create a new image with the new dimmensions
$dst_img=ImageCreateTrueColor($thumb_w,$thumb_h);
// resize the big image to the new created one
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
// output the created image to the file. Now we will have the thumbnail into the file named by $filename
if(!strcmp("png",$ext))
imagepng($dst_img,$filename);
else
imagejpeg($dst_img,$filename);
//destroys source and destination images.
imagedestroy($dst_img);
imagedestroy($src_img);
}
// This function reads the extension of the file.
// It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
// This variable is used as a flag. The value is initialized with 0 (meaning no error found)
//and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded.
$errors=0;
// checks if the form has been submitted
if(isset($_POST['Submit']))
{
//reads the name of the file the user submitted for uploading
$image=$_FILES['image']['name'];
// if it is not empty
if ($image)
{
// get the original name of the file from the clients machine
$filename = stripslashes($_FILES['image']['name']);
// get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
// if it is not a known extension, we will suppose it is an error, print an error message
//and will not upload the file, otherwise we continue
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png"))
{
echo '<h1>Unknown extension!</h1>';
$errors=1;
}
else
{
// get the size of the image in bytes
// $_FILES[\'image\'][\'tmp_name\'] is the temporary filename of the file in which the uploaded file was stored on the server
$size=getimagesize($_FILES['image']['tmp_name']);
$sizekb=filesize($_FILES['image']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($sizekb > MAX_SIZE*1024)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}
//we will give an unique name, for example the time in unix time format
$image_name=time().'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="images/".$image_name;
$copied = copy($_FILES['image']['tmp_name'], $newname);
//we verify if the image has been uploaded, and print error instead
if (!$copied)
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}
else
{
// the new thumbnail image will be placed in images/thumbs/ folder
$thumb_name='images/thumbs/'.$image_name;
// call the function that will create the thumbnail. The function will get as parameters
//the image name, the thumbnail name and the width and height desired for the thumbnail
$thumb=make_thumb($newname,$thumb_name,WIDTH,HEIGHT);
}} }}
//If no errors registred, print the success message and show the thumbnail image created
$query = "UPDATE driversnew SET name = '$name', location = '$location', date_of_birth='$date_of_birth', car_number='$car_number', favourite_track='$favourite_track', least_favourite_track='$least_favourite_track', achievements='$achievements', achievements='$achievements' email='$email', image='$image' WHERE id = '$id'";
echo "<h1>Thumbnail created Successfully!</h1>";
echo '<img src="'.$thumb_name.'">';
echo ''.$name.'';
echo ''.$location.'';
?>
almost perfect but just one issue not uploading the new image i wonder if is cz on the part upload script that changes the image variable to $image_name
because on the upload script i have, thats a different one thats the insert one i have like this
mysql_query("INSERT INTO driversnew (id, image)
VALUES ('$_POST[id]', '$image_name')");so do i need to change the Update one with something like this?? change the image to image='$image_namecz current is like this??
$query = "UPDATE driversnew SET name = '$name', image='$image' WHERE id = '$id'";upload image send into send instead the word Array why??
Looks like you
$image=$_FILES['image'];
/* ... */
$query = "UPDATE driversnew SET name = '$name', image='$image' WHERE id = '$id'";
johanafm;10963997 wrote:Looks like you
$image=$_FILES['image']; /* ... */ $query = "UPDATE driversnew SET name = '$name', image='$image' WHERE id = '$id'";
i dnt understand ur comment looks like what???