PHP - Can't Use Sql Quert Insert Into And Upload An Image In The Same File

Hi I am new to PHP...
I wanted to design a banner.. the require data should be entered by user like Name of a banner, Details as well as Image to display on it.

I think for this I may need to use file upload option.. I tried this but $Files not working for me... some times its shows diff errors on diff browsers, I am new to PHP I dont know what is the prob.

I dont have any code on this... if anyone have any tutorial on this, that will be the gr8 help as I am trying to solve this from last 1 and 1/2 week..

I used http://www.tizag.com/phpT/fileupload.php
its showing error msg There was an error uploading the file, please try again!

Thanks in adavnce

I have a flash application that calls php script to do the image file upload and save the image in jpg format in thumbnail size. I swear it worked at one time, and then as I tried to figure out how to covert other image formats that are not currently built-in in php library (createimagefrom... functions), I played around with it a little bit, then it doesn't upload file any more!!! What I got, is that NONE of the image files is saved in my designated image folders, subsequently the flash application comes up with a broken image link.  PLEASE HELP! MANY THANKS!

Here's the relevant flash code:
Code: [Select]
private function uploadFiles():void
{
var curTime:Date = new Date();
timeStamp = curTime.valueOf().toString();
var variables:URLVariables = new URLVariables("timeStamp=" + timeStamp);

  var request:URLRequest = new URLRequest(ModelLocator.getInstance().serverPath+"uploadArtImages.php");
request.method = URLRequestMethod.POST;
request.data = variables;
file.upload(request);
  Application.application.showLoading();
}
Here's my php script: (it's really a simple script, a big chunk of it is just some functions that does error checking and image conversions)


<?php

$timeStamp = $_POST['timeStamp'];
$file = $_FILES['Filedata'];
$tempFile = $file['tmp_name'];
$fileName = $file['name'];
$fileSize = $file['size'];

$errorCode = 0; //0: success
$allowedExtensions = array("jpg", "bmp", "png", "gif", "tif", "ps", "eps", "pdf");
$mime = array('image/gif' => 'gif',
                  'image/jpeg' => 'jpg',
                  'image/png' => 'png',
                  'application/x-shockwave-flash' => 'swf',
                  'image/psd' => 'psd',
                  'image/bmp' => 'bmp',
                  'image/tiff' => 'tif',
                  'image/jp2' => 'jp2',
                  'image/iff' => 'iff',
                  'image/vnd.wap.wbmp' => 'bmp',
                  'image/xbm' => 'xbm',
                  'image/vnd.microsoft.icon' => 'ico');

public function imagecreatefrombmp($p_sFile)
{
        //    Load the image into a string
        $file    =    fopen($p_sFile,"rb");
        $read    =    fread($file,10);
        while(!feof($file)&&($read<>""))
            $read    .=    fread($file,1024);
       
        $temp    =    unpack("H*",$read);
        $hex    =    $temp[1];
        $header    =    substr($hex,0,108);
       
        //    Process the header
        //    Structu  http://www.fastgraph.com/help/bmp_header_format.html
        if (substr($header,0,4)=="424d")
        {
            //    Cut it in parts of 2 bytes
            $header_parts    =    str_split($header,2);
           
            //    Get the width        4 bytes
            $width            =    hexdec($header_parts[19].$header_parts[18]);
           
            //    Get the height        4 bytes
            $height            =    hexdec($header_parts[23].$header_parts[22]);
           
            //    Unset the header params
            unset($header_parts);
        }
       
        //    Define starting X and Y
        $x                =    0;
        $y                =    1;
       
        //    Create newimage
        $image            =    imagecreatetruecolor($width,$height);
       
        //    Grab the body from the image
        $body            =    substr($hex,108);

        //    Calculate if padding at the end-line is needed
        //    Divided by two to keep overview.
        //    1 byte = 2 HEX-chars
        $body_size        =    (strlen($body)/2);
        $header_size    =    ($width*$height);

        //    Use end-line padding? Only when needed
        $usePadding        =    ($body_size>($header_size*3)+4);
       
        //    Using a for-loop with index-calculation instaid of str_split to avoid large memory consumption
        //    Calculate the next DWORD-position in the body
        for ($i=0;$i<$body_size;$i+=3)
        {
            //    Calculate line-ending and padding
            if ($x>=$width)
            {
                //    If padding needed, ignore image-padding
                //    Shift i to the ending of the current 32-bit-block
                if ($usePadding)
                    $i    +=    $width%4;
               
                //    Reset horizontal position
                $x    =    0;
               
                //    Raise the height-position (bottom-up)
                $y++;
               
                //    Reached the image-height? Break the for-loop
                if ($y>$height)
                    break;
            }
           
            //    Calculation of the RGB-pixel (defined as BGR in image-data)
            //    Define $i_pos as absolute position in the body
            $i_pos    =    $i*2;
            $r        =    hexdec($body[$i_pos+4].$body[$i_pos+5]);
            $g        =    hexdec($body[$i_pos+2].$body[$i_pos+3]);
            $b        =    hexdec($body[$i_pos].$body[$i_pos+1]);
           
            //    Calculate and draw the pixel
            $color    =    imagecolorallocate($image,$r,$g,$b);
            imagesetpixel($image,$x,$height-$y,$color);
           
            //    Raise the horizontal position
            $x++;
        }
       
        //    Unset the body / free the memory
        unset($body);
       
        //    Return image-object
        return $image;
}

function ValidateImageFile($input_file, &$width, &$height, &$type) {
  global $allowedExtensions;
  global $mime;
  global $errorCode;
  
  $errorCode = 0; //reset
  $width = 0;
  $height = 0;
  $type = 0;
  $file_info = getimagesize($input_file['tmp_name']);
  if(!$file_info || empty($file_info)) { // No Image?
    //$error = "The uploaded file doesn't seem to be an image.";
    $errorCode = 1;
    return FALSE;
  } else { // An Image? check extension
    // Get File Extension (if any)
    $file_name = $input_file['name'];
    $dotExt = strrchr($file_name, ".");
    if (!$dotExt) { //no extension found
     $errorCode = 2;
     return FALSE;
    } else {
     $ext = strtolower(substr($dotExt, 1));
     $ext = ($ext == 'jpeg') ? 'jpg' : $ext; //convert jpeg to jpg
     $ext = ($ext == 'tiff') ? 'tif' : $ext;
      if(!in_array($ext, $allowedExtensions)) { //has extension, but invalid
        //$error .= "You must upload a file with one of the following extensions: ".$exts;
        $errorCode = 2;
        return FALSE;
      } else {
        $file_mime = $file_info['mime'];        
        //if($ext == 'jpc' || $ext == 'jpx' || $ext == 'jb2') {
        //  $extension = $ext;
        //} else {
        //  $extension = ($mime[$file_mime] == 'jpeg') ? 'jpg' : $mime[$file_mime];
        //}
        //if(!$extension) {
        //  $extension = '';
        //  $file_name = str_replace('.', '', $file_name);
        //}
        if (strcmp($mime[$file_mime], $ext)) {
         $errorCode = 3;
         return FALSE; //strcmp non zero, mime type doesn't match ext, error!
        }
    }
  }
}
  $width = $file_info[0];
  $height = $file_info[1];
  $type = $file_info[2];
  return TRUE;
}

//  $w_dst = maximum width of thumbnail
//  $h_dst = maximum height of thumbnail
//  $n_img = new thumbnail name
function ConvertPic($w_dst, $h_dst, $new_img, $file_src, $w_src, $h_src, $type_src)
{
ini_set('memory_limit', '100M');   //  handle large images
   unlink($new_img);         //  remove old images if present
  
   if ($w_src > $w_dst || $h_src > $h_dst) {
   $ratio = $w_src/$h_src;
   if ($w_dst/$h_dst > $ratio) {$w_dst = floor($h_dst*$ratio);} else {$h_dst = floor($w_dst/$ratio);}
  } else {
   $w_dst = $w_src;
   $h_dst = $h_src;
  }

   switch ($type_src)
     {case 1: //IMAGETYPE_GIF:   // 1:  gif -> jpg
        $img_src = imagecreatefromgif($file_src);
        break;
      case 2: //IMAGETYPE_JPEG:   // 2:  jpeg -> jpg
        $img_src = imagecreatefromjpeg($file_src);
        break;
      //case IMAGETYPE_JPEG2000:
      //  $img_src = imagecreatefromjpeg($file_src);
      //  break;
      case 3: //IMAGETYPE_PNG:  // 3:  png -> jpg
        $img_src = imagecreatefrompng($file_src);
        break;
      case IMAGETYPE_WBMP: // wbmp -> jpg
        $img_src = imagecreatefromwbmp($file_src);
        break;
      case IMAGETYPE_XBM:
        $img_src = imagecreatefromxbm($file_src);
        break;
      case IMAGETYPE_BMP:
        $img_src = imagecreatefrombmp($file_src);
        break;
     }
   $img_dst = imagecreatetruecolor($w_dst, $h_dst);  //  resample
  
   imagecopyresampled($img_dst, $img_src, 0, 0, 0, 0, $w_dst, $h_dst, $w_src, $h_src);
   imagejpeg($img_dst, $new_img);    //  save new image, always jpg

   imagedestroy($img_src);       
   imagedestroy($img_dst);
}

$uploadFileName = '';
if($file['error'] == UPLOAD_ERR_OK) {
$width = 0;
$height = 0;
$type = 0;
$dir = "./art_images/";
$dirThumb = "./art_images_thumb/";
  if(ValidateImageFile($file, $width, $height, $type)) {
    # Do uploading here
    // make a unique filename for the uploaded file and check it is not already
    // taken... if it is already taken keep trying until we find a vacant one
    // sample filename: 1140732936-filename.jpg
    //$now = time();
    //$uploadFileName = $now.'-'.$fileName;
    //while(file_exists($dir.$uploadFileName)) {
    //  $now++;
    //  $uploadFileName = $now.'-'.$fileName;
    //}
    $uploadFileName = $timeStamp . '-' . $fileName;
    unlink($dir . $uploadFileName); //make sure there's no exist file
    if (!move_uploaded_file($tempFile, $dir . $uploadFileName)) {
     //echo "cannot move file, nothing uploaded";
     $errorCode = 4;
    } else {
     ConvertPic(150, 150, $dirThumb . $uploadFileName, $dir . $uploadFileName, $width, $height, $type);
     //echo $uploadFileName;
    }
  } else {
   //echo "file not valid" . $errorCode;
  }
} else {
//echo "upload error";
$errorCode = 5;
}

?>

Hi guys, with code below i can upload pictures to database, however i need to limit the file upload. I have this code done with help of php freak forum and i am  a newbie so can u help me please? thanks in advance


if (isset($_POST['register']) && $_POST['register']){
//image1
$nameone=$_FILES['myfileone']['name'];
if ($nameone)

{
$dst_filename = resize_upload_image($_FILES['myfileone'], "images/");
if ($dst_filename !== false) {
extract($dst_filename);
$image1 = mysql_query ("INSERT INTO img SET image='$img_filename', thumb='$thumb_filename', refimage='$reference'");
}
}
}
?>
<form action='' method='POST' enctype='multipart/form-data'>
<p>File:
      <input type='file' name='myfileone'>

Going to try and explain this the best I can but I don't really have the best idea on what's happening here.

I have a submission form for users to fill out their information and upload an image. I've set the file limit size at 500000 which I assumed would be safe for images at 400k or below. When testing locally, any image that is below that file size gets uploaded successfully. However, when testing on my online host/server.. the submission form and data is successfully entered but the image isn't saved at all. It obviously isn't over the size of the file limit I set because it dooesn't return an error.. it successfuly submits but doesn't save or resize my image.

I really have no clue what the problem could be. I went over the variables I set for folder locations to move the image to and everything works fine locally, but once on the host and online, it doesn't happen.

Hi im having trouble with uploading images with spaces in as they dont show up in the browser.
Here is the code:
Code: [Select]
$image = addslashes($_FILES['image']['name']);

 $target = "images/";
 $target = $target . basename( $_FILES['image']['name']);
 
  //Writes the photo to the server
 if(move_uploaded_file($_FILES['image']['tmp_name'], $target))
 {

Any help would be appreciated.

I have this code where I add records:

Code: [Select]
<?php

ini_set('display_errors',1);
error_reporting(-1);

require_once ('./includes/config.inc.php');

require_once (MYSQL);

$add_cat_errors = array();

if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
// Check for a name:
if (empty($_POST['product'])) {
$add_cat_errors['product'] = 'Please enter the name!';
}

// Check for a description:
if (empty($_POST['prod_descr'])) {
$add_cat_errors['prod_descr'] = 'Please enter the description!';
}

// Check for a category:
if (!isset($_POST['cat']) || !filter_var($_POST['cat'], FILTER_VALIDATE_INT, array('min_range' => 1))) {
$add_cat_errors['cat'] = 'Please select a category!';
}

// Check for a price:
if (empty($_POST['price']) || !filter_var($_POST['price'], FILTER_VALIDATE_FLOAT) || ($_POST['price'] <= 0)) {
$add_cat_errors['price'] = 'Please enter a valid price!';
}

// Check for a category:
if (!isset($_POST['directory']) || !filter_var($_POST['directory'], FILTER_VALIDATE_INT, array('min_range' => 1))) {
$add_cat_errors['directory'] = 'Please select a directory!';
}

// Check for an image:
if (is_uploaded_file ($_FILES['image']['tmp_name']) && ($_FILES['image']['error'] == UPLOAD_ERR_OK)) {

$file = $_FILES['image'];

$size = ROUND($file['size']/1024);

// Validate the file size:
if ($size > 512) {
$add_cat_errors['image'] = 'The uploaded file was too large.';
} 

// Validate the file type:
$allowed_mime = array ('image/jpeg', 'image/JPG', 'image/jpg');
$allowed_extensions = array ('.jpg', 'jpeg');
$image_info = getimagesize($file['tmp_name']);
$ext = substr($file['name'], -4);
if ( (!in_array($file['type'], $allowed_mime)) 
||   (!in_array($image_info['mime'], $allowed_mime) ) 
||   (!in_array($ext, $allowed_extensions) ) 
) {
$add_cat_errors['image'] = 'The uploaded file was not of the proper type.';
} 

// Move the file over, if no problems:
if (!array_key_exists('image', $add_cat_errors)) {

// Create a new name for the file:
$new_name = (string) sha1($file['name'] . uniqid('',true));

// Add the extension:
$new_name .= ((substr($ext, 0, 1) != '.') ? ".{$ext}" : $ext);
//$new_name = $dir . '/' . $new_name;
$dest =  "../db/images/$new_name";

// Move the file to its proper folder but add _tmp, just in case:

//$dest =  "../db/images/$new_name";
$dirs = array('full_heads', 'human_hair', 'lip_tattoos', 'ponytails', 'synthetic_hair');

if (move_uploaded_file($file['tmp_name'], $dest)) {

// Store the data in the session for later use:
$_SESSION['image']['new_name'] = $new_name;
$_SESSION['image']['file_name'] = $file['name'];

// Print a message:
echo '<h4>The file has been uploaded!</h4>';

} else {
trigger_error('The file could not be moved.');
unlink ($file['tmp_name']);
}

} // End of array_key_exists() IF.

} elseif (!isset($_SESSION['image'])) { // No current or previous uploaded file.
switch ($_FILES['image']['error']) {
case 1:
case 2:
$add_cat_errors['image'] = 'The uploaded file was too large.';
break;
case 3:
$add_cat_errors['image'] = 'The file was only partially uploaded.';
break;
case 6:
case 7:
case 8:
$add_cat_errors['image'] = 'The file could not be uploaded due to a system error.';
break;
case 4:
default: 
$add_cat_errors['image'] = 'No file was uploaded.';
break;
} // End of SWITCH.

} // End of $_FILES IF-ELSEIF-ELSE.



// Check for a stock:
if (empty($_POST['stock']) || !filter_var($_POST['stock'], FILTER_VALIDATE_INT, array('min_range' => 1))) {
$add_cat_errors['stock'] = 'Please enter the quantity in stock!';
}

if (empty($add_cat_errors))
{
$query = "INSERT INTO product (product, prod_descr, catID, price, dirID, image, stock) VALUES (?, ?, ?, ?, ?, ?, ?)";
// Prepare the statement:
$stmt = mysqli_prepare($dbc, $query);
// For debugging purposes:
// if (!$stmt) echo mysqli_stmt_error($stmt);

// Bind the variables:
mysqli_stmt_bind_param($stmt, 'ssssssi', $name, $desc, $_POST['cat'], $_POST['price'], $_POST['directory'], $_SESSION['image']['new_name'], $_POST['stock']);

// Make the extra variable associations:
$name = strip_tags($_POST['product']);
$desc = strip_tags($_POST['prod_descr']);
// Execute the query:
mysqli_stmt_execute($stmt);

if (mysqli_stmt_affected_rows($stmt) == 1) { // If it ran OK.

// Print a message:
echo '<h4>The product has been added!</h4>';

// Clear $_POST:
$_POST = array();

// Clear $_FILES:
$_FILES = array();

// Clear $file and $_SESSION['image']:
unset($file, $_SESSION['image']);

} else { // If it did not run OK.
trigger_error('The product could not be added due to a system error. We apologize for any inconvenience.');
unlink ($dest);
}

} // End of $errors IF.

} else { // Clear out the session on a GET request:
unset($_SESSION['image']);
} // End of the submission IF.

require_once ('./includes/form_functions.inc.php');
?>

<form enctype="multipart/form-data" action="add_product.php" method="post" accept-charset="utf-8">

<input type="hidden" name="MAX_FILE_SIZE" value="524288" />

Product<br /><?php create_form_input('product', 'text', $add_cat_errors); ?>
           
            Description<br /><?php create_form_input('prod_descr', 'textarea', $add_cat_errors); ?>
           
Category<br /><select name="cat"<?php if (array_key_exists('cat', $add_cat_errors)); ?>>
<option>Select One</option>
<?php // Retrieve all the categories and add to the pull-down menu:
$q = 'SELECT catID, cat FROM category ORDER BY cat ASC';
$r = mysqli_query ($dbc, $q);
while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) {
echo "<option value=\"$row[0]\"";
// Check for stickyness:
if (isset($_POST['cat']) && ($_POST['cat'] == $row[0]) ) echo ' selected="selected"';
echo ">$row[1]</option>\n";
}
?>
</select><?php if (array_key_exists('cat', $add_cat_errors)) echo $add_cat_errors['cat']; ?>
           
            Price<br /><?php create_form_input('price', 'text', $add_cat_errors); ?>
           
            Directory<br /><select name="directory"<?php if (array_key_exists('directory', $add_cat_errors)); ?>>
<option>Select One</option>
<?php // Retrieve all the categories and add to the pull-down menu:
$q = 'SELECT dirID, directory FROM directory ORDER BY directory ASC';
$r = mysqli_query ($dbc, $q);
while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) {
echo "<option value=\"$row[0]\"";
// Check for stickyness:
if (isset($_POST['directory']) && ($_POST['directory'] == $row[0]) ) echo ' selected="selected"';
echo ">$row[1]</option>\n";
}
?>
</select><?php if (array_key_exists('directory', $add_cat_errors)) echo $add_cat_errors['directory']; ?>
</select>
           
            Image<br /><?php

// Check for an error:
if (array_key_exists('image', $add_cat_errors)) {

echo $add_cat_errors['image'] . '<br /><input type="file" name="image"/>';

} else { // No error.

echo '<input type="file" name="image" />';

// If the file exists (from a previous form submission but there were other errors),
// store the file info in a session and note its existence:
if (isset($_SESSION['image'])) {
echo "<br />Currently '{$_SESSION['image']['file_name']}'";
}

} // end of errors IF-ELSE.
 ?>
          <br />

Stock<br /><?php create_form_input('stock', 'text', $add_cat_errors); ?>


<input type="submit" value="Add This Product" class="button" />


</fieldset>

</form>

What I want to achieve is this;

When a record is being inserted, a user will make a selection from the dropdown box with a list of directories. Then, a user will upload an image. When a image is uploaded and a directory is chosen, I want the image to be assigned to a specific directory from the list so when the record is inserted, that image will be placed in the specific directory. How do I achieve this please?

This topic has been moved to PHP Installation & Configuration.

http://www.phpfreaks.com/forums/index.php?topic=307015.0

Hi..,
My code is like:
Code: [Select]
<?php
$filename ="excelreport.xls";
print "<table border=1>";
print "<tr ><td valign=bottom><img src=http://abc/images/big.png ></img></td>
<td valign=bottom><img src=http://abc/images/small.png ></img></td>
</tr>";
print "</table>";

header('Content-type: application/ms-excel');
header('Content-Disposition: attachment; filename='.$filename);

?>when I open the excel file, the images alignment is from top to bottom(equal from top of image).
what i want is from bottom to top(equal from bottom of image).

i did try using valign in td property, but still the images equal from top of image

thanks for any reply/ help

I have a form on which the filepond plugin send the file manually
 and it generate the base64 formated data of that file, unfortunately
Icant get it's previous name so i randomize the name, and put the file directry in the final folder, is there any problem on security?, can i validate if its an image with all property such as size,dimension e.t.c Before adding it the directory? and how to get the it's
new name to database.

 

Look here

if(empty($_POST['image'])) {
    echo 'add file!';
}
$myimage = $_POST['image'];
$myimage = str_replace('data:image/png;base64,', '', $myimage);
$myimage = str_replace(' ', '+', $myimage);
$decode = base64_decode($myimage);
$myfile = $_SERVER['DOCUMENT_ROOT'].'/mages/' . uniqid() . '.png';
//now put the file
file_put_contents($myfile, $decode);

 

In this multi file upload form, choose three images, click submit and preview the images on the preview page. If the user wishes to delete or replace an image, click edit and the form will go back to the previous page. Select the replace radio button for example on one of the three images and select a new image from the file input prompt and click submit. The form will go to the preview page again to display the images. During this process the image names are being input into a table and the images are being moved to a directory.

The table is

  `id`  AUTO_INCREMENT,
  `image0`
  `image1`
  `image2`
  `status`

So input name='image[image0]' can be directed to table `image0` and so on.

The code for keep and delete work fine, but how do I replace an image?
I have two foreach blocks. The first one deletes the image file from the directory and deletes the image name from the table, but the second foreach dose not move the new image file into the directory.
Thanks.

<input type='radio' name='image[image0]' value='keep' checked='checked'/>
<input type='radio' name='image[image0]' value='delete' />
<input type='radio' name='image[image0]' value='replace' />
<input type="file" name="image[]" />

<input type='radio' name='image[image1]' value='keep' checked='checked'/>
<input type='radio' name='image[image1]' value='delete' />
<input type='radio' name='image[image1]' value='replace' />
<input type="file" name="image[]" />

<input type='radio' name='image[image2]' value='keep' checked='checked'/>
<input type='radio' name='image[image2]' value='delete' />
<input type='radio' name='image[image2]' value='replace' />
<input type="file" name="image[]" />

<?php
if (isset($_POST['status'])) {

$status = $_POST['status'];
$confirm_code = $status;

#--------------------------- replace --------------------------------------------

if (isset($_POST['submitted']) &&
($image = $_POST['image'])) {

foreach($image as $imageKey => $imageValue) {
if ($imageValue == 'replace') {
$query = "SELECT $imageKey FROM table WHERE status = '$status' ";
if($result = $db->query( $query )){
$row = $result->fetch_array();
}

unlink( UPLOAD_DIR.$row[0] );

$query = "UPDATE table SET $imageKey = '' WHERE status = '$status' ";
}
}

foreach($image as $imageKey => $imageValue) {
if ($imageValue == 'replace') {

$filenm = $_FILES['image']['name']; 
$file = $_FILES['image']['tmp_name'];

move_uploaded_file($file, UPLOAD_DIR . $filenm);
$filename[] = $filenm; 

$query = "INSERT INTO table VALUES ('','$filename[0]','$filename[1]','$filename[2]','$confirm_code')";
}
}
}
}
?>

Hiya,

Firstly, I'm a complete novice, apologies! But I have got my upload.php working which is nice. I will post the code below.

However, I would now like to restrict the file size and file type to only word documents.

I currently have a restriction of 200KB but it's not working - no idea why as I've looked at other similar codes and they look the same.

Also, just to complicate things - can I stop files overwriting each other when uploaded? At the moment, if 2 people upload files with the same name one will overwrite the other.

Is this too many questions in 1?

Any help is very much appreciated!

Code below:

Code: [Select]
<form enctype="multipart/form-data" action="careers.php" method="POST">
        Please choose a file: <input name="uploaded" type="file" /><br />
<input type="submit" value="Upload" />
</form>

<?php 
 $target = "upload/"; 
 $target = $target . basename( $_FILES['uploaded']['name']) ; 
 $ok=1; 
 
 //This is our size condition 
 if ($uploaded_size > 200) 
 { 
 echo "Your file is too large.<br>"; 
 $ok=0; 
 } 
 
 //This is our limit file type condition 
 if ($uploaded_type =="text/php") 
 { 
 echo "No PHP files<br>"; 
 $ok=0; 
 } 
 
 //Here we check that $ok was not set to 0 by an error 
 if ($ok==0) 
 { 
 Echo "Sorry your file was not uploaded"; 
 } 
 
 //If everything is ok we try to upload it 
 else 
 { 
 if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) 
 { 
 echo "Your file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded."; 
 } 
 else 
 { 
 echo "Sorry, there was a problem uploading your file."; 
 } 
 } 
 ?>

I want to use the following code to upload images to my server (below code works great)

Code: [Select]
<?php
$rand = rand(1,99999999999999);
$member_id = $_SESSION['SESS_MEMBER_ID'];

if(isset($_FILES['uploaded']['name']))
{
    $target = "gallery/";
$allowed_filetypes = array('.jpg','.gif','.bmp','.png');
$max_filesize = 524288; // Maximum filesize in BYTES (currently 0.5MB) 
    $fileName = basename($_FILES['uploaded']['name']);
    $target = $target . $fileName;
$errors = array();

   // Get the extension from the filename.
   $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); 
 
   // Check if the filetype is allowed.
   if(in_array($ext,$allowed_filetypes))
    {
         $errors[] = "The file you attempted to upload is not allowed.";
    }
    
// Now check the filesize.
   if(filesize($_FILES['uploaded']['tmp_name']) > $max_filesize)
    {
         $errors[] = "The file you attempted to upload is too large.";
    }
  
    // Check if we can upload to the specified path.
   if(is_writable($target))
    {
         $errors[] = "You cannot upload to the specified directory, please CHMOD it to 777.";
    }
 
    //Here we check that no validation errors have occured.
    if(count($errors)==0)
    {

//Try to upload it.
        if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
        {
            $errors[] = "Sorry, there was a problem uploading your file.";
        }
    }
    
    //If no errors show confirmation message
    if(count($errors)==0)
    {
         echo "<div class='notification success png_bg'>
<a href='#' class='close'><img src='img/cross_grey_small.png' title='Close this notification' alt='close' /></a>
<div>
The file {$fileName} has been uploaded<br>\n
</div>
</div>";

//echo "The file {$fileName} has been uploaded";
echo "<br>\n";
echo "<a href='gallery.php'>Go Back</a>\n";
    }
    else
    {
        //show error message
        echo "<div class='notification attention png_bg'>
<a href='#' class='close'><img src='img/cross_grey_small.png' title='Close this notification' alt='close' /></a>
<div>
Sorry your file was not uploaded due to the following errors:<br>\n
</div>
</div>";
//echo "Sorry your file was not uploaded due to the following errors:<br>\n";
        echo "<ul>\n";
        foreach($errors as $error)
        {
            echo "<li>{$error}</li>\n";
        }
        echo "</ul>\n";
echo "<br>\n";
echo "<a href='gallery.php'>Go Back</a>\n";
    }
    
}
else
{
    //Show the form
echo "Use the following form below to add a new image to your gallery;<br />\n";
    echo "<form enctype='multipart/form-data' action='' method='POST'>\n";
    echo "Please choose a file: <input name='uploaded' type='file' /><br />\n";
    echo "<input type='submit' value='Upload' />\n";
    echo "</form>\n";

//Echo Tests!
    echo "<br /><br />Random FileName: "; 
echo $rand;
echo "<br />";
echo "member ID: #";
echo $member_id;
}
?>
i then want it to rename the files for example:

"test.png" is uploaded and name changed to "92997863_321.png" (where first number is using my $rand then the "_" then second number is my $member_id)

the script already got these pieces of information and also gets the file extension using the $ext code.

can this be done, and can i also upload the new filename to my sql table?

I havent included the whole title as it wouldnt let me but I was wondering if someone could help me on this?

I know this is possible as torrentflux caters for this but unsure of where to start.

I dont want to allow file or directory uploads or creation in my /etc/php.ini file (this is turned off).

Yet then torrentflux allows me to link a torrent from an external source (using legal downloads of course  ) but then it uploads it on my server and creates folders on a per user basis.

How is this possible can someone give me some pointers please?

I look forward to any replies,
Jeremy.

So, I'm learning how to upload pictures into a system from my awesome PHP book. I've looked and looked through the script but I can't figure out whats wrong with it.

Goal:
The script is meant to save a full version of the image in the images folder and a thumbnail in the thumbnail folder.
Bug:
The full image does not appear in any folder, and the thumbnail is created but its put in the images folder.

I've checked the GD library, and everything is supported.

image_effect.php

<?php
//change this path to match your images directory
$dir ='C:/x/xampp/htdocs/images';

//change this path to match your fonts directory and the desired font
putenv('GDFONTPATH=' . 'C:/Windows/Fonts');
$font = 'arial';

// make sure the requested image is valid
if (isset($_GET['id']) && ctype_digit($_GET['id']) && file_exists($dir . '/' .
    $_GET['id'] . '.jpg')) {
    $image = imagecreatefromjpeg($dir . '/' . $_GET['id'] . '.jpg');
} else {
    die('invalid image specified');
}

// apply the filter
$effect = (isset($_GET['e'])) ? $_GET['e'] : -1;
switch ($effect) {
case IMG_FILTER_NEGATE:
    imagefilter($image, IMG_FILTER_NEGATE); 
    break;
case IMG_FILTER_GRAYSCALE:
    imagefilter($image, IMG_FILTER_GRAYSCALE); 
    break;
case IMG_FILTER_EMBOSS:
    imagefilter($image, IMG_FILTER_EMBOSS); 
    break;
case IMG_FILTER_GAUSSIAN_BLUR:
    imagefilter($image, IMG_FILTER_GAUSSIAN_BLUR);
    break;
}

// add the caption if requested
if (isset($_GET['capt'])) {
    imagettftext($image, 12, 0, 20, 20, 0, $font, $_GET['capt']);
}

//add the logo watermark if requested
if (isset($_GET['logo'])) {
    // determine x and y position to center watermark
    list($width, $height) = getimagesize($dir . '/' . $_GET['id'] . '.jpg');
    list($wmk_width, $wmk_height) = getimagesize('images/logo.png');
    $x = ($width - $wmk_width) / 2;
    $y = ($height - $wmk_height) / 2;
    
    $wmk = imagecreatefrompng('images/logo.png');
    imagecopymerge($image, $wmk, $x, $y, 0, 0, $wmk_width, $wmk_height, 20);
    imagedestroy($wmk);
}

// show the image
header('Content-Type: image/jpeg');
imagejpeg($image, '', 100);
?>


check_image.php

<?php
include 'db.inc.php';
//connect to MySQL
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or 
    die ('Unable to connect. Check your connection parameters.');
mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));

//change this path to match your images directory
$dir ='C:/x/xampp/htdocs/images';

//change this path to match your thumbnail directory
$thumbdir = $dir . '/thumbs';

//change this path to match your fonts directory and the desired font
putenv('GDFONTPATH=' . 'C:/Windows/Fonts');
$font = 'arial';

// handle the uploaded image
if ($_POST['submit'] == 'Upload') {

    //make sure the uploaded file transfer was successful
    if ($_FILES['uploadfile']['error'] != UPLOAD_ERR_OK)
    {
        switch ($_FILES['uploadfile']['error']) {
        case UPLOAD_ERR_INI_SIZE:
            die('The uploaded file exceeds the upload_max_filesize directive ' .
                'in php.ini.');
            break;
        case UPLOAD_ERR_FORM_SIZE:
            die('The uploaded file exceeds the MAX_FILE_SIZE directive that ' .
                'was specified in the HTML form.');
            break;
        case UPLOAD_ERR_PARTIAL:
            die('The uploaded file was only partially uploaded.');
            break;
        case UPLOAD_ERR_NO_FILE:
            die('No file was uploaded.');
            break;
        case UPLOAD_ERR_NO_TMP_DIR:
            die('The server is missing a temporary folder.');
            break;
        case UPLOAD_ERR_CANT_WRITE:
            die('The server failed to write the uploaded file to disk.');
            break;
        case UPLOAD_ERR_EXTENSION:
            die('File upload stopped by extension.');
            break;
        }
    }
    
    //get info about the image being uploaded
    $image_caption = $_POST['caption'];
    $image_username = $_POST['username'];
    $image_date = @date('Y-m-d');
    list($width, $height, $type, $attr) =
        getimagesize($_FILES['uploadfile']['tmp_name']);

    // make sure the uploaded file is really a supported image
    $error = 'The file you uploaded was not a supported filetype.';
    switch ($type) {
    case IMAGETYPE_GIF:
        $image = imagecreatefromgif($_FILES['uploadfile']['tmp_name']) or
            die($error);
        break;
    case IMAGETYPE_JPEG:
        $image = imagecreatefromjpeg($_FILES['uploadfile']['tmp_name']) or
            die($error);
        break;
    case IMAGETYPE_PNG:
        $image = imagecreatefrompng($_FILES['uploadfile']['tmp_name']) or
            die($error);
        break;
    default:
        die($error);
    }

    //insert information into image table
    $query = 'INSERT INTO images
        (image_caption, image_username, image_date)
    VALUES
        ("' . $image_caption . '", "' . $image_username . '", "' . $image_date .
        '")';
    
    $result = mysql_query($query, $db) or die (mysql_error($db));
    
    //retrieve the image_id that MySQL generated automatically when we inserted
    //the new record
    $last_id = mysql_insert_id();
    
    // save the image to its final destination
    $image_id = $last_id;
    imagejpeg($image, $dir . '/' . $image_id  . '.jpg');
    imagedestroy($image);

} else {
    // retrieve image information
    $query = 'SELECT
        image_id, image_caption, image_username, image_date
    FROM
        images
    WHERE
        image_id = ' . $_POST['id'];
    $result = mysql_query($query, $db) or die (mysql_error($db));
    extract(mysql_fetch_assoc($result));

    list($width, $height, $type, $attr) = getimagesize($dir . '/' . $image_id .
        '.jpg');
}

if ($_POST['submit'] == 'Save') {
    // make sure the requested image is valid
    if (isset($_POST['id']) && ctype_digit($_POST['id']) &&
        file_exists($dir . '/' . $_POST['id'] . '.jpg')) {
        $image = imagecreatefromjpeg($dir . '/' . $_POST['id'] . '.jpg');
    } else {
        die('invalid image specified');
    }

    // apply the filter    
    $effect = (isset($_POST['effect'])) ? $_POST['effect'] : -1;
    switch ($effect) {
    case IMG_FILTER_NEGATE:
        imagefilter($image, IMG_FILTER_NEGATE); 
        break;
    case IMG_FILTER_GRAYSCALE:
        imagefilter($image, IMG_FILTER_GRAYSCALE); 
        break;
    case IMG_FILTER_EMBOSS:
        imagefilter($image, IMG_FILTER_EMBOSS); 
        break;
    case IMG_FILTER_GAUSSIAN_BLUR:
        imagefilter($image, IMG_FILTER_GAUSSIAN_BLUR);
        break;
    }

    // add the caption if requested
    if (isset($_POST['emb_caption'])) {
        imagettftext($image, 12, 0, 20, 20, 0, $font, $image_caption);
    }

    //add the logo watermark if requested
    if (isset($_POST['emb_logo'])) {
        // determine x and y position to center watermark
        list($wmk_width, $wmk_height) = getimagesize('images/logo.png');
        $x = ($width - $wmk_width) / 2;
        $y = ($height - $wmk_height) / 2;
    
        $wmk = imagecreatefrompng('images/logo.png');
        imagecopymerge($image, $wmk, $x, $y, 0, 0, $wmk_width, $wmk_height, 20);
        imagedestroy($wmk);
    }

    // save the image with the filter applied
    imagejpeg($image, $dir . '/' . $_POST['id'] . '.jpg', 100);

    //set the dimensions for the thumbnail
    $thumb_width = $width * 0.10;
    $thumb_height = $height * 0.10;

    //create the thumbnail
    $thumb = imagecreatetruecolor($thumb_width, $thumb_height);
    imagecopyresampled($thumb, $image, 0, 0, 0, 0, $thumb_width, $thumb_height,
        $width, $height);
    imagejpeg($thumb, $dir . '/' . $_POST['id'] . '.jpg', 100);
    imagedestroy($thumb);
?>
<html>
 <head>
  <title>Here is your pic!</title>
 </head>
 <body>
  <h1>Your image has been saved!</h1>
  <img src="images/<?php echo $_POST['id']; ?>.jpg" />
 </body>
</html>
<?php
} else {
?>
<html>
 <head>
  <title>Here is your pic!</title>
 </head>
 <body>
  <h1>So how does it feel to be famous?</h1>
  <p>Here is the picture you just uploaded to our servers:</p>
<?php 
   if ($_POST['submit'] == 'Upload') {
       $imagename = 'images/' . $image_id  . '.jpg';
   } else {
       $imagename = 'image_effect.php?id=' . $image_id  . '&e=' .
           $_POST['effect'];

       if (isset($_POST['emb_caption'])) {
           $imagename .= '&capt=' . urlencode($image_caption); 
       }

       if (isset($_POST['emb_logo'])) {
           $imagename .= '&logo=1'; 
       }
   }
?>
   <img src="<?php echo $imagename; ?>" style="float:left;">
  <table>
   <tr><td>Image Saved as: </td><td><?php echo $image_id  . '.jpg'; ?></td></tr>
   <tr><td>Height: </td><td><?php echo $height; ?></td></tr>
   <tr><td>Width: </td><td><?php echo $width; ?></td></tr>
   <tr><td>Upload Date: </td><td><?php echo $image_date; ?></td></tr>
  </table>
  <p>You may apply special options to your image below. Note: saving an image
with any of the options applied  <em>cannot be undone</em>.</p>
  <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
   <div>
    <input type="hidden" name="id" value="<?php echo $image_id;?>"/>
    Filter: <select name="effect">
     <option value="-1">None</option>
<?php
    echo '<option value="' . IMG_FILTER_GRAYSCALE . '"';
    if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_GRAYSCALE) {
        echo ' selected="selected"';
    }
    echo '>Black and White</option>';

    echo '<option value="' . IMG_FILTER_GAUSSIAN_BLUR . '"';
    if (isset($_POST['effect']) && $_POST['effect'] ==
        IMG_FILTER_GAUSSIAN_BLUR) {
        echo ' selected="selected"';
    }
    echo '>Blur</option>';

    echo '<option value="' . IMG_FILTER_EMBOSS . '"';
    if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_EMBOSS) {
        echo ' selected="selected"';
    }
    echo '>Emboss</option>';

    echo '<option value="' . IMG_FILTER_NEGATE . '"';
    if (isset($_POST['effect']) && $_POST['effect'] == IMG_FILTER_NEGATE) {
        echo ' selected="selected"';
    }
    echo '>Negative</option>';
?>
    </select>
    <br/><br/>
<?php
    echo '<input type="checkbox" name="emb_caption"';
    if (isset($_POST['emb_caption'])) {
        echo ' checked="checked"';
    }
    echo '>Embed caption in image?';
    echo '<br/><br/><input type="checkbox" name="emb_logo"';
    if (isset($_POST['emb_logo'])) {
        echo ' checked="checked"';
    }
    echo '>Embed watermarked logo in image?';
?>
    <br/><br/>
    <input type="submit" value="Preview" name="submit" />
    <input type="submit" value="Save" name="submit" />
   </div>
  </form>
 </body>
</html>
<?php
}
?>


Any help appreciated.

<td><label for='images'> <b>File to upload:</b> </label></td>
            <td><input type='file'  name = 'drama_image' '<?php echo $row['drama_image']; ?>'/></
                       </tr>
         
   <?php
            $target_path = "images/";
            $target_path = $target_path . basename( $_FILES['images']['name']);

            if(move_uploaded_file($_FILES['images']['tmp_name'], $target_path)) {
                echo "The file ".  basename( $_FILES['images']['name']).
             " has been uploaded";
            } else{
                echo $row['drama_image'];
            }
         
     ?>

['drama_image'] is the name of the file

I wanna echo it out in the box of file upload so when I save , the default picture will still be there instead of being overwritten as the box does not have any value in it.