PHP - Logged In Users Add,edit And Save Text File In Php

I am trying to build my own custom login script.

What I am trying to achieve is once a user has logged in depending on wether they have checked the keep me logged in checkbox they have two options. If they haven't checked it then it creates session variables only, and if they have checked it it also creates cookie variable as well as the session variables.

If they then close their browser / tab without logging out and then revisit the site they will get redirected to login page because the active session variable is no longer there. As soon as they land on the loggin page, it automatically checks for the cookie variable and if it exists, it uses it to login and redirect them automatically.

However the problem that I am facing is that the session variable is still being trashed after a default amount of idle time and forcing a login.

My goal is that the user shouldn't have to re-login unless they have either clicked the logout button.

Can someone please have a look through my solution and advise me as to wether this is the correct method that I am implementing, if there is an easier way to achieve what I want, and is this a secure way to handle user logins.

Thanks in advance.

Andrew



Here is the check code I have placed at the top of each admin page.

Code: [Select]
<?php 
session_start();
$url = (!empty($_SERVER['HTTPS'])) ? "https://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'] : "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
$uid = $_SESSION['uid'];
if (!isset($uid)) {
header('location:login.php?redirect='.$url);
exit();
}
?>
Next we have the code for the login.php file.

Code: [Select]
<?php include ('functions.php'); ?>
<?php get_header('login'); ?>
    <div id="login-result">
    <?php
connect();
$redirect = htmlspecialchars(mysql_real_escape_string(addslashes($_GET['redirect'])));

if(isset($_COOKIE['remembered'])){

$username = htmlspecialchars(mysql_real_escape_string(addslashes($_COOKIE['remembered']['username'])));
$password = htmlspecialchars(mysql_real_escape_string(addslashes($_COOKIE['remembered']['password'])));

$sql      = "SELECT * FROM usersT WHERE username='$username' AND password='$password'";
$result   = mysql_query($sql);
$count    = mysql_num_rows($result);
$row      = mysql_fetch_array($result);

$uid      = $row['uid'];
$fname    = $row['firstname'];
$lname    = $row['lastname'];
$role     = $row['role'];

   
if($count==1){
$sql2    = "UPDATE usersT SET status = '1' WHERE uid = '$uid'";
$result2 = mysql_query($sql2);

if($result2){

session_register("uid");
session_register("uname");
session_register("ulevel");
$_SESSION["uid"]    = $uid;
$_SESSION["uname"]  = $fname;
$_SESSION["ufullname"]  = $fname . " " .$lname;
$_SESSION["urole"] = $role;
                                        $home = get_option('home');

if(!empty($redirect)) {
header( 'Location: '. $redirect ) ;
exit(); 
}
else {
header( $home ) ;
exit();
}

}

}
else {
echo "<div class=\"error rounded5 shadow\">Invalid username or password!</div>";
}
}
else if (isset($_POST['admin_login'])){

if(isset($_POST["username"]) && isset($_POST["password"])){

$username_p = htmlspecialchars(mysql_real_escape_string(addslashes($_POST["username"])));
$password_p = htmlspecialchars(mysql_real_escape_string(addslashes($_POST["password"])));
$psw        = md5($password_p);

$sql3      = "SELECT * FROM usersT WHERE username='$username_p' AND password='$psw'";
$result3   = mysql_query($sql3);
$count3    = mysql_num_rows($result3);
$row3      = mysql_fetch_array($result3);

$uid      = $row3['uid'];
$fname    = $row3['firstname'];
$lname    = $row3['lastname'];
$role     = $row3['role'];

   
if($count3==1){
$sql4    = "UPDATE usersT SET status = '1' WHERE uid = '$uid'";
$result4 = mysql_query($sql4);

if($result4){

session_register("uid");
session_register("uname");
session_register("ulevel");
$_SESSION["uid"]    = $uid;
$_SESSION["uname"]  = $fname;
$_SESSION["ufullname"]  = $fname . " " .$lname;
$_SESSION["urole"] = $role;
$home = get_option('home');

if(isset($_POST['remember'])) { 
setcookie("remembered[username]", $username, time() + 86400 * 365 * 2);
setcookie("remembered[password]", $psw, time() + 86400 * 365 * 2); 
}

if(!empty($redirect)) {
header( 'Location: '. $redirect ) ;
exit(); 
}
else {
header( $home ) ;
exit();
}

}

}
else {
echo "<div class=\"error rounded5 shadow\">Invalid username or password!</div>";
}
}
}
?>
    </div><!-- / login-results -->
    <div id="login" class="rounded5 shadow">
<form name="loginform" id="loginform" action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
            <p>
                <label for="username">Username<br>
                <input type="text" name="username" id="username" class="rounded5" value="<?php echo $username_p; ?>" size="20" tabindex="10" /></label>
            </p>
            <p>
                <label for="password">Password<br>
                <input type="password" name="password" id="password" class="rounded5" value="<?php echo $password_p; ?>" size="20" tabindex="20" /></label>
            </p>
            <p class="submit">
            Keep me logged in<input type="checkbox" name="remember" id="remember" /><br /><br /><a href="" class="left">Lost your password?</a>
                <input type="submit" name="admin_login" id="admin_login" class="btn rounded10 right" value="Log In" tabindex="100" />
            </p>
            <div class="cleaner"></div><!-- / cleaner -->
        </form>
    </div><!-- / login-->
<?php get_footer('login'); ?>

Finally here is the code I am using for the logout.php page.

Code: [Select]
<?php
session_start();
include ('functions.php');
connect();
$uid    = mysql_real_escape_string($_SESSION['uid']);
$sql    = "UPDATE usersT SET status = '0' WHERE uid = '$uid'";
$result = mysql_query($sql);

if($result) {
session_unset(); 
session_destroy();

if(isset($_COOKIE['remembered'])){ 
setcookie("remembered[username]", $username, time() - 3600);
setcookie("remembered[password]", $psw, time() - 3600); 
header("location: login.php");
}
exit();
}
else {
echo "You couldn't be logged out at this time.";
}
?>

I want to add text to a file, getting it printed out in index.php and later want to edit/delete per row. I give codes page wise. first the form to take data:
add.php:
Code: [Select]
<?php
?>
<form method="post" action="add_data.php">
<fieldset>
<legend>Student List</legend>
Name : <input type="text" name="uname" /><br>
Content : <input type="text" name="age" />
<br>
<input type="submit" name="submit" value="send" />
</fieldset>
</form>
Next adding text to a file: add_data.php:
Code: [Select]
<?php
$id = 1;
if (file_exists("data.txt"))
{
$fp = fopen("data.txt", 'r');
$str = fread($fp, filesize("data.txt"));
$str_arr = explode("|", $str);
foreach ($str_arr as $rec)
{
if ($rec)
{
$id++;
}
}
}

$mode = (file_exists("data.txt"))? "a" : "w";

$fp = fopen("data.txt", $mode);
$line = $id . "--" . $_POST['uname'] . "--" . $_POST['age'] . "|";
$res = fwrite($fp, $line);
fclose($fp);

header("location:index.php");


?>In the index.php, I'd like to fetch data and edit them per row:
Code: [Select]
<?php
$fp = fopen("data.txt", 'r');
$str = fread($fp, filesize("data.txt"));
$str_arr = explode("|", $str);
echo "<table border='1'>";
echo "<tr><td>ID</td><td>Name</td><td>Age</td><td>Option</td></tr>";

foreach ($str_arr as $rec)
{
if ($rec)
{
$rec_arr = explode("--", $rec);
echo "<tr>";
foreach ($rec_arr as $col)
{
echo "<td>$col</td>";
}
print "<td><a href=\"edit.php?id=$id\">Edit</a>/<a href=\"delete.php?id=$id\">Delete</a></td></tr>";
}
}
echo "</table>";

echo "<a href=\"add.php\">Add Data</a>";

?>


Next I want to Edit per row: edit.php:
Code: [Select]
<?php

$fp = fopen("data.txt", 'r');
$str = fread($fp, filesize("data.txt"));
$str_arr = explode("|", $str);

foreach ($str_arr as $rec)
{
if ($rec)
{
$rec_arr = explode("--", $rec);
$id = $rec_arr[0];
$name = $rec_arr[1];
$age = $rec_arr[2];
if ($id == $_REQUEST["id"])
{
echo "<form action='edit_data.php' method='post'>";
echo "Name :<input type='text' name='uname' value='$name' /><br>";
echo "Age: <input type='text' name='age' value=$age /><br>";
echo "<input type='hidden' name='uid' value=$id />";
echo "<input type='submit' value='Edit'>";
echo "</form>";
}
}
}


?>
From edit.php to edit_data.php where I practically try to edit per row:
Code: [Select]
<?php

$fp = fopen("data.txt", 'r');
$str = fread($fp, filesize("data.txt"));
$str_arr = explode("|", $str);

foreach ($str_arr as $rec)
{
if ($rec)
{
$rec_arr = explode("--", $rec);
$id = $rec_arr[0];
$name = $rec_arr[1];
$age = $rec_arr[2];

if ($id == $_POST['uid'])
{
$new_str = $id . "--" . $_POST['uname'] . "--" . $_POST['age'] . "|";
}
else 
{
$new_str = $id . "--" . $name . "--" . $age . "|"; 
}
}
}

fclose($fp);

$fp = fopen("data.txt", 'w');
fwrite($fp, $new_str);
fclose($fp);


?>
The mechanism is simple. Taking datas from a form, explode them to an array and get them into col/row pattern to edit and delete them. But my problem is when I want to edit in index.php page, specially in this part:
Code: [Select]
print "<td><a href=\"edit.php?id=$id\">Edit</a>
It says, undefined index. But I try to catch this $id in the edit.php page, in this manner, as you see in my code:
Code: [Select]
foreach ($str_arr as $rec)
{
if ($rec)
{
$rec_arr = explode("--", $rec);
$id = $rec_arr[0];
$name = $rec_arr[1];
$age = $rec_arr[2];
if ($id == $_REQUEST["id"])
{
echo "<form action='edit_data.php' method='post'>";
echo "Name :<input type='text' name='uname' value='$name' /><br>";
echo "Age: <input type='text' name='age' value=$age /><br>";
echo "<input type='hidden' name='uid' value=$id />";
echo "<input type='submit' value='Edit'>";
echo "</form>";
}
}
}
Have I done any mistake here? If anyone points out, I'll be obliged.

Hi All, I am not quite sure if this is possible - but here goes. I have a webpage hit counter that uses PHP and saves the counter totals in .txt files. I have gotten the code to print out the comma (thousand separator) fine on the page, however, I would like to have that comma in the text file also. I display the counters on separate pages using <?php include("file.txt");?> and the counter shows up as "12345" when I'd like it to read the text as "12,345". Basically, I just want that comma written to the actual text file if possible so that when it's included on a web page, it displays the thousands separator. Any help would be great. Thank You!

Here is a portion of my code:
Code: [Select]
/* Turn error notices off */
error_reporting(E_ALL ^ E_NOTICE);

/* Get page and log file names */
$page = input($_GET['page']) or die('ERROR: Missing page ID');
$logfile = 'logs/' . $page . '.txt';

/* Does the log exist? */
if (file_exists($logfile))
{
/* Get current count */
$count = intval(trim(file_get_contents($logfile))) or $count = 0;
$cname = 'tcount_unique_'.$page;

if ($count_unique==0 || !isset($_COOKIE[$cname]))
    {
/* Increase the count by 1 */
$count = $count + 1;
$fp = @fopen($logfile,'w+') or die('ERROR: Can\'t write to the log file ('.$logfile.'), please make sure this file exists and is CHMOD to 666 (rw-rw-rw-)!');
flock($fp, LOCK_EX);
fputs($fp, $count);
flock($fp, LOCK_UN);
fclose($fp);

/* Print the Cookie and P3P compact privacy policy */
header('P3P: CP="NOI NID"');
setcookie($cname, 1, time()+60*60*$unique_hours);
}

/* Is zero-padding enabled? */
    if ($min_digits > 0)
    {
    $count = sprintf('%0'.$min_digits.'s',$count);
    }

    /* Print out Javascript code and exit */
    echo "document.write('".number_format($count)."');";
    exit();
}
else
{
    die('ERROR: Invalid log file!');
}

I have a textarea and a button, I would like by click a button, the text within the textarea will save as a .txt file and downloadable by user, how to do it with php??

Thanks!!

Please help and amend the code Save without repetition required $read[0] I hope that my example is clear to you I apologize for bothering you. I am not good in English

<?php

  $fileLocation = getenv("DOCUMENT_ROOT") . "/rt.txt";
  $file = fopen($fileLocation,"a");
$n1 = $_POST['n1'];
$n2 = $_POST['n2'];
 	for($i = 0; $i <  count($file); $i++){

 $read = explode("|", $file[$i]);
			if($n1 == $read[0]){
echo 'Repetition';
    }
    else
   {

  fwrite($file,$n1.'|'.$n2."\r\n");

}

 

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=345742.0

I have dynamic images that have the "Like" button, it's basically like a wishlist. The way I want it to work is that when a user is not logged in, the 'Like' button will navigate them to a login popup (which I already made). 

I need to know how to allow admin to essentially be "all users" in otherwords, edit everyones profile and not just their own.  Tell me what codes would be helpful and i will send them on in.  By the way, i do have a script that allows members to edit own profile.

Sir/ma'am,   With the script I'm using to run my website, I've been trying to add an additional feature for the users to add/edit. I'll try to provide as much info as I can, hopefully it'll help.   Here is the code I'm using to display the user's unique info from the db.

<a class="wallet-edit"><?php echo $_SESSION['simple_auth']['INFO']?></a>

That displays the user's info from the column 'INFO' perfectly. It's also a js popup to a menu to where I'm hoping to add a single textbox to edit the INFO.   The script uses a similar function to edit the password with a popup. I've tried modifying the code to edit the INFO column but it doesn't work. Here is the default code it has to edit the password. I'm not sure if it can be changed to edit another column or needs a new piece of code for that.

// user edit
 	$('body').on('click', '.username-edit', function() {

    	$('#modal').html(' ');

 		var output = '<div class="modal-content"><h5><?php echo lang::get("Change password")?></h5><hr />';
 		output += '<h5><?php echo lang::get("New password:")?></h5><input type="password" name="password" id="password" value="" class="text ui-widget-content ui-corner-all" />';
 		output += '<h5><?php echo lang::get("Confirm password:")?></h5><input type="password" name="password2" id="password2" value="" class="text ui-widget-content ui-corner-all" />';

 		output += '</div>';

 		output += '<div class="modal-buttons right">';
 		output += '<button id="confirm-button" type="button" class="nice radius button"><?php echo lang::get("Change")?></button>';
 		
		output += '</div>';
 		
 		output += '<a class="close-reveal-modal"></a>';
 		
 		$('#modal').append(output);
 		$('#second_modal').hide();
 		$('#modal').reveal();

 		$('#confirm-button').click(function(){

 			$('#password').css('border-color', '#CCCCCC');
 			$('#password2').css('border-color', '#CCCCCC');
 			
			var password = $('#password').val();
			var password2 = $('#password2').val();

			if(typeof(password) === 'undefined' || password == ''){
				$('#password').css('border-color', 'red');
				return false;
			}
			
			if(password != password2){
				$('#password2').css('border-color', 'red');
				return false;				
			}

			password_data = encodeURIComponent(password);
			
			$.post("<?php echo gatorconf::get('base_url')?>", { changepassword: password_data} ).done(function(data) {
				// flush 
				window.location.href = '<?php echo gatorconf::get('base_url')?>';
			});
			


	    });

    });

If the code above can be edited to work with what I'm trying to do, it of course only needs one textbox and doesn't have to be confirmed by a second input.       Please help! Thanks!

hi i was wondering how i would make a website that allowed a user to login and edit there website ... like im a hoster and they can have a webpage on my server... how would i do  this? allow them to create a database , and use all types of code? please help me this is important , if i didnt explain good enough please tell me

Hello folks I am new to php and I have been trying to put together a database that a user can search and choose from the results. I have managed to make this script by copying code from google searches and trial and error.
The script so far has been tested and works.
The hard part is the code for choosing from the results, I have tried some things but I have been far from the mark, the thing is I can't get my head around the problem, if the first field is a number which is unique to each row, how can I pick that up in a php argument.
I have tried making the first field an href link to send that number to a different table which would collect the results of the users choices, but I'm just not sure what to put in the code.
Could someone throw me a lifeline here I've searched for hours on google to find any code that looks like it would work with no luck. 


// Get the search variable from URL
  
  $var = @$_GET['a'] ;
  $trimmed1 = trim($var); //trim whitespace from the stored variable
      
  $var = @$_GET['b'] ;
  $trimmed2 = trim($var);
  
  $var = @$_GET['c'] ;
  $trimmed3 = trim($var);
  
  $var = @$_GET['d'] ;
  $trimmed4 = trim($var);
  
  $var = @$_GET['e'] ;
  $trimmed5 = trim($var);
  
  $var = @$_GET['f'] ;
  $trimmed6 = trim($var);


 //connect to your database
mysql_connect("localhost","root",""); //(host, username, password)

//specify database 
mysql_select_db("a2149809_MV") or die("Unable to select database"); //select which database we're using

// Build SQL Query  
$query = "SELECT *  FROM `table` WHERE `field1` LIKE \"%$trimmed1%\" AND `field2` LIKE \"%$trimmed2%\" AND `field3` LIKE \"%$trimmed3%\" 
  AND `field4` LIKE \"%$trimmed4%\" AND `field5` LIKE \"%$trimmed5%\" AND `field6` LIKE \"%$trimmed6%\" order by `field1`";  
  
$result=mysql_query($query);
$num=mysql_num_rows($result);

mysql_close();



    <table width="100%" border=2 cellspacing=2 cellpadding=2>
<tr><form name="form" action="" method="get">
<td colspan="6"><input type="submit" name="Submit" value="Search" />
</td>
</tr>
<tr>
<td><input type="text" name="a" value="" size="4" /></td>
<td><input type="text" name="b" value="" size="40" /></td>
        <td><input type="text" name="c" value="" size="3"  /></td>
<td><input type="text" name="d" value="" size="10" /></td>
<td><input type="text" name="e" value="" size="10" /></td>
<td><input type="text" name="f" value="" size="10" /></td>
</form></tr>


         

<?php
$i=0;
while ($i < $num) {

$f1=mysql_result($result,$i,"Field1");
$f2=mysql_result($result,$i,"Field2");
$f3=mysql_result($result,$i,"Field3");
$f4=mysql_result($result,$i,"Field4");
$f5=mysql_result($result,$i,"Field5");
$f6=mysql_result($result,$i,"Field6");

?>

                 <tr>
                     <td><?php echo $f1; ?></td>
                     <td><?php echo $f2; ?></td>
             <td><?php echo $f3; ?></td>
             <td><?php echo $f4; ?></td>
             <td><?php echo $f5; ?></td>
             <td><?php echo $f6; ?></td>
</tr>


    

<?php
$i++;
}
?>
</table>

Hello, Here is my current code: index.php

<html>
<body>
<form id="hey" name="hey" method="post" onsubmit="return false">
Name:<input type="text" name="name">
<input type="submit" name="submit" value="click">
</form>
<table class="table table-bordered" id="update">
<thead>
<th>Name</th>
</thead>
<tbody>
<script type="text/javascript">
      $("#hey").submit(function() {
          
        $.ajax({
          type: 'GET',
          url: 'response.php',
          data: {   username: $('#name').val()},
          success: function (data) {
            $("#update").prepend(data);
          },
          error: function (xhr, ajaxOptions, thrownError) {
            alert(thrownError);
          }
        });
      });
      
    </script>
</tbody>
</table>

response.php

<?php
$username = $_GET['username'];
echo "<tr>";
echo "<td>$username</td>";
echo "</tr>";
?>

This code works fine, it prints out the rows as what the user enters. Now what I want to do is, log all these entries to a mySQL database and also, display these rows over the site. i.e., any user who is online, should be seeing this without having to refresh the page too.. Real time updates in a way.   How can I achieve that? Thanks!
 

Hi,
i have tried everything i can think of to get this to work correctly. What is below here, is what i have last tried to work with..:
basically the script allows the use to register an email account on a cpanel domain.

Everything works perfectly but then i added a option for banned words now i cant  get the script to work..
basically what happens is:
 the user creates an email account, if the account is not a banned word and does not exist, then the message echoes success, and the $_Post values are also entered into the database under the users name. and the email is also created with the $f fopen
if success the email form also does not show.. so only one email per user.. i just cant get it to work with the banned words included..
what to note::
this is a function in a function..



$bannedemailwords='customerinformation,custinfo,customerinfo,custtext,custsupport,customersupport,admin,accounts';
$bannedmail=explode(',', $bannedemailwords);
$bannedmail = array_unique($bannedmail);
sort($bannedmail);
foreach($bannedmail as $noemail)
//the selected username

if ($Config['enablemyemailapp_enable'] == '0' && $_POST['cfg_enablemyemailappaddress_enable'] !== $noemaill && $_POST['cfg_enablemyemailappaddressdomain_enable'] !== 'Select a domain'){
$cpuser = 'ausername'; 
$cppass = 'apassword'; 
$cpdomain = 'adomain'; 
$cpskin = 'askin';  
$epass = 'somepassword'; 
$equota = 'somequota';

$euser = $_POST['cfg_enablemyemailappaddress_enable'];
$epass = $_POST['emailspassword_enable'];
$edomain = $_POST['cfg_enablemyemailappaddressdomain_enable'];

if (!empty($euser) && $euser !=='nomail')
while(true) {
  $f = fopen ("http://$cpuser:$cppass@$cpdomain:2082/frontend/$cpskin/mail/doaddpop.html?email=$euser&domain=$edomain&password=$epass&quota=$equota", "r");
  if (!$f) {
$enablemyemailapp_enable = '0';
$enablemyemailappaddress_enable = 'Replace with a Name';
$enablemyemailappaddressdomain_enable = 'Select a domain';
    $msgemail = 'The email '.$euser.'@'.$edomain.' is a restricted email account.';
break;
  } 
$enablemyemailapp_enable = '1';
$enablemyemailappaddress_enable =  $_POST['cfg_enablemyemailappaddress_enable'];
$enablemyemailappaddressdomain_enable = $_POST['cfg_enablemyemailappaddressdomain_enable'];
        $msgemail ='<center><font color="#ff0033">Your Email '.$euser.'@'.$edomain.' has been created.</font></center>';
  
   
  while (!feof ($f)) {
    $line = fgets ($f, 1024);
    if (ereg ("already exists", $line, $out)) {
$enablemyemailapp_enable = '0';
$enablemyemailappaddress_enable = 'Replace with a Name';
$enablemyemailappaddressdomain_enable = 'Select a domain';
    $msgemail ='<center><font color="#ff0033">The email account '.$euser.'@'.$edomain.' already exists.</font></center><br><center>Please try again!</center>';
break;
    }
  }
  
 echo $msgemail;
 
 $_POST['cfg_enablemyemailapp_enable']= $enablemyemailapp_enable;
 $_POST['cfg_enablemyemailappaddress_enable']=$enablemyemailappaddress_enable;
 $_POST['cfg_enablemyemailappaddressdomain_enable']=$enablemyemailappaddressdomain_enable;
 
  @fclose($f);
break;
}
}

In this multi file upload form, choose three images, click submit and preview the images on the preview page. If the user wishes to delete or replace an image, click edit and the form will go back to the previous page. Select the replace radio button for example on one of the three images and select a new image from the file input prompt and click submit. The form will go to the preview page again to display the images. During this process the image names are being input into a table and the images are being moved to a directory.

The table is

  `id`  AUTO_INCREMENT,
  `image0`
  `image1`
  `image2`
  `status`

So input name='image[image0]' can be directed to table `image0` and so on.

The code for keep and delete work fine, but how do I replace an image?
I have two foreach blocks. The first one deletes the image file from the directory and deletes the image name from the table, but the second foreach dose not move the new image file into the directory.
Thanks.

<input type='radio' name='image[image0]' value='keep' checked='checked'/>
<input type='radio' name='image[image0]' value='delete' />
<input type='radio' name='image[image0]' value='replace' />
<input type="file" name="image[]" />

<input type='radio' name='image[image1]' value='keep' checked='checked'/>
<input type='radio' name='image[image1]' value='delete' />
<input type='radio' name='image[image1]' value='replace' />
<input type="file" name="image[]" />

<input type='radio' name='image[image2]' value='keep' checked='checked'/>
<input type='radio' name='image[image2]' value='delete' />
<input type='radio' name='image[image2]' value='replace' />
<input type="file" name="image[]" />

<?php
if (isset($_POST['status'])) {

$status = $_POST['status'];
$confirm_code = $status;

#--------------------------- replace --------------------------------------------

if (isset($_POST['submitted']) &&
($image = $_POST['image'])) {

foreach($image as $imageKey => $imageValue) {
if ($imageValue == 'replace') {
$query = "SELECT $imageKey FROM table WHERE status = '$status' ";
if($result = $db->query( $query )){
$row = $result->fetch_array();
}

unlink( UPLOAD_DIR.$row[0] );

$query = "UPDATE table SET $imageKey = '' WHERE status = '$status' ";
}
}

foreach($image as $imageKey => $imageValue) {
if ($imageValue == 'replace') {

$filenm = $_FILES['image']['name']; 
$file = $_FILES['image']['tmp_name'];

move_uploaded_file($file, UPLOAD_DIR . $filenm);
$filename[] = $filenm; 

$query = "INSERT INTO table VALUES ('','$filename[0]','$filename[1]','$filename[2]','$confirm_code')";
}
}
}
}
?>

HI All,

I have a form submission that uploads a photo as well as submitting other data.

I would like to change the name of the photo to the id of the person record (created automatically on by the database) then a hyphen, then their first name and lastname. (i am flexible on this).

This file name will also need to be submitted into the person record so the photo and the person can be linked.

I am struggling with this one - but here is the code i have so far.

 

<?php 
include 'includes/dbconn.php';

$target_dir = "img/people/";
$target_file = $target_dir . basename($_FILES["personHeadshot"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

if ($_SERVER['REQUEST_METHOD']=='POST'){

	$fn = $_POST['fname'];
	$ln = $_POST['lname'];
	$ad1 = $_POST['ad1'];
	$ad2 = $_POST['ad2'];
	$city = $_POST['city'];
	$post = $_POST['postcode'];
	$tel = $_POST['phone'];
	$email = $_POST['email'];
	$crole = $_POST['comRole'];
	$OFA = $_POST['OFA'];
	$playerType = $_POST['playerType'];
	$team = $_POST['primaryTeam'];


	$stmt = $conn->prepare("
	                       INSERT IGNORE INTO person (fname, lname, committee_role_id, player_type_id, team_id, ad1, ad2, city, postcode, mobile, email, on_field_auth_id) 
	                       VALUES (?,?,?,?,?,?,?,?,?,?,?,?)
	                       ");
	$stmt -> bind_param(ssiiissssssi, $fn, $ln, $crole, $playerType, $team, $ad1, $ad2, $city, $post, $tel, $email, $OFA);
	$stmt -> execute();

	// Check if image file is a actual image or fake image
//photo upload
	$check = getimagesize($_FILES["personHeadshot"]["tmp_name"]);
  if($check !== false) {
    echo "File is an image - " . $check["mime"] . ".";
    $uploadOk = 1;
  } else {
    echo "File is not an image.";
    $uploadOk = 0;
  }
//photo upload

	header("location: ../admin-people-list.php");
}
// Check if file already exists
if (file_exists($target_file)) {
  echo "Sorry, file already exists.";
  $uploadOk = 0;
}

// Check file size
if ($_FILES["personHeadshot"]["size"] > 500000) {
  echo "Sorry, your file is too large.";
  $uploadOk = 0;
}

// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
  echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
  $uploadOk = 0;
}

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
  echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
  if (move_uploaded_file($_FILES["personHeadshot"]["tmp_name"], $target_file)) {
    echo "The file ". basename( $_FILES["personHeadshot"]["name"]). " has been uploaded.";
  } else {
    echo "Sorry, there was an error uploading your file.";
  }
}