|
PHP - Help With Writing Image Upload Script With Form Data To Be Sent To Mysql
so what i have going on is that i need help writing a basic script to upload original and copy with resize for thumbnail. then also need to rename both image files with content in the form.
My server supports GD Library and that imagemagik or whatever it is lol. upload dirs orig: ../media/photos/ thumb: ../media/photos/thumb/ mySQL DB: name: m_photos fields: id(INT) m_cat(varchar) m_sub_cat(varchar) pic(varchar) description(varchar) p_group(varchar) I have the form written up for how it should look like: Code: [Select] <form action="upload.php" method="post" enctype="multipart/form-data"> Upload an image for processing<br /> <input type="file" name="Image"><br /> <select name="sub_group"> <option value="Photo Shoot">Photo Shoot</option> <option value="Live Performances">Live Performances</option> <option value="Randoms">Randoms</option> <option value="Fan Photos">Fan Photos</option> </select><br /> Location: <input type="text" name="p_group" /><br /> Date of Pic: <input type="text" name="date" /><br /> Description: <input type="text" name="description" /><br /> <input type="submit" value="Upload"> </form> so what needs to happen is for the file upload name. it needs to grab a count from "p_group" database to give it a starting number in a "00" pattern and then the date of pic needs to go in there next then the p_group name. so when the files gets uploaded it would look something like this after upload. "03 - Oct 21, 2011 - The Mex.jpg" NOTE: all pics must be converted to ".jpg" extension. both the orig and thumb will use that same file name cuz they just go into different dirs re-sizing for the thumbnail should be done by aspect ratio and needs to either be 300px width or 400px height. so if anyone would like to help me out please do. im not the greatest at writing in php yet Similar TutorialsHello I am having problems uploading an image through a HTML form. I want the image to be uploaded to the server and the image name to be written to the mysql database. Below is the code I am using: Code: [Select] <?php if (isset($_POST['add'])){ echo "<br /> add value is true"; $name = $_POST['name']; $description = $_POST['description']; $price = $_POST['price']; $category_id = $_POST['category_name']; $image = $_FILES['image']['name']; //file path of the image upload $filepath = "../images/"; //mew name for the image upload $newimagename = $name; //new width for the image $newwidth = 100; //new height for the image $newheight = 100; include('../includes/image-upload.php'); mysql_query("INSERT INTO item (item_name, item_description, item_price, item_image) VALUES ('$name','$description','$price','$image')"); ?> Here is the image-upload.php file code: Code: [Select] <?php //assigns the file to the image $image =$_FILES["image"]["name"]; $uploadedfile =$_FILES["image"]["tmp_name"]; if ($image) { //retrieves the extension type from image upload $extension = getextension($image); //converts extension to lowercase $extension = strtolower($extension); //create image from uploaded file type if($extension=="jpg" || $extension=="jpeg") { $uploadedfile = $_FILES['image']['tmp_name']; $src = imagecreatefromjpeg($uploadedfile); }else if($extension=="png") { $uploadedfile = $_FILES['image']['tmp_name']; $src = imagecreatefrompng($uploadedfile); }else{ $src = imagecreatefromgif($uploadedfile); } //creates a list of the width and height of the image list($width,$height)=getimagesize($uploadedfile); //adds color to the image $tmp = imagecreatetruecolor($newwidth,$newheight); //create image imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height); //set file name $filename = $filepath.$newimagename.".".$extension; $imagename = $newimagename.".".$extension; //uploads new file with name to the chosen directory imagejpeg($tmp,$filename,100); //empty variables imagedestroy($src); imagedestroy($tmp); } ?> Any help would be appreciated, fairly new to all this! Thanks!!! Hi All, I need some help blocking files that don't pass authentication from being uploaded to the server. Here is my script (below). It correctly throws errors, but regardless of error / no-error, the file is uploaded. For example, the only files allowed to be uploaded should be .png, .jpeg, .gif -- but I see .flv .docx etc in the destination folder. You'll see below a variable for each of the error messages. They basically say that the file name is too long, too big, not an allowed file type, or English characters only allowed in file title name. Again the errors work properly, but regardless files are uploaded to the "quiz_images" folder. What do I need to do to stop the upload if an error is triggered? Thank you for your help... here is the code snip: Code: [Select] $directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']); $uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'quiz_images/'; $fieldname = 'file'; if ($_POST[submit]) { if ($_POST[title] <> "") { $a = TRUE; } else { $a = FALSE; $content .= "<p>$enter_title</p>\n"; } if ($_POST[video] <> "") { $b = TRUE; } else { $b = FALSE; $content .= "<p>$enter_embed</p>\n"; } if ($_POST[description_text] <> "") { $c = TRUE; } else { $c = FALSE; $content .= "<p>$enter_description</p>\n"; } if ($_POST[submit] <> "") { $f = TRUE; } else { $f = FALSE; $content .= "<p>$sorry_error</p>\n"; } if (is_uploaded_file($_FILES[$fieldname]['tmp_name'])) { $g = TRUE; } else { $g = FALSE; $content .= "<p>$sorry_error</p>\n"; } if (getimagesize($_FILES[$fieldname]['tmp_name'])){ $h = TRUE; } else { $h = FALSE; $content .= "<p>$error2</p>\n"; } if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 50000)) { $i = TRUE; } else { $i = FALSE; $content .= "<p>$error2</p>\n"; } if(preg_match('#^[a-z0-9_\s-\.]*$#i', $pic) ) { $k = TRUE; } else { $k = FALSE; $content .= "<p>$error3</p>\n"; } $desc_length = strlen($pic); $limit = 40; if ($desc_length <= $limit) { $l = TRUE; } else { $l = FALSE; $content .= "<p>$error4</p>\n"; } $now = time(); while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name'])) { $now++; } if (move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)){ $j = TRUE; } else { $j = FALSE; $content .= "<p>$enter_thumb</p>\n"; } $pic=$now++.'-'.$_FILES[$fieldname]['name']; if ($a AND $b AND $c AND $f AND $g AND $h AND $i AND $j AND $k AND $l) {............ Hi folks, Hi Everyone, I'm new to PHP freaks, and I'm hoping someone might be able to help me. I have written some code for a html page and used php to retrieve confirm whether or not data is in a text file. I also tried to write some code to insert the data supplied to my html page to the text file but it's not working. Can someone help me figure out what my issue is. I have attached my text file, and my php code as well. Below you'll find the code I used for my html page. Thank you for all your help, Phee <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Telephone Directory</title> </head> <body> <form action='SignGuestBook.php' method='post'> <h1>Sign Guest Book</h1> <hr> <br> <table align='Left'> <tr> <td>Name: </td> <td><input name='name' /></td> </tr> <tr> <td>E-mail: </td> <td><input name='email' /></td> </tr> <tr> <td><input type="submit" value='Sign' /></td> <td><input type="reset" value='Reset Form' /></td> </tr> </table> <h3></h3> <br> <h4></h4> <br> <h5></h5> <br> <h6></h6> <br> <h7></h7> <br> <hr> <a href="http://helios.ite.gmu.edu/~smohamu2/IT207/Lab%20Assignment%208/AddNew.html">View Guest Book</a> </form> </body> </html> [attachment deleted by admin] Hello, all! I am trying to learn PHP and MySQL on my own, and need some debugging help. What exactly is going wrong here? I am following a tutorial and trying to write the code as it says, but am still having trouble with syntax. Running a WAMP, PHP5.3, and MySQL5.5. This is my code: Code: [Select] <html> <body> <form name = "newVenue" method = "post"> Establishment name: <input type = "text" name = "name"> <br> Street Address: <input type = "text" name = "streetAddress"> <br> City: <input type = "text" name = "city"> <br> State: <select name="state"> <option value="AL">AL</option> <option value="AK">AK</option> <option value="AZ">AZ</option> <option value="AR">AR</option> <option value="CA">CA</option> <option value="CO">CO</option> <option value="CT">CT</option> <option value="DE">DE</option> <option value="DC">DC</option> <option value="FL">FL</option> <option value="GA">GA</option> <option value="HI">HI</option> <option value="ID">ID</option> <option value="IL">IL</option> <option value="IN">IN</option> <option value="IA">IA</option> <option value="KS">KS</option> <option value="KY">KY</option> <option value="LA">LA</option> <option value="ME">ME</option> <option value="MD">MD</option> <option value="MA">MA</option> <option value="MI">MI</option> <option value="MN">MN</option> <option value="MS">MS</option> <option value="MO">MO</option> <option value="MT">MT</option> <option value="NE">NE</option> <option value="NV">NV</option> <option value="NH">NH</option> <option value="NJ">NJ</option> <option value="NM">NM</option> <option value="NY">NY</option> <option value="NC">NC</option> <option value="ND">ND</option> <option value="OH">OH</option> <option value="OK">OK</option> <option value="OR">OR</option> <option value="PA">PA</option> <option value="RI">RI</option> <option value="SC">SC</option> <option value="SD">SD</option> <option value="TN">TN</option> <option value="TX">TX</option> <option value="UT">UT</option> <option value="VT">VT</option> <option value="VA">VA</option> <option value="WA">WA</option> <option value="WV">WV</option> <option value="WI">WI</option> <option value="WY">WY</option> </select> <br> Zip: <input type = "text" name = "zip"> <br> email: <input type = "text" name = "email"> <br> password: <input type = "text" name = "password"> <br> <input type="submit" name="Submit" value="Submit"> </form> <?php //If the form isn't empty, assign the value to a variable if (!empty($_POST['name'])) { $name = $_POST['name']; $address = $_POST['streetAddress']; $city = $_POST['city']; $state = $_POST['state']; $zip = $_POST['zip']; $email = $_POST['email']; $password = $_POST['password']; //Connect to the 'Users' database and store the new bar into the 'Venue' table... mysql_connect ("localhost", "newbar", "Jpr5HJ2K5fWvPLXq") or die ('Oh, fuck: '.mysql_error()); mysql_select_db ("users"); $query = "INSTERT INTO venues VALUES ('NULL', 'testPic.jpg', '".$name."', '".$address."', '".$city."', '".$state."', '".$zip."', '".$email."', '".$password."', 0)"; mysql_query($query) or die ('Oh, fuck: '.mysql_error()); echo "Damn, Nathan. This shit actually worked..."; } ?> </body> </html>This is the error I receive: Code: [Select] Oh, fuck: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INSTERT INTO venues VALUES ('NULL', 'testPic.jpg', 'Nathan's house', '666', 'DAY' at line 1This is my table: Code: [Select] id INT PRIMARY KEY pic_location VARCHAR name VARCHAR address VARCHAR city VARCHAR state VARCHAR zip VARCHAR email VARCHAR password VARCHAR event_name INT Any thoughts as to what is causing this error? Thanks in advance... Hey guys! I'm not that good with PHP, and I really need to finish this script. I'm having a hard time finding the problem..it keeps saying Error, query failed and I've also checked the database info, connectivity info and even tried a connection and database selection verification to see if that was working. Is there any other error you guys can find in the script that may be causing the message? Edit: The files I want to be able to upload should be pdf's, txts, docs, etc. Would that be possible with this script? Thanks!! Code: [Select] <form method="post" enctype="multipart/form-data"> <table width="350" border="0" cellpadding="1" cellspacing="1" class="box"> <tr> <td width="246"> <input type="hidden" name="MAX_FILE_SIZE" value="104857600"></td> <td width="80"> </td> </tr> </table> <p>Archivo: <input name="userfile" type="file" id="userfile" /> </p> <p>Nomb <label for="name"></label> <input type="text" name="nombrelista" id="nombrelista" /> </p> <p>Password (para luego borrar si necesario): <input type="text" name="pass" id="pass" /> </p> <p> <input name="upload" type="submit" class="box" id="upload" value=" Upload " /> </p> <?php if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) { $fileName = $_FILES['userfile']['name']; $tmpName = $_FILES['userfile']['tmp_name']; $fileSize = $_FILES['userfile']['size']; $fileType = $_FILES['userfile']['type']; $filePass = $_POST['pass']; $nombreLista = $_POST['nombrelista']; $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); $content = addslashes($content); fclose($fp); $host_db = "localhost"; $user_db = "melkien_rudesa"; $pass_db = "jorlan2407"; $base_db = "melkien_rudesa"; $link = mysql_connect($host_db, $user_db, $pass_db); if (!$link) { die('Could not connect: ' . mysql_error()); mysql_close($link); } mysql_select_db($base_db, $link) or die(mysql_error()); if(!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); } $query = "INSERT INTO 'upload'('nombrelista', 'name', 'pass', 'size', 'type', 'content' ) VALUES ('$nombreLista', $fileName', '$filePass', $fileSize', '$fileType', '$content')"; mysql_query($query) or die('Error, query failed'); echo "<br>File $fileName uploaded<br>"; mysql_close($link); } ?> </form> I think this is the right section to post this is in..... Anyway.....I'm building a web site that requires i have functionality to upload a tab delimited file (or some file format that is easiest) via php and insert the data into MYSQL. I've searched for many third party scripts but none seem to work. So I've decided to move to the community to see if someone can give me insight on how i might accomplish this script. I have some third party scripts but I'm not sure if they'd be of any use. Thank you kindly I have a form on our website that a user can fill out for custom product. I want the form data to be 1) stored into a mysql database AND after storing said data, 2) email the same data to our sales department. 1) The form data DOES get stored into mysql database (except for the first two fields, for some weird reason) 2) I added a "mail" section to the php file that stores the data into the database, but it is not working correctly. I have stripped the email portion down to sending just one of the fields in the "message" to make it easier for troubleshooting I have included here, both the form section of the html file, and the formdata.php file that processes the data for your analysis. I am relatively new to php so there are going to be some issues with security, but I can work on those after I get the store & email process to work correctly. Please review my code and see if anyone can be of assistance. I looked through the forums and couldn't find another issue that was the same as mine. If I just overlooked, please tell me the thread post #. Thanks THE FORM WHICH COLLECTS THE DATA ******************************* <form method=POST action=formdata.php> <table width="640" border=0 align="center"> <tr> <td align=right><b>First Name</b></td> <td><input type=text name=FName size=25></td> <td><div align="right"><b>Telephone</b></div></td> <td><input type=text name=Tel size=25></td> </tr> <tr> <td align=right><b>Last Name</b></td> <td><input type=text name=LName size=25></td> <td><div align="right"><b>Fax</b></div></td> <td><input type=text name=Fax size=25></td> </tr> <tr> <td align=right><b>Title</b></td> <td><input type=text name=Title size=25></td> <td><div align="right"><b>Email</b></div></td> <td><input type=text name=Email size=50></td> </tr> <tr> <td align=right><b>Company</b></td> <td><input type=text name=Comp size=25></td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>Address</b></td> <td><input type=text name=Addr size=25></td> <td><div align="right"><b>Estimated Annual Volume</b></div></td> <td><input type=text name=EAV size=25></td> </tr> <tr> <td align=right><b>City</b></td> <td><input type=text name=City size=25></td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>State/Province</b></td> <td><input type=text name=SProv size=25></td> <td><div align="right"><b>Application</b></div></td> <td><input type=text name=Appl size=25></td> </tr> <tr> <td align=right><b>Country</b></td> <td><input type=text name=Ctry size=25></td> <td><div align="right"><b>Type of System</b></div></td> <td><input type=text name=Syst size=25></td> </tr> <tr> <td align=right><b>Zip/Postal Code</b></td> <td><input type=text name=ZPC size=25></td> <td> </td> <td> </td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right> </td> <td><div align="right"><strong><font color="#FFFF00" face="Arial, Helvetica, sans-serif">COIL DESIGN</font></strong></div></td> <td><font color="#FFFF00" face="Arial, Helvetica, sans-serif"><strong>PARAMETERS</strong></font></td> <td> </td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>Primary Resistance (ohms)</b></td> <td><input type=text name=Pres size=25></td> <td><div align="right"><b>Primary Inductance (mH)</b></div></td> <td><input type=text name=Pind size=25></td> </tr> <tr> <td align=right><b>Secondary Resistance (ohms)</b></td> <td><input type=text name=Sres size=25></td> <td><div align="right"><b>Secondary Inductance (H)</b></div></td> <td><input type=text name=Sind size=25></td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>Peak Operating Current (Amps)</b></td> <td><input type=text name=POC size=25></td> <td> </td> <td> </td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>Output Energy (mJ)</b></td> <td><input type=text name=Egy size=25></td> <td><div align="right"><b>Output Voltage (kV)</b></div></td> <td><input type=text name=Volt size=25></td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right><b># HV Towers per Coil</b></td> <td><input type=text name=TPC size=25></td> <td><div align="right"><b># of Coils per Package</b></div></td> <td><input type=text name=CPP size=25></td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <th colspan=4><b>Please enter any additional information he </b></th> </tr> <tr> <th colspan=4><textarea name=Mess cols=50 rows=10 id="Message"></textarea></th> </tr> </table> </dl> <div align="center"> <p> <input type=hidden name=BodyTag value="<body bgcolor="#484589" text="#FFFFFF" link="#FFFF00" alink="#FFFFFF" vlink="#FF7F00">"> <input type=hidden name=FA value=SendMail> </p> <p><font color="#FFFF00" face="Arial, Helvetica, sans-serif"><strong>PLEASE MAKE SURE ALL INFORMATION<br> IS CORRECT BEFORE SUBMITTING</strong></font></p> <p> <input type=submit value="Submit Form"> </p> </div> </form> THE FILE THAT PROCESSES THE FORM DATA (formdata.php) *********************************************** <?php $con = mysql_connect("localhost","XXX","XXX"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("customform", $con); $sql="INSERT INTO formdata (Fname, Lname, Title, Comp, Addr, City, SProv, Ctry, ZPC, Tel, Fax, Email, EAV, Appl, Syst, Pres, Pind, Sres, Sind, POC, Egy, Volt, TPC, CPP, Mess) VALUES ('$_POST[Fname]','$_POST[Lname]','$_POST[Title]','$_POST[Comp]','$_POST[Addr]','$_POST[City]','$_POST[SProv]','$_POST[Ctry]','$_POST[ZPC]','$_POST[Tel]','$_POST[Fax]','$_POST[Email]','$_POST[EAV]','$_POST[Appl]','$_POST[Syst]','$_POST[Pres]','$_POST[Pind]','$_POST[Sres]','$_POST[Sind]','$_POST[POC]','$_POST[Egy]','$_POST[Volt]','$_POST[TPC]','$_POST[CPP]','$_POST[Mess]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Your Information Was Successfully Posted"; mysql_close($con); $to = "recipient email address here"; $subject = "Custom Form"; $email = $_POST['Email'] ; $message = $_POST['Comp'] ; $headers = "From: $Email"; $sent = mail($to, $subject, $message, $headers) ; if($sent) {print "Your mail was sent successfully"; } else {print "We encountered an error sending your mail"; } ?> Hi- the code below lets me upload a CSV file to my database if I have 1 field in my database and 1 column in my CSV. I need to add to my db "player_id" from the CVS file and "event_name" and "event_type" from the form... any ideas??? here's the code: Code: [Select] <?php $hoststring =""; $database = ""; $username = ""; $password = ""; $makeconnection = mysql_pconnect($hoststring, $username, $password); ?> <?php ob_start(); mysql_select_db($database, $makeconnection); $sql_get_players=" SELECT * FROM tabel ORDER BY player_id ASC"; // $get_players = mysql_query($sql_get_players, $makeconnection) or die(mysql_error()); $row_get_players = mysql_fetch_assoc($get_players); // $message = null; $allowed_extensions = array('csv'); $upload_path = '.'; //same directory if (!empty($_FILES['file'])) { if ($_FILES['file']['error'] == 0) { // check extension $file = explode(".", $_FILES['file']['name']); $extension = array_pop($file); if (in_array($extension, $allowed_extensions)) { if (move_uploaded_file($_FILES['file']['tmp_name'], $upload_path.'/'.$_FILES['file']['name'])) { if (($handle = fopen($upload_path.'/'.$_FILES['file']['name'], "r")) !== false) { $keys = array(); $out = array(); $insert = array(); $line = 1; while (($row = fgetcsv($handle, 0, ',', '"')) !== FALSE) { foreach($row as $key => $value) { if ($line === 1) { $keys[$key] = $value; } else { $out[$line][$key] = $value; } } $line++; } fclose($handle); if (!empty($keys) && !empty($out)) { $db = new PDO( 'mysql:host=host;dbname=db', 'user', 'pw'); $db->exec("SET CHARACTER SET utf8"); foreach($out as $key => $value) { $sql = "INSERT INTO `table` (`"; $sql .= implode("`player_id`", $keys); $sql .= "`) VALUES ("; $sql .= implode(", ", array_fill(0, count($keys), "?")); $sql .= ")"; $statement = $db->prepare($sql); $statement->execute($value); } $message = '<span>File has been uploaded successfully</span>'; } } } } else { $message = '<span>Only .csv file format is allowed</span>'; } } else { $message = '<span>There was a problem with your file</span>'; } } ob_flush();?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>CSV File Upload</title> </head> <body> <form class="form" action="" method="post" enctype="multipart/form-data"> <h3>Select Your File</h3> <p><?php echo $message; ?></p> <input type="file" name="file" id="file" size="30" /> <br/> <label>Event Name:</label><input name="event_name" type="text" value="" /> <br/> <label>Event Type:</label><input name="event_type" type="text" value="" /> <br/> <input type="submit" id="btn" class="button" value="Submit" /> </form> <br/> <h3>Results:</h3> <?php do { ?> <p><?php echo $row_get_players['player_id'];?></p> <?php } while ($row_get_players = mysql_fetch_assoc($get_players)); ?> </body> </html> Hi All Not so much help as here is a handy class for uploading images Please feel free to find security bugs and let me know. Also feel free to use it if you want. http://onlyican.com/test_samples/bl_upload_img.phps To use the class, simply use the following require_once('bl_upload_img.php'); $objUploadImg = new UploadImg(); //Set values here if you wish such as $objUploadImg->setFormField('myFormField'); // The Name from <input type="file" name="myFormField" /> $objUploadImg->setSaveDirMain($_SERVER['DOCUMENT_ROOT'].'/MyImageFolder'; //Make sure to set the permissions //You can change most settings, just look at the function setDetaultValues() to get the function name //Now upload the image if($objUploadImg->uploadImage()){ $strFileName = $objUploadImg->getFileNameMain(); }else{ echo 'Error uploading Image<br />'.$objUploadImg->getErrorMessage(); } Hey guys!! i'm after a bit of help with a script i am using for simple image upload to server. At the moment the script works fine and will allow upload of JPG files, i want to extend on this to allow GIF and PNG files to be uploaded aswell. This is the script i am using... <?php //?heck that we have a file if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) { //Check if the file is JPEG image and it's size is less than 600Kb $filename = basename($_FILES['uploaded_file']['name']); $ext = substr($filename, strrpos($filename, '.') + 1); if (($ext == "jpg") && ($_FILES["uploaded_file"]["type"] == "image/jpeg") && ($_FILES["uploaded_file"]["size"] < 600000)) { //Determine the path to which we want to save this file $newname = dirname(__FILE__).'/uploads/'.$filename; //Check if the file with the same name is already exists on the server if (!file_exists($newname)) { //Attempt to move the uploaded file to it's new place if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) { echo "Upload Complete! You can use the following link in the IMS:" .$newname; } else { echo "Error: A problem occurred during file upload!"; } } else { echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists"; } } else { echo "Error: Only .jpg images under 600Kb are accepted for upload"; } } else { echo "Error: No file uploaded"; } // $sessionid=session_id() //$newname=$_SESSION['session_name'] header( 'Location: success.php?newname1='.$filename ) ; ?> Any help would be appriciated!! ta!! jonny hello i am adding an image upload script, so users can upload a image with the recipe they are adding, but my script seems to not work, these are the files. add_recipe.php <?php // Start_session, check if user is logged in or not, and connect to the database all in one included file include_once("scripts/checkuserlog.php"); // Include the class files for auto making links out of full URLs and for Time Ago date formatting include_once("wi_class_files/autoMakeLinks.php"); include_once ("wi_class_files/agoTimeFormat.php"); // Create the two objects before we can use them below in this script $activeLinkObject = new autoActiveLink; $myObject = new convertToAgo; ?> <?php // Include this script for random member display on home page include_once "scripts/homePage_randomMembers.php"; ?> <?php $sql_blabs = mysql_query("SELECT id, mem_id, the_blab, blab_date FROM blabbing ORDER BY blab_date DESC LIMIT 30"); $blabberDisplayList = ""; // Initialize the variable here while($row = mysql_fetch_array($sql_blabs)){ $blabid = $row["id"]; $uid = $row["mem_id"]; $the_blab = $row["the_blab"]; $notokinarray = array("fag", "gay", "shit", "fuck", "stupid", "idiot", "asshole", "cunt", "douche"); $okinarray = array("sorcerer", "grey", "shug", "farg", "smart", "awesome guy", "asshole", "cake", "dude"); $the_blab = str_replace($notokinarray, $okinarray, $the_blab); $the_blab = ($activeLinkObject -> makeActiveLink($the_blab)); $blab_date = $row["blab_date"]; $convertedTime = ($myObject -> convert_datetime($blab_date)); $whenBlab = ($myObject -> makeAgo($convertedTime)); //$blab_date = strftime("%b %d, %Y %I:%M:%S %p", strtotime($blab_date)); // Inner sql query $sql_mem_data = mysql_query("SELECT id, username, firstname, lastname FROM myMembers WHERE id='$uid' LIMIT 1"); while($row = mysql_fetch_array($sql_mem_data)){ $uid = $row["id"]; $username = $row["username"]; $firstname = $row["firstname"]; if ($firstname != "") {$username = $firstname; } // (I added usernames late in my system, this line is not needed for you) /////// Mechanism to Display Pic. See if they have uploaded a pic or not ////////////////////////// $ucheck_pic = "members/$uid/image01.jpg"; $udefault_pic = "members/0/image01.jpg"; if (file_exists($ucheck_pic)) { $blabber_pic = '<div style="overflow:hidden; width:40px; height:40px;"><img src="' . $ucheck_pic . '" width="40px" border="0" /></div>'; // forces picture to be 100px wide and no more } else { $blabber_pic = "<img src=\"$udefault_pic\" width=\"40px\" height=\"40px\" border=\"0\" />"; // forces default picture to be 100px wide and no more } $blabberDisplayList .= ' <table width="100%" align="center" cellpadding="4" bgcolor="#CCCCCC"> <tr> <td width="7%" bgcolor="#FFFFFF" valign="top"><a href="profile.php?id=' . $uid . '">' . $blabber_pic . '</a> </td> <td width="93%" bgcolor="#EFEFEF" style="line-height:1.5em;" valign="top"><span class="greenColor textsize10">' . $whenBlab . ' <a href="profile.php?id=' . $uid . '">' . $username . '</a> said: </span><br /> ' . $the_blab . '</td> </tr> </table>'; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name="Description" content="Web Intersect is a deft combination of powerful free open source software for social networking, mixed with insider guidance and tutorials as to how it is made at its core for maximum adaptability. The goal is to give you a free website system that has a network or community integrated into it to allow people to join and interact with your website when you have the need." /> <meta name="Keywords" content="web intersect, how to build community, build social network, how to build website, learn free online, php and mysql, internet crossroads, directory, friend, business, update, profile, connect, all, website, blog, social network, connecting people, youtube, myspace, facebook, twitter, dynamic, portal, community, technical, expert, professional, personal, find, school, build, join, combine, marketing, optimization, spider, search, engine, seo, script" /> <title>CookBookers</title> <link href="style/main.css" rel="stylesheet" type="text/css" /> <link rel="icon" href="favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /> <script src="js/jquery-1.4.2.js" type="text/javascript"></script> <style type="text/css"> #Layer1 { height:210px; } body { background-color: #3c60a4; } .style4 {font-size: 36px} </style> </head> <body> <p> <?php include_once "header_template.php"; ?> </head> <body style="margin:0px;"> <center> </p> <p> </p> <table border="0" align="center" cellpadding="0" cellspacing="0" class="mainBodyTable"> <tr> <td width="124" valign="top"> <td width="776" colspan="2" align="left" valign="top" style="background-color:#EFEFEF; border:#999 0px; padding:10px;"> <table border="0" cellpadding="6"> </table> <table width="574" border="0"> <form enctype="multipart/form-data" action="include/recipe.php" method="post"> <span class="style4">Add Recipie</span> <tr> <th width="232" scope="col"></th> <th width="332" scope="col"> </th> </tr> <tr> <td><span style="margin-bottom:5px; color:brown;">Public:</span></td> <td><span style="margin-bottom:5px; color:brown;"> <input name="Pub" value="1" type="checkbox" id="Pub"/> </span></td> </tr> <tr> <td><span style="margin-bottom:5px; color:brown;">Title:</span></td> <td><span style="margin-bottom:5px; color:brown;"> <input type="text" name="title" /> </span></td> </tr> <tr> <td><span style="margin-bottom:5px; color:brown;">Prep time:</span></td> <td><span style="margin-bottom:5px; color:brown;"> <input type="text" name="prep" /> </tr> <tr> <td><span style="margin-bottom:5px; color:brown;">Cooking time:</span></td> <td><span style="margin-bottom:5px; color:brown;"> <input type="text" name="cook" /> </tr> <tr> <td><span style="margin-bottom:5px; color:brown;">Makes:</span></td> <td><span style="margin-bottom:5px; color:brown;"> <input type="text" name="make" /> </span></td> </tr> <tr> <td><span style="margin-bottom:5px; color:brown;">Ingrediants:</span></td> <td><span style="margin-bottom:5px; color:brown;"> <textarea rows="5" name="ingr" cols="40"></textarea> </span></td> </tr> <tr> <td><span style="margin-bottom:5px; color:brown;">Method: </span></td> <td><span style="margin-bottom:5px; color:brown;"> <textarea rows="5" name="desc" cols="40"></textarea> </span></td> </tr> <tr> <td><span style="margin-bottom:5px; color:brown;">Notes:</span></td> <td><span style="margin-bottom:5px; color:brown;"> <textarea rows="5" name="note" cols="40"></textarea> </span></td> </tr> <tr> <td><input type="hidden" name="MAX_FILE_SIZE" value="1000000" /> Choose a picture to upload: <input name="uploaded_file" type="file" /></td> </tr> <tr> <td><input name="submit" type="submit" style="padding:5px 10px;" value="Submit" /></td> </tr> <tr> <td> </td> </tr> </table> </tr> </table> </td> </tr> </table> <?php include_once "footer_template.php"; ?> </body> recipe.php (upload form script) <?php //include("session.php"); include("database.php"); @session_start(); $user = $_SESSION['username']; mysql_real_escape_string($user); //die($user); $Pub=$_POST['Pub']; $title=$_POST['title']; $prep=$_POST['prep']; $cook=$_POST['cook']; $make=$_POST['make']; $ingr=$_POST['ingr']; $desc=$_POST['desc']; $note=$_POST['note']; //if($user=="Guest"||$user==""){ //header("Location: ../index.php"); //} //else{ $database->AddRecipe($user,$Pub,$title,$prep,$cook,$make,$ingr,$desc,$note); $uploaded_file=$_POST['files']['uploaded_file'] //Сheck that we have a file if ((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) { //Check if the file is JPEG image and it's size is less than 350Kb $filename = basename($_FILES['uploaded_file']['name']); $ext = substr($filename, strrpos($filename, '.') + 1); if (($ext == "jpg") && ($_FILES["uploaded_file"]["type"] == "image/jpeg") && ($_FILES["uploaded_file"]["size"] < 350000)) { //Determine the path to which we want to save this file $newname = dirname(__FILE__).'/upload/'.$filename; //Check if the file with the same name is already exists on the server if (!file_exists($newname)) { //Attempt to move the uploaded file to it's new place if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) { echo "It's done! The file has been saved as: ".$newname; } else { echo "Error: A problem occurred during file upload!"; } } else { echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists"; } } else { echo "Error: Only .jpg images under 350Kb are accepted for upload"; } } else { echo "Error: No file uploaded"; } header("Location: ../recipe_added.php"); //} ?> Ok so I have a form to submits to a .php file that creates an image. This works fine, but I also want the info from the form to be sent to MySQL database. The problem is that something in a script I "required" called core.inc.php is interfering and so no image is output. Here is core.inc.php: Code: [Select] <?php ob_start(); session_start(); $current_file = $_SERVER['SCRIPT_NAME']; if(isset($_SERVER['HTTP_REFERER'])&&!empty($_SERVER['HTTP_REFERER'])) { $http_referer = $_SERVER['HTTP_REFERER']; } function loggedin() { if(isset($_SESSION['user_id'])&&!empty($_SESSION['user_id'])) { return true; } else { return false; } } function getuserfield($field) { $query="SELECT `$field` FROM `Users` WHERE `id`='".$_SESSION['user_id']."'"; if($query_run=mysql_query($query)) { if($query_result = mysql_result($query_run, 0, $field)) { return $query_result; } } } ?> Here is the code for the image creating .php file: Code: [Select] <?php require 'connect.inc.php'; require 'core.inc.php'; $title = $_REQUEST['title'] ; $user_id = getuserfield('id'); $query = "INSERT INTO `---` VALUES ('".mysql_real_escape_string($title)."','".mysql_real_escape_string($user_id)."')"; $query_run = mysql_query($query); //There is some more code in here obviously, but it's irrelevant header('Content-type: image/png'); imagepng($image_f); imagedestroy($image_f) Can anybody give me some idea of what is conflicting or what I can do to fix it? Hi
Ultimate Aim: To upload multiple images using ajax using a PHP script which will be fired once an image is selected and then return the resulting URL for use in rest of my JS http://peter-gosling...hooseimage.html simple form posts to http://peter-gosling...d/saveimage.php This PHP script below currently gets the posted image and assigns it a random number file name and echos this
<?php
header("Access-Control-Allow-Origin: *");
$uploaddir = '/home/petergos/public_html/testupload/images/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
$urlpath = "http://www.peter-gosling.co.uk/testupload/images/";
$temp = explode(".",$_FILES["userfile"]["name"]);
$newfilename = rand(1,999999999) . '.' .end($temp);
$newuploadfile = $uploaddir . $newfilename;
echo "<p>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $newuploadfile)) {
$urlfile = $urlpath . $newfilename;
echo $urlfile;
} else {
echo "Upload failed";
}
?>
What I want to do is post my image via ajax but return the value back to my js fileI'm not certain on the CORS issue Here's my first attempt http://peter-gosling.com/testupload/ HTML
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<input type="file" accept="image/*;capture=camera" name="taskoutputfile"></input>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<script type="text/javascript">
$("input[name=taskoutputfile]").on("change", function (){
var fileName = $(this).val();
console.log(fileName);
get_image_url(fileName)
});
//UPLOAD IMAGE RETURN URL
function get_image_url(imageurl) {
var dataString = "url="+imageurl;
//datastring = $("input[name=sessiontitle]").val();
//AJAX code to submit form.
$.ajax({
type: "POST",
url: "http://www.peter-gosling.co.uk/testupload/saveimage2.php",
data: dataString,
cache: false,
success: function(html) {
alert(html);
}
});
}
</script>
</body>
</html>
PHP
<?php
header("Access-Control-Allow-Origin: *");
$uploaddir = '/home/petergos/public_html/testupload/images/';
$uploadfile = $uploaddir . basename($_POST['url']);
$urlpath = "http://www.peter-gosling.co.uk/testupload/images/";
$temp = explode(".",$_POST['url']);
$newfilename = rand(1,999999999) . '.' .end($temp);
$newuploadfile = $uploaddir . $newfilename;
echo "<p>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $newuploadfile)) {
$urlfile = $urlpath . $newfilename;
return $urlfile;
} else {
echo "Upload failed";
}
/*
echo "</p>";
echo '<pre>';
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
*/
?>
Have attached all filesAny help would be really appreciated Thankyou I'm new to programming so take it easy on me but I wrote this script for php and it's not complete yet but I could use some advice on file upload security. Besides recreating the image, checking token/request and setting apache settings what else can I do to secure this application. Here's my code:
header('Content-Type: application/json');
$uploaded = array();
if(!empty($_FILES['file']['name'][0])) {
$allowedExts = array("gif", "jpeg", "pjpeg", "x-png", "jpg", "png");
foreach ($_FILES['file']['tmp_name'] as $k => $v) {
$name = $_FILES['file']['name'][$k];
$type = $_FILES['file']['type'][$k];
$error = $_FILES["file"]["error"][$k];
$size = $_FILES["file"]["size"][$k];
$tempDir = $_FILES["file"]["tmp_name"][$k];
$lowerName = strtolower($name);
$temp = explode(".", $lowerName);
$extension = end($temp);
if ((($type == "image/gif")
|| ($type == "image/jpeg")
|| ($type == "image/jpg")
|| ($type == "image/pjpeg")
|| ($type == "image/x-png")
|| ($type == "image/png"))
&& ($size < 20000)
&& in_array($extension, $allowedExts)) {
if ($error > 0) {
echo "Return Code: " . $error . "<br>";
} else {
$imageInfo = getimagesize($tempDir);
if($imageInfo['mime'] != 'image/gif' && $imageInfo['mime'] != 'image/jpeg' && $imageInfo['mime'] != 'image/jpg' &&
$imageInfo['mime'] != 'image/pjpeg' && $imageInfo['mime'] != 'image/x-png' && $imageInfo['mime'] != 'image/png') {
echo 'Sorry we only accept GIF, JPEG, JPG, PJPEG, X-PNG, PNG image files!';
}else {
switch($type) {
case 'image/gif':
$newName = md5(uniqid()). '.' .time(). '.gif';
break;
case 'image/jpeg':
$newName = md5(uniqid()). '.' .time(). '.jpeg';
break;
case 'image/jpg':
$newName = md5(uniqid()). '.' .time(). '.jpg';
break;
case 'image/pjpeg':
$newName = md5(uniqid()). '.' .time(). '.pjpeg';
break;
case 'image/x-png':
$newName = md5(uniqid()). '.' .time(). '.x-png';
break;
case 'image/png':
$newName = md5(uniqid()). '.' .time(). '.png';
break;
}
if (file_exists('images/' .Session::get(Config::get('session/session_name')). '/' .$newName)) {
echo escape($name) . " already exists. ";
} else {
if(move_uploaded_file($tempDir, 'images/' .Session::get(Config::get('session/session_name')). '/' .$newName)) {
$uploaded[] = array(
'name' => $name,
'file' => 'images/' .Session::get(Config::get('session/session_name')). '/' .$newName
);
}
}
}
}
} else {
echo 'Sorry we only accept GIF, JPEG, JPG, PJPEG, X-PNG, PNG image files!';
}
}
}
I've been researching apache Mod_mime but can't find enough info to wrap my mind around it.
Edited by Millertime1, 12 August 2014 - 01:00 PM. Hello, My upload script is working for the most part and while I know that I need a couple of little fixes and will need help with those I also wouldn't mind some tips on how I could have written it better in the first place. The 2 problems I am having. 1. If the copy image fails the script doesn't and still creates a database entry. I would like to stop it from doing that but can't seem to work it out. 2. My mate is getting file type errors even though he is trying to upload small .jpg files. I can't seem to recreate the problem. Maybe someone can see something that might be problematic?? Code: [Select] <? $idir = "../rosysartworks/gallery/"; // Path To Images Directory $tdir = "../rosysartworks/gallery/thumbs/"; // Path To Thumbnails Directory $iwidth = "600"; // Maximum Width For Thumbnail Images $iheight = "600"; // Maximum Height For Thumbnail Images $twidth = "233"; // Maximum Width For Thumbnail Images $theight = "178"; // Maximum Height For Thumbnail Images ?> <? // Catching the inputs $title = Trim(stripslashes($_POST['title'])); $paypal = Trim(stripslashes($_POST['paypal'])); // Check if the form has been submitted. if (isset ($_POST['submit'])) { $problems = FALSE; // No problems so far. // Check for each value. if (empty ($title)) { $problem = TRUE; $problems = 'You forgot to enter a title!<br />'; } if (empty ($paypal)) { $problem = TRUE; $problems = 'You forgot to enter a paypal link!<br />'; } if (!$problem) { // If there are no problems... // Uploading/Resizing Script $url = $_FILES['imagefile']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['imagefile']['type'] == "image/jpg" || $_FILES['imagefile']['type'] == "image/jpeg" || $_FILES['imagefile']['type'] == "image/pjpeg" || $_FILES['imagefile']['type'] == "image/JPG") { $file_ext = strrchr($_FILES['imagefile']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['imagefile']['tmp_name'], "$idir" . $_FILES['imagefile']['name']); // Move Image From Temporary Location To Permanent Location if ($copy) { // If The Script Was Able To Copy The Image To It's Permanent Location // Resize for preview image. $simg = imagecreatefromjpeg("$idir" . $url); // Make A New Temporary Image To Create The Thumbanil From $currwidth = imagesx($simg); // Current Image Width $currheight = imagesy($simg); // Current Image Height if ($currwidth > $iwidth && $currheight > $iheight) { $newwidth = $iwidth; $newheight = $newwidth * $currheight / $currwidth; if ($newheight > $iheight) { $newheight = $iheight; $newwidth = $newheight * $currwidth / $currheight; } $dimg = imagecreatetruecolor($newwidth, $newheight); // Make New Image For Preview imagetruecolortopalette($simg, false, 256); // Create New Color Pallete $palsize = ImageColorsTotal($simg); for ($i = 0; $i < $palsize; $i++) { // Counting Colors In The Image $colors = ImageColorsForIndex($simg, $i); // Number Of Colors Used ImageColorAllocate($dimg, $colors['red'], $colors['green'], $colors['blue']); // Tell The Server What Colors This Image Will Use } imagecopyresampled($dimg, $simg, 0, 0, 0, 0, $newwidth, $newheight, $currwidth, $currheight); // Copy Resized Image To The New Image (So We Can Save It) $success = imagejpeg($dimg, "$idir" . $url, 100); // Saving The Image imagedestroy($simg); // Destroying The Temporary Image imagedestroy($dimg); // Destroying The Other Temporary Image if ($success) { print 'Preview image '.$url.' width: '.$newwidth.' height: '.$newheight.' created successfully.<br />'; // Resize successful for preview image unset($success); } } else { unset($simg, $currwidth, $currheight); } // Resize for thumbnail $simg = imagecreatefromjpeg("$idir" . $url); // Make A New Temporary Image To Create The Thumbanil From $currwidth = imagesx($simg); // Current Image Width $currheight = imagesy($simg); // Current Image Height $newwidth = $twidth; $newheight = $newwidth * $currheight / $currwidth; if ($newheight > $theight) { $newheight = $theight; $newwidth = $newheight * $currwidth / $currheight; } // maxWidth: mw, maxHeight: mh, oldHeight: oh, oldWidth: ow, newHeight: nh, newWidth: nw. // nw = mw; nh = nw * oh / ow; // if (nh > mh) { nh = mh; nw = nh * ow / oh } $dimg = imagecreatetruecolor($newwidth, $newheight); // Make New Image For Thumbnail imagetruecolortopalette($simg, false, 256); // Create New Color Pallete $palsize = ImageColorsTotal($simg); for ($i = 0; $i < $palsize; $i++) { // Counting Colors In The Image $colors = ImageColorsForIndex($simg, $i); // Number Of Colors Used ImageColorAllocate($dimg, $colors['red'], $colors['green'], $colors['blue']); // Tell The Server What Colors This Image Will Use } imagecopyresampled($dimg, $simg, 0, 0, 0, 0, $newwidth, $newheight, $currwidth, $currheight); // Copy Resized Image To The New Image (So We Can Save It) $success = imagejpeg($dimg, "$tdir" . $url, 100); // Saving The Image imagedestroy($simg); // Destroying The Temporary Image imagedestroy($dimg); // Destroying The Other Temporary Image if ($success) { print 'Image thumbnail '.$url.' width: '.$newwidth.' height: '.$newheight.' created successfully.'; // Thumbnail created successfully } } else { print '<font color="#FF0000">ERROR: Unable to upload image.</font>'; // Error Message If Upload Failed } // End upload at copy failure } else { print 'Failed to copy image to temp location.'; } } else { print '<font color="#FF0000">ERROR: Wrong filetype (has to be a .jpg or .jpeg. Yours is '; // Error Message If Filetype Is Wrong print $file_ext; // Show The Invalid File's Extention print '.</font>'; } // End upload script // Define the query. $add_new_session = $sql = "INSERT INTO `gallery` ( `id` , `title` , `image` , `thumb` , `width` , `height` , `paypal` , `date_entered` ) VALUES ( 0, '".mysql_real_escape_string(($title))."', '".mysql_real_escape_string(($url))."', '".mysql_real_escape_string(($url))."', '".mysql_real_escape_string(($newwidth))."', '".mysql_real_escape_string(($newheight))."', '".mysql_real_escape_string(($paypal))."', NOW() )"; // execute the query. if (@mysql_query ($add_new_session)) { print "<p>The new gallery image $url has been added.</p>"; unset($sessionName, $maxAttendees, $newwidth, $newheight); $hidden = 'hidden'; } else{ print '<a name="formTop"></a>'.'<p class="error">Your session has failed to upload. Please contact website support.</p>'; echo $add_new_session; } } else { // Forgot a field. // print '<p>Please try again!</p>'; $problems .= '<a name="formTop"></a>'.'Please try again!<br />'; if ($problem) { print '<p class="error">' . $problems . '</p>'; } } // End of handle form IF // Display the form print '<h2>Upload New Image</h2>' . '<p>Please only try uploading .jpg images</p>' . '<form method="post" action="index.php" enctype="multipart/form-data">' . '<label>Title:</label>' . '<input type="text" name="title" class="form">' . '<br />' . '<label>Image:</label>' . '<input type="file" name="imagefile" class="form">' . '<br />' . '<label>Paypal Link:</label>' . '<input type="text" name="paypal" class="form" size="50">' . '<br /><br />' . '<input name="submit" type="submit" value="Sumbit" class="form">' . '<input type="reset" value="Clear" class="form">' . '</form>'; ?> Hi all! I have a problem with an image uploading script and at the moment it keeps the image name the same, obviously people don't have very adventurous names for their images "image1" and they are over writing each other. How do I put a random 5 digit number on the end to make them all unique? Thanks. Code: [Select] $image1 = mysql_real_escape_string("$idir" . $_FILES['fupload2']['name']); $image2 = mysql_real_escape_string("$idir" . $_FILES['fupload3']['name']); $image3 = mysql_real_escape_string("$idir" . $_FILES['fupload4']['name']); $logo = mysql_real_escape_string("$idir" . $_FILES['fupload']['name']); $idir = "uploads/"; // Path To Images Directory if (isset ($_FILES['fupload'])){ //upload the image to tmp directory $url = $_FILES['fupload']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload']['type'] == "image/jpg" || $_FILES['fupload']['type'] == "image/jpeg" || $_FILES['fupload']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload']['tmp_name'], "$idir" . $_FILES['fupload']['name']); // Move Image From Temporary Location To Permanent Location } } if (isset ($_FILES['fupload2'])){ //upload the image to tmp directory $url = $_FILES['fupload2']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload2']['type'] == "image/jpg" || $_FILES['fupload2']['type'] == "image/jpeg" || $_FILES['fupload2']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload2']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload2']['tmp_name'], "$idir" . $_FILES['fupload2']['name']); // Move Image From Temporary Location To Permanent Location } } if (isset ($_FILES['fupload3'])){ //upload the image to tmp directory $url = $_FILES['fupload3']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload3']['type'] == "image/jpg" || $_FILES['fupload3']['type'] == "image/jpeg" || $_FILES['fupload3']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload3']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload3']['tmp_name'], "$idir" . $_FILES['fupload3']['name']); // Move Image From Temporary Location To Permanent Location } } if (isset ($_FILES['fupload4'])){ //upload the image to tmp directory $url = $_FILES['fupload4']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload4']['type'] == "image/jpg" || $_FILES['fupload4']['type'] == "image/jpeg" || $_FILES['fupload4']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload4']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload4']['tmp_name'], "$idir" . $_FILES['fupload4']['name']); // Move Image From Temporary Location To Permanent Location } } |
|||||||