PHP - Upload Success At Localhost But Not In Server.please Help.....

i am making song site
i want to upload songs files on another instread on which m running my script for uploading songs and adding information in data...
mean want to know is there any function or method that i upload files through the panel of www.site1.com
and my files upload on an other server www.site2.com.
which code i have to write for doing this

I need to upload an image using php and store the image as blob in mysql. I understand the standard way is to create a form for the user, let the user choose the image to upload, click submit.

But I need to create a php, for example, uploadImage.php?image="c:\myPhoto.jpg"
and when I type http:\\www.myhome.com\uploadImage.php?image="c:\myPhoto.jpg"
from a web browser in my pc, I can automatically upload myPhoto.jpg to the myhome.com server?

Thank you for your kind help.

I designed a web form that takes as input a file and that should upload that file on the server. The file is located on the client machine. The page containing the web form is handled by PHP script.

I found out (reading 9483658954 forum topics so far) that there are 2 methods for getting a file uploaded. The first one is using FTP, and the second one using $_FILES variable. Unfortunately i have complains regarding both of the methods.

Firstly, when attempting to upload the file using FTP it seems that rather the FTP server is calling "upload" a simple copy action (because the only successful thing i could do with FTP was to copy a file from location A to location B, both A and B being on the server) or I don't know to use FTP (which is probably the right answer). Then, when using $_FILES variable, I was forced to include ' enctype="multipart/form-data" ' in the form tag. After a long documentation I finally figured out that by including the enctype blah blah, the $_POST and $_FILES variables were NULL after the form was submitted.Still can't understand why!



Are there any other methods for uploading a file from the client machine to the server? Can I get a competent script for this?

i have added a member area to my wordpress site.  everything works good, login, edit, delete, etc.  But when i upload the logout.php file to the godaddy server, it starts logging me out on every page.  The programs work fine without the logout file, but as soon as it is uploaded it keeps logging out.

here is the logout.php i am using

<?php
  // If the user is logged in, delete the session vars to log them out
  session_start();
  if (isset($_SESSION['user_id'])) {
    // Delete the session vars by clearing the $_SESSION array
    $_SESSION = array();

    // Delete the session cookie by setting its expiration to an hour ago (3600)
    if (isset($_COOKIE[session_name()])) {
      setcookie(session_name(), '', time() - 3600);
    }

    // Destroy the session
    session_destroy();
  }

  // Delete the user ID and username cookies by setting their expirations to an hour ago (3600)
  setcookie('user_id', '', time() - 3600);
  setcookie('username', '', time() - 3600);

  // Redirect to the home page
  $home_url = 'http://' . $_SERVER['HTTP_HOST'] . '/my-account/';
   header('Location: ' . $home_url);
?>

i have looked around the internet but haven't found any solutions. Please help.  Thank you

Hi, ive recently created a gallery website and im happy with the way everything currently works. However the main drawback is the site uploads using a html webfom which is great for remote users or the odd image.

However, as i want to mass upload my existing collection i will need the ability to read a selected folder and then to carry out all the same processes that existed from the existing html form upload.

Im also using gdlibrary and checking file types to ensure they are within my allowed list, but im wondering if there are any other common security alerts i should be aware of to keep things a little bit safer if/when i publish outside of my LAN.

So in a nut shell i need some assistance with changing my upload process to work for more than one file at a time, ideally by reading a folder, or at least reading X amount of files at a time - processing them then moving onto next batch of files in the list.  Then the next part i need help with is checking/improving basic security of the system

i have php at server side and c++ at client side.what i am trying to do is to constantly look for files on server in folder on server if there’s a file in folder then download it on client side and delete it from server folder
this will happen again and again after 5minutes if a file is present on server in folder then download it and delete from server then in c++ goto sleep again fro 5 minutes and after 5 minutes do all this again if no file present in folder on server then simply do nothing.

My server is Linux/Apache/PHP.   When a file is uploaded, I use PHP's finfo_open to confirm that the file have the correct file extension matches and delete them if it doesn't match.  I also which file mimi types and size could be uploaded.   Things I do with the files include: Upload user's files and store them in some public directory (/var/www/html/users_public_directory/), and allow other users to directly download them. Upload user's files and store them in some private directory (/var/www/users_private_directory/), and allow other users to download them using X-Sendfile. Upload user's ZIP files and convert them to PDF files (unzip the ZIP file, and uses Libreoffice and Imagemagick's convert to convert them to PDFs). From the server's prospective, what are the risks of allowing users to upload files?  Are there some file types which are more dangerous to the server?  Could they be executed on the server, and if so, how could this be prevented?

    
    $account="54646456456464";
    $station= "12345";
    $options="11-1";
    $image="C:/Desktop/Sample Images/usco1.jpg";
    
    
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL,"http://dfdgfsfs.com/kgdfgd.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
            'image' => '@'.$image, 'account' => $account, 'station' => $station, 'options' => $options));


$postResult = curl_exec($ch);


curl_close ($ch);

$xmlobj = simplexml_load_string($postResult);

echo (string)$xmlobj->ID->attributes()->value;
echo (string)$xmlobj->FullName->attributes()->value;

All, I have spend days trying to figure this out without any luck.  I am now in crisis mode.  I need to get this working asap.  The following code works perfect on my local xampp machine.  As soon as I upload it to my web server, I don't get any data back.  I have narrowed it down to the image i am trying to send is not being received properly.  Thanks in advance.

Hello

I am having problems uploading an image through a HTML form. I want the image to be uploaded to the server and the image name to be written to the mysql database.

Below is the code I am using:
Code: [Select]
<?php
if (isset($_POST['add'])){
   
   echo "<br /> add value is true";
      $name = $_POST['name'];   
      $description = $_POST['description'];   
      $price = $_POST['price'];
      $category_id = $_POST['category_name'];
      $image = $_FILES['image']['name'];   
      
      //file path of the image upload
      $filepath = "../images/";
      //mew name for the image upload
      $newimagename = $name;
      //new width for the image
      $newwidth = 100;
      //new height for the image
      $newheight = 100;
      
      include('../includes/image-upload.php');
      
      
      mysql_query("INSERT INTO item (item_name, item_description, item_price, item_image)
      VALUES ('$name','$description','$price','$image')"); ?>

Here is the image-upload.php file code:

Code: [Select]
<?php

//assigns the file to the image
$image =$_FILES["image"]["name"];
$uploadedfile =$_FILES["image"]["tmp_name"];

if ($image) {
   //retrieves the extension type from image upload
   $extension = getextension($image);
   //converts extension to lowercase
   $extension = strtolower($extension);
   
   //create image from uploaded file type
   if($extension=="jpg" || $extension=="jpeg") {
      $uploadedfile = $_FILES['image']['tmp_name'];
      $src = imagecreatefromjpeg($uploadedfile);
   }else if($extension=="png") {
      $uploadedfile = $_FILES['image']['tmp_name'];
      $src = imagecreatefrompng($uploadedfile);
   }else{
      $src = imagecreatefromgif($uploadedfile);
   }
   
   //creates a list of the width and height of the image
   list($width,$height)=getimagesize($uploadedfile);
   
   //adds color to the image
   $tmp = imagecreatetruecolor($newwidth,$newheight);
   
   //create image
   imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height);
   
   //set file name
   $filename = $filepath.$newimagename.".".$extension;
   $imagename = $newimagename.".".$extension;
   //uploads new file with name to the chosen directory
   imagejpeg($tmp,$filename,100);
   
   //empty variables
   imagedestroy($src);
   imagedestroy($tmp);
   
}


?>
Any help would be appreciated, fairly new to all this!

Thanks!!!

Hello, I decided I would make my websites load less by implementing ajax/jQuery..

I however stumbled upon a problem..

This is the code I use to direct myself to the registeration page...
Code: [Select]
function register(){
$.ajax({
type: "POST",
url: "user/registerConfirm.php",
data: "regUsername=" + document.getElementById("regUsername").value +
"&regPassword=" + document.getElementById("regPassword").value +
"&myPassCheck=" + document.getElementById("myPassCheck").value +
"&regEmail=" + document.getElementById("regEmail").value,
success: function(html){
$('#response').html(html);
alert("success...");
},
complete: function(html){
$('#response').html(html);
alert("completed..");
}
});
}
When running - it shows me the "alert("completed..");", and in fact- the code used to insert the user in my database is working.
However, I never seem to get the 'html' variable that they use in tutorials I found. (meaning I can't show some sort of response)

The php code used:
Code: [Select]
<?php
session_start();
ob_start();

require("../widgets/functions.php");
connectToDB();

// Check email
if (!filter_var(clean($_POST['regEmail']), FILTER_VALIDATE_EMAIL))
{
$error = 'Invalid email!';
}
else
{
if ( clean($_POST['regPassword']) == clean($_POST['myPassCheck']) && clean($_POST['regPassword']) != NULL 
&& clean($_POST['regUsername']) != NULL && clean($_POST['regEmail']) != NULL ) // Register can be allowed
{
// Check if their already is a user with the same name..
$sql="SELECT * FROM `users` WHERE username='".clean(trim($_POST['regUsername']))."'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

if($count==1){
// Their was already a user with this name!
$error = 'Registration failed - username already taken..';
}
else if ( $count == 0 ){ 
// Registration allowed, no user found with the same name

// Encrypt password
$encryptPass = md5($_POST['regPassword']);

$subject = "Confirmation registration";
$message = '
<html>
<head>
  <title>Registration at codexplained</title>
</head>
<body>
<p>Hello '.clean($_POST['regUsername']).',</p>

<p>Thank you for registering at our website!
</p>

<p>If you wish, you can now edit your profile, to change your display options and/or to upload your own profile image!<br />
We hope to see you commenting on our articles soon!<br />
If you wish to receive more information - Please contact us, or message any of our moderators.</p>
<hr />
<p>- Current moderators - <br />
Ruud<br />
Willem<br />
Quint
</p>
<hr />
</p>
- Contact details - <br />
Codexplained.tk<br />
Codexplained@gmail.com
</p>
</body>
</html>
';
$from = "Codexplained@admin.com";
$headers = 'From: Codexplained'."\r\n";
$headers  .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$to = clean($_POST['regEmail']);
if ( mail($to,$subject,$message,$headers) )
{
// Success
}
else
{
// Failed
}
// Insert data
$query = "INSERT INTO `users` 
(
`Id` ,`Username` ,`Password` ,`Rank`,`E-mail` ,`PostAmount`, `ProfileImage`, `Ip`, `LastIP`
)
VALUES ( NULL , '".clean(trim($_POST['regUsername']))."' , '".$encryptPass."' , 'member', '".clean($_POST['regEmail'])."' , '0', 'none', '".$_SERVER['REMOTE_ADDR']."','".$_SERVER['REMOTE_ADDR']."' )
";
mysql_query($query)or die(mysql_error());

$error = 'Registration completed!';
}
}
else
{
if ( clean($_POST['regPassword']) != clean($_POST['myPassCheck']) )
{
 $error = 'Passwords do not match...';
}
else
{
$error = 'Registration failed - not enough data..';
}
}
}

echo $error;
exit;

mysql_close();
//header("location:../index.php?page=register");
?>

And here is the form code:
Code: [Select]
<?php
session_start();
ob_start();

connectToDB();
$query = "SELECT * FROM `users`";
$result = mysql_query($query);
$num = mysql_num_rows($result);
echo '
<div id="registerHolder">
<h1>
<strong>
Registration
</strong>
</h1>
<em>Currently... we have '.$num.' registered members! Join them by filling in the form below!</em><br />
<p>
Please fill in these boxes and press confirm to register:
<br />
<form id="registerForm" method="post" action="">
<table>
<tr>
<td style="width:200px">
Username:
</td>
<td>
<input name="regUsername" type="text" id="regUsername" style="width:300px" class="box" value="" />
</td>
</tr>

<tr> 
<td>
Password:
</td>
<td>
<input name="regPassword" type="password" id="regPassword" style="width:300px" class="box" value="" />
</td>
</tr>
<tr>
<td>
Confirm Password:
</td>
<td>
<input name="myPassCheck" type="password" style="width:300px" id="myPassCheck" value="" />
</td>
</tr>
<tr>
<td>
E-mail:
</td>
<td>
<input name="regEmail" type="text" id="regEmail" style="width:300px" class="box" value="" />
</td>
</tr>
<tr>
<td>
<input type="submit" name="Submit" class="btn" value="Confirm" onclick="register()" />
</td>
</tr>
</table>
<br />
</form>
</p>

<div id="response">

</div>
</div>
';
?>
I am wondering what I missed, and hoped someone out here could assist me.
Thanks in advance.


Edit: Added register.php code (form)

Hi Guys,

I'm trying the following.. returning an array from a php function to Ajax success but the alert seems to only display undefined.

PHP
Code: [Select]

public function reply()
{
$item_id = $this->uri->segment(3);
$type = $this->uri->segment(4);

if($type == 1){
$data['get_news_item'] = $this->Newsletter_model->get_news_item($item_id);

$test = array( "Paul", "Mike");

return $test;
}
}

AJAX
Code: [Select]


$.ajax({
type: "POST",
url: "<?php echo site_url(); ?>newsletter/reply/"+id+"/"+type,
cache: false,

success: function (data){


alert(data[0]); // So this should display "Paul"?



});


[/code]

from the customer so that I can record the transaction into my database seeing as the pay button is on paypal and not on my any of my site.

Hi, I found a tutorial online for a form which used PHP/MySQL and JQuery to submit data. I am making some modifications and the form no-longer submits the data. The problem I have is no errors display so I am not sure where the problem lies. I need to be able to display a success or failure message on the form itself, but this is either not there or not working. The code is below.

Code: [Select]
<form id="ContactForm" action="">
                <p>
                    <label>First Name</label>
                    <input id="FirstName" name="FirstName" class="inplaceError" maxlength="120" type="text" autocomplete="off"/>
<span class="error" style="display:none;"></span>
                </p>
                <p>
                    <label>Last Name</label>
                    <input id="LastName" name="LastName" class="inplaceError" maxlength="120" type="text" autocomplete="off"/>
<span class="error" style="display:none;"></span>
                </p>
                <p>
                    <label>User Name</label>
                    <input id="UserName" name="UserName" class="inplaceError" maxlength="120" type="text" autocomplete="off"/>
<span class="error" style="display:none;"></span>
                </p>
                <p>
                    <label>Email</label>
                    <input id="email" name="email" class="inplaceError" maxlength="120" type="text" autocomplete="off"/>
<span class="error" style="display:none;"></span>
                </p>
                <p>
                    <label>Website<span>(optional)</span></label>
                    <input id="website" name="website" class="inplaceError" maxlength="120" type="text" autocomplete="off"/>
                </p>
                <p>
                    <label>Your message<br /> <span>300 characters allowed</span></label>
                    <textarea id="message" name="message" class="inplaceError" cols="6" rows="5" autocomplete="off"></textarea>
<span class="error" style="display:none;"></span>
                </p>
                <p class="submit">
                    <input id="send" type="button" value="Submit"/>
                    <span id="loader" class="loader" style="display:none;"></span>
<span id="success_message" class="success"></span>
                </p>
<input id="newcontact" name="newcontact" type="hidden" value="1"></input>
            </form>


<?php
require_once("config.php"); /* Configuration File */

class DB{

private $link;

public function __construct(){
$this->link = mysqli_connect(DB_SERVER, DB_USER, DB_PASS,DB_NAME);
if (mysqli_connect_errno())
    exit();
}

public function __destruct() {
mysqli_close($this->link);
}

public function dbNewMessage($email,$FirstName,$LastName,$website,$message){
$email    = mysqli_real_escape_string($this->link,$email);
$FirstName  = mysqli_real_escape_string($this->link,$FirstName);
$LastName  = mysqli_real_escape_string($this->link,$LastName);
$UserName  = mysqli_real_escape_string($this->link,$UserName);
$website  = mysqli_real_escape_string($this->link,$website);
$message  = mysqli_real_escape_string($this->link,$message);

mysqli_autocommit($this->link,FALSE);

$query = "INSERT INTO contact_me(pk_contact,FirstName,LastName,UserName,email,website,message) 
  VALUES('NULL','$FirstName','$LastName','$UserName','$email','$website','$message')";
mysqli_query($this->link,$query);

if(mysqli_errno($this->link))
return -1;
else{
mysqli_commit($this->link);
return 1;
}
}   
};
?>





<?php
require_once("db.php"); /* Database Class */
require_once('utils/is_email.php'); /* Email Validation Script */

/* Handle Ajax Request */
if(isset($_POST['newcontact'])){
$contact = new Contact();
unset($contact);
}
else{
header('Location: /');
}

/* Class Contact */
class Contact{

private $db;  /* the database obj */

private $errors  = array();  /* holds error messages */
private $num_errors;    /* number of errors in submitted form */

public function __construct(){
$this->db = new DB();
if(isset($_POST['newcontact']))
$this->processNewMessage();
else
header("Location: /");
}

public function processNewMessage(){

$email = $_POST['email'];
$FirstName = $_POST['FirstName'];
$LastName = $_POST['LastName'];
$UserName = $_POST['UserName'];
$website = $_POST['website'];
$message = $_POST['message'];

/* Server Side Data Validation */

/* Email Validation */
if(!$email || mb_strlen($email = trim($email)) == 0)
$this->setError('email','required field');
else{
if(!is_email($email))
$this->setError('email', 'invalid email');
else if(mb_strlen($email) > 120)
$this->setError('email', 'too long! 120');
}

/* FirstName Validation */
if(!$FirstName || mb_strlen($FirstName = trim($FirstName)) == 0)
$this->setError('FirstName', 'required field');
else if(mb_strlen(trim($FirstName)) > 120)
$this->setError('FirstName', 'too long! 120 characters');

/* LastName Validation */
if(!$LastName || mb_strlen($LastName = trim($LastName)) == 0)
$this->setError('LastName', 'required field');
else if(mb_strlen(trim($LastName)) > 120)
$this->setError('LastName', 'too long! 120 characters');

/* UserName Validation */
if(!$UserName || mb_strlen($UserName = trim($UserName)) == 0)
$this->setError('UserName', 'required field');
else if(mb_strlen(trim($UserName)) > 120)
$this->setError('UserName', 'too long! 120 characters');

/* Website Validation */
if(!mb_eregi("^[a-zA-Z0-9-#_.+!*'(),/&:;=?@]*$", $website))
$this->setError('website', 'invalid website');
elseif(mb_strlen(trim($website)) > 120)
$this->setError('website', 'too long! 120 characters');

/* Message Validation */
$message = trim($message);
if(!$message || mb_strlen($message = trim($message)) == 0)
$this->setError('message','required field');
elseif(mb_strlen($message) > 300)
$this->setError('message', 'too long! 300 characters');

/* Errors exist */
if($this->countErrors() > 0){
$json = array(
'result' => -1, 
'errors' => array(
array('name' => 'email' ,'value' => $this->error_value('email')),
array('name' => 'FirstName' ,'value' => $this->error_value('FirstName')),
array('name' => 'LastName' ,'value' => $this->error_value('LastName')),
array('name' => 'UserName' ,'value' => $this->error_value('UserName')),
array('name' => 'website' ,'value' => $this->error_value('website')),
array('name' => 'message' ,'value' => $this->error_value('message'))
)
);
$encoded = json_encode($json);
echo $encoded;
unset($encoded);
}
/* No errors, insert in db*/
else{
if(($ret = $this->db->dbNewMessage($email, $FirstName, $LastName,$UserName, $website, $message)) > 0){
$json = array('result'  => 1); 
if(SEND_EMAIL)
$this->sendEmail($email,$name,$website,$message);
}
else
$json = array('result'  => -2); /* something went wrong in database insertion  */
$encoded = json_encode($json);
echo $encoded;
unset($encoded);
}
}

public function sendEmail($email,$name,$website,$message){
/* Just format the email text the way you want ... */
$message_body = "Hi, ".$name."(".$email." - ".$website.") sent you a message from yoursite.com\n"
."email: ".$email."\n"
."message: "."\n"
.$message; 
$headers = "From: ".EMAIL_FROM_NAME." <".EMAIL_FROM_ADDR.">";

return mail(EMAIL_TO,MESSAGE_SUBJECT,$message_body,$headers);
}

public function setError($field, $errmsg){
$this->errors[$field]  = $errmsg;
$this->num_errors  = count($this->errors);
}

public function error_value($field){
if(array_key_exists($field,$this->errors))
return $this->errors[$field];
else
return '';
}

public function countErrors(){
return $this->num_errors;
}
};
?>


and the JQuery
Code: [Select]
$(document).ready(function() {
contact.initEventHandlers();
});
var contact = {
initEventHandlers : function() {
/* clicking the submit form */
$('#send').bind('click',function(event){
$('#loader').show();
setTimeout('contact.ContactFormSubmit()',500);
});
/* remove messages when user wants to correct (focus on the input) */
$('.inplaceError',$('#ContactForm')).bind('focus',function(){
var $this = $(this);
var $error_elem = $this.next();
if($error_elem.length)
$error_elem.fadeOut(function(){$(this).empty()});
$('#success_message').empty();
});
/* user presses enter - submits form */
$('#ContactForm input,#ContactForm textarea').keypress(function (e) {
if ((e.which && e.which == 13) || (e.keyCode && e.keyCode == 13)) { 
$("#send").click();
return false; 
}
else 
return true; 
});
},
ContactFormSubmit : function() {
$.ajax({
   type : 'POST',
   url : 'php/contact.php?ts='+new Date().getTime(),
   dataType : 'json',
   data : $('#ContactForm').serialize(),
   success : function(data,textStatus){
  //hide the ajax loader
  $('#loader').hide();
  if(data.result == '1'){
      //show success message
  $('#success_message').empty().html('Message sent');
  //reset all form fields
  $('#ContactForm')[0].reset();
  //envelope animation
  $('#envelope').stop().show().animate({'marginTop':'-175px','marginLeft':'-246px','width':'492px','height':'350px','opacity':'0'},function(){
      $(this).css({'width':'246px','height':'175px','margin-left':'-123px','margin-top':'-88px','opacity':'1','display':'none'});
  });
  }
  else if(data.result == '-1'){
  for(var i=0; i < data.errors.length; ++i ){
      if(data.errors[i].value!='')
          $("#"+data.errors[i].name).next().html('<span>'+data.errors[i].value+'</span>').fadeIn();
  }
  }  
  },
   error : function(data,textStatus){}
});
} 
};

how can i disply this message withing the form echo "data submitted successfully!";

currently after validation check when data is entered the message show on top of my page not within the form



function insertDATA($postData) {

if(!ifEmailExists($postData['email'])){
$sql = " INSERT INTO tbl SET
email = '".$postData['email']."',
name = '".$postData['name']."',
phone = '".$postData['phone']."'
";
                      echo "data submitted successfully!";//this line withing the form
executeSql($sql);
}