PHP - Creating Gif From Video While Uploading

can anyone tell me why this code doesn't work if it tries to upload like more than 3 files?:

Code: [Select]
<?php 
include_once "secure/connect_to_mysql.php";

function genRandomString($length = 20) {
     $characters = '0123456789';
     $string ='';    


    for ($p = 0; $p < $length; $p++) {
         $string .= $characters[mt_rand(0, strlen($characters))];
     }

    return $string;

}
if ($_POST['submit']) {
$name = $_POST['name'];
$id = $_POST['id'];
$image = $_POST['image'];
$event = $_POST['event'];
$template  = 'template.php';
$picture = '$name.png';
$id =  genRandomString(); //this could be the uploaded picture
$target_path = "images/";

foreach ($_FILES["uploadedfile"]["name"] as $key => $value) {
$uploadfile = $target_path . basename($_FILES[uploadedfile][name][$key]);
//echo $uploadfile;
if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'][$key], $uploadfile)) { echo $value . ' uploaded<br>'; }
//we need just the filename - no extension
$picture_name = pathinfo($picture, PATHINFO_FILENAME);
 $sql = "INSERT INTO pictures (name, id, image,  event) 
VALUES('$name', '$id','images/$value','$event')";
 $rs = mysql_query($sql) or die ("Problem with the query: $sql<br>" . mysql_error());
echo mysql_error();


}
copy($template, "$event.php");

}

?>
<form action="new.php" method="post" enctype="multipart/form-data"><input name="id" type="hidden" value=<?php echo $id; ?> /><br />
Event Name:<input name="event" type="text" /><input name="image" id="image" type="hidden" value="images/<?php echo $value; ?>" /><input type="hidden" name="MAX_FILE_SIZE" value="900000000000000000000000000000000000000000000000000000000000000000000000000" />
Choose a file to upload:

     <div id="dynamicInput">
         <br>Pictu <input type="file" id="file" name="uploadedfile[]" onClick="addInput('dynamicInput');" >
     </div>
     <input type="button" value="Add another text input" onClick="addInput('dynamicInput');">
<br /><input name="submit" type="submit" value="submit" /></form>
is it the code or something else?

Hi guys

I am using the code below to upload files, image files seem to upload ok, but for some reason I cnt seem to upload pdf files.. any suggestions?


Thank you

<?php
ini_set('file_uploads','on'); 
ini_set('upload_max_filesize','1000M'); 
ini_set('max_execution_time', 0);


 
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";

    if (file_exists("invoices/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"], "invoices/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
      }
 

?>  


<form action="" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>

Hi Guys   I run a small roofing company and have been asked by many customers to be able to view / print / save Invoices & Estimates online rather than post etc.

I host my own private site using IIS 7, with PHP and MySQL installed and setup properly, I also have a hosted domain from 1and1

What I would like is:

Login Area (I can do this using the MySQL for the database)

Once the user logs in, I want them to be directed to their "own" page with links to Their Own Invoices, Estimates and PIctures

I would like an option somewhere for them to upload pictures into their own folder so if anything happens to their roof, they can simply log onto their account upload the pic of the damage and I can see it. and vice versa

Can someone help me out a little?

All I have so far is the Login page
 

Hi everybody i have two problems with my code first one i cant upload .png files to the img folder (no problem with the other extensions ) the other one "if file exist" part doesnt work i dont get the message "File alredy exist" after uploading second time Can you help plase



<form action="upload.php" method="post" enctype="multipart/form-data">

<input name="dosya" type="file">
<input name="submit" type="submit" value="Gonder">


</form>


<?php

$kaynak=$_FILES["dosya"]["tmp_name"];
$ad=$_FILES["dosya"]["name"];
$tur=$_FILES["dosya"]["type"];
$boyut=$_FILES["dosya"]["size"];


$hedef="./img";
if($tur == "image/jpeg" || $tur == "image/png" || $tur == "image/pjpeg" )
{
if(!file_exists($ad))
{
move_uploaded_file($kaynak,$hedef.'/'.$ad);
echo "ok";
}
else
echo "File already exist";
}


?>

I have made a script to upload a few files from the pc to my server.. like i upload big files which are generally above 50mb of size.. but most of the times as there is some problem with the internet the hours of wait is just ruined.. is there a better way to upload files.. or anything that if the internet connection is interupted the downloading starts from wer it stopped cuz of the problem.. please help.. i use the normal function for uploading a file

move_uploaded_file($_FILES['song1_upload']['tmp_name']

can anyone give a better idea than this?

I have made a script to upload a few files from the pc to my server.. like i upload big files which are generally above 50mb of size.. but most of the times as there is some problem with the internet the hours of wait is just ruined.. is there a better way to upload files.. i use the normal function

move_uploaded_file($_FILES['song1_upload']['tmp_name']

can anyone give a better idea than this?

Hello   I want to know to upload the XML file to mysql using php as i am new to xml any help appreciated.   awaiting your valuable reply here also i am attaching the xml file which i want to upload     Thanks in Advance Attached Files  xml1.xml   4.89KB   2 downloads

Hi,
I have a script where employees of a company can upload invoices to their clients. This is done via a simple upload form.
My question is,
What would be most secure way to do this? How should i upload files, should i make different directories for each customer, or should i have one huge, where file names will be random or, what would you do?

Hi guys

Im trying to create a form which allows me to insert records into my database, and upload an image, the name of which will be stored in the database.

I have the following code which inserts all the data into the db, except the image name and the image isnt uploaded either

Code: [Select]
<?php require_once('../Connections/pwnedbookv4.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO Games (gametitle, info, genre, releasedate, format) VALUES (%s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['gametitle'], "text"),
                       GetSQLValueString($_POST['info'], "text"),
                       GetSQLValueString($_POST['genre'], "text"),
                       GetSQLValueString($_POST['releasedate'], "date"),
                       GetSQLValueString($_POST['format'], "text"));

  mysql_select_db($database_pwnedbookv4, $pwnedbookv4);
  $Result1 = mysql_query($insertSQL, $pwnedbookv4) or die(mysql_error());
}
?>
<form action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1">
    <table align="center">
      <tr valign="baseline">
        <td nowrap="nowrap" align="right">Gametitle:</td>
        <td><input name="gametitle" type="text" value="" size="50" maxlength="50" /></td>
      </tr>
      <tr valign="baseline">
      <?php
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","100"); 

//This function reads the extension of the file. It is used to determine if the file  is an image by checking the extension.
 function getExtension($str) {
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
 }

//This variable is used as a flag. The value is initialized with 0 (meaning no error  found)  
//and it will be changed to 1 if an errro occures.  
//If the error occures the file will not be uploaded.
 $errors=0;
//checks if the form has been submitted
 if(isset($_POST['Submit'])) {
 if($_POST['Submit'] == ""){
 // submit empty
 die ("you must include a picture");
 }
  //reads the name of the file the user submitted for uploading
  $image=$_FILES['image']['name'];
  //if it is not empty
  if ($image) 
  {
  //get the original name of the file from the clients machine
  $filename = stripslashes($_FILES['image']['name']);
  //get the extension of the file in a lower case format
   $extension = getExtension($filename);
  $extension = strtolower($extension);
  //if it is not a known extension, we will suppose it is an error and will not  upload the file,  
//otherwise we will do more tests
 if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) 
  {
//print error message
  echo '<h1>Unknown extension!</h1>';
  $errors=1;
  }
  else
  {
//get the size of the image in bytes
 //$_FILES['image']['tmp_name'] is the temporary filename of the file
 //in which the uploaded file was stored on the server
 $size=filesize($_FILES['image']['tmp_name']);

//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*1024)
{
echo '<h1>You have exceeded the size limit!</h1>';
$errors=1;
}

//we will give an unique name, for example the time in unix time format
$image_name=time().'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="coverart/".$image_name;

//Writes the information to the database
mysql_query("UPDATE Games SET cover = '$image_name' WHERE gametitle= '$gametitle'");

//we verify if the image has been uploaded, and print error instead
$copied = copy($_FILES['image']['tmp_name'], $newname);
if (!$copied) 
{
echo '<h1>Copy unsuccessfull!</h1>';
$errors=1;
}}}}

 ?>
        <td nowrap="nowrap" align="right">Cover:</td>
        <td><input type="file" name="image"></td></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="right">Info:</td>
        <td><input name="info" type="text" value="" size="50" /></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="right">Gen </td>
        <td><input type="text" name="genre" value="" size="50" /></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="right">Releasedate:</td>
        <td><input type="text" name="releasedate" value="" size="50" /></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="right">Format:</td>
        <td><input type="text" name="format" value="" size="50" /></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="right">&nbsp;</td>
        <td><input type="submit" value="Submit" /></td>
      </tr>
    </table>
    <input type="hidden" name="MM_insert" value="form1" />
  </form>
Can anybody see what im missing?

i am using the fancy upload script for post attachments on my forum. the problem is that when a user starts a new post and adds an attachment the attachment is uploaded before the post is complete. so how would i associate the attachment with the post that they are going to post when i have no post id to go off? i had tried not uploading the files straight away and instead populate an input box with the filenames but i cant figure it out with this script. Anyone got any other options or ideas?

Ok I have finally got rid of my syntax errors with this upload script. Now im getting the error uploading your image.

My folders are called project_files and project_thumbs.

This is my script


<?php
$results = "";
 
error_reporting(E_ALL);
    ini_set("display_errors", 1);

//Auto Thumbnail Function
function create_thumbnail($source,$destination, $thumb_width) {
$size = getimagesize($source);
$width = $size[0];
$height = $size[1];
$x = 0;
$y = 0;
if($width> $height) {
$x = ceil(($width - $height) / 2 );
$width = $height;
} elseif($height> $width) {
$y = ceil(($height - $width) / 2);
$height = $width;
}
$new_image = imagecreatetruecolor($thumb_width,$thumb_width)
or die('Cannot initialize new GD image stream');
$extension = get_image_extension($source);
if($extension=='jpg' || $extension=='jpeg')
$image = imagecreatefromjpeg($source);
if($extension=='gif')
$image = imagecreatefromgif($source);
if($extension=='png')
$image = imagecreatefrompng($source);

imagecopyresampled($new_image,$image,0,0,$x,$y,$thumb_width,        
    $thumb_width,$width,$height);
if($extension=='jpg' || $extension=='jpeg')
imagejpeg($new_image,$destination);
if($extension=='gif')
imagegif($new_image,$destination);
if($extension=='png')
imagepng($new_image,$destination);

}

//Get Extension Function
function get_image_extension($name) {
$name = strtolower($name);
$i = strrpos($name,".");
if (!$i) { return ""; }
$l = strlen($name) - $i;
$extension = substr($name,$i+1,$l);
return $extension; 
}

//Random Name Function
function random_name($length) {
$characters = "abcdefghijklmnopqrstuvwxyz01234567890";
$name = "";

for ($i = 0; $i < $length; $i++) {
$name .= $characters[mt_rand(0, strlen($characters) - 1)];
}
return "image-".$name;
}



$images_location = "/project_files/";
$thumbs_location = "/project_thumbs/";
$thumb_width = "100";
$maximum_size = "5000000";

//Check And Save Image
if($_POST) {

if($_FILES['image']['name'] == ""){
$results = "Please select the image you would like to upload by clicking browse";
}
else{
$size=filesize($_FILES['image']['tmp_name']);
$filename = stripslashes($_FILES['image']['name']);
$extension = get_image_extension($filename);
if($size > $maximum_size) {
$results = "Your file size exceeds the maximum file size!";
}
else

if (($extension != "jpg") &&
($extension != "jpeg") &&
($extension != "png") &&
($extension != "gif")) {
$results = "Only the following extensions are allowed. 'jpg', 'jpeg', 'png', 'gif'.";
}
else {
$image_random_name=random_name(15).".".$extension;
$copy = @copy($_FILES['image']['tmp_name'], $images_location.$image_random_name);
if (!$copy) {
$results = "Error while uploadin your image! Please try again!";
}
else{
create_thumbnail($images_location.$image_random_name,$thumbs_location.$image_random_name, $thumb_width);
$results = "Your image has been uploaded!";
}
}
}
}
?>


and the form
Code: [Select]
<html>
<head>
<title>test</title>
</head>
<body>
<?php echo $results; ?>
<form action="#" method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="5000000" />
    <input type="file" name="image" />
    <input type="submit" value="Upload Image" />
</form>
</body>
</html>

When i registred and try to upload a picture it doesnt show the picture but only a little icon that the picture doesnt excist.

this is my code:

Code: [Select]
if(!empty($_FILES['photo'])) {
if ((($_FILES["photo"]["type"] == "image/gif") || ($_FILES["photo"]["type"] == "image/jpeg") || ($_FILES["photo"]["type"] == "image/pjpeg") || ($_FILES["photo"]["type"] == "image/png")) && ($_FILES["photo"]["size"] < 1048576)){
$fileName = $_FILES['photo']['name'];
$tmpName  = $_FILES['photo']['tmp_name'];
$fileSize = $_FILES['photo']['size'];
$fileType = $_FILES['photo']['type'];
if(!get_magic_quotes_gpc()){
if(isset($fileName)) {
$fileName = addslashes($fileName);
}
}
$url = $_FILES['photo']['name'];
$idir = "upload/";   // Path To Images Directory
$tdir = "upload/thumbs/";   // Path To Thumbnails Directory
$twidth = "125";   // Maximum Width For Thumbnail Images
$theight = "125";   // Maximum Height For Thumbnail Images
$simg = imagecreatefromjpeg($_FILES["photo"]["tmp_name"]);   // Make A New Temporary Image To Create The Thumbanil From
$currwidth = imagesx($simg);   // Current Image Width
$currheight = imagesy($simg);   // Current Image Height
if ($currheight > $currwidth) {   // If Height Is Greater Than Width
$zoom = $twidth / $currheight;   // Length Ratio For Width
$newheight = $theight;   // Height Is Equal To Max Height
$newwidth = $currwidth * $zoom;   // Creates The New Width
} else {    // Otherwise, Assume Width Is Greater Than Height (Will Produce Same Result If Width Is Equal To Height)
$zoom = $twidth / $currwidth;   // Length Ratio For Height
$newwidth = $twidth;   // Width Is Equal To Max Width
$newheight = $currheight * $zoom;   // Creates The New Height
}
$dimg = imagecreate($newwidth, $newheight);   // Make New Image For Thumbnail
imagetruecolortopalette($simg, false, 256);   // Create New Color Pallete
$palsize = ImageColorsTotal($simg);
for ($i = 0; $i < $palsize; $i++) {   // Counting Colors In The Image
$colors = ImageColorsForIndex($simg, $i);   // Number Of Colors Used
ImageColorAllocate($dimg, $colors['red'], $colors['green'], $colors['blue']);   // Tell The Server What Colors This Image Will Use
}
imagecopyresized($dimg, $simg, 0, 0, 0, 0, $newwidth, $newheight, $currwidth, $currheight);   // Copy Resized Image To The New Image (So We Can Save It)
imagejpeg($dimg, "$tdir" . $url);   // Saving The Image
$tmpName = "$tdir" . $url;
$fp = fopen($tmpName, 'r');
$imgcontent = fread($fp, filesize($tmpName));
$imgcontent = addslashes($imgcontent);
fclose($fp);
unlink($tmpName);
imagedestroy($simg);   // Destroying The Temporary Image
imagedestroy($dimg);   // Destroying The Other Temporary Image

This site was moved over from one server to another server. The image upload function was working fine on the old server, but when the files etc. were moved over to the new server, this is the resulting error when trying to upload an image:
HTTP Error 500 (Internal Server Error): An unexpected condition was encountered while the server was attempting to fulfill the request.
This is what I generated in Chrome (using developer tools):
Code: [Select]
Request URL:http://thedogrescuersinc.ca/imagedog_panel.php?imageid=158
Request Method:POST
Status Code:500 Internal Server Error
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:max-age=0
Connection:keep-alive
Content-Length:24564
Content-Type:multipart/form-data; boundary=----WebKitFormBoundary4zUh1NSdGFj27Fsy
Cookie:user=4667623; PHPSESSID=dkb6a8tg4ck00dj9bg568vknj2
Host:thedogrescuersinc.ca
Origin:http://thedogrescuersinc.ca
Referer:http://thedogrescuersinc.ca/imagedog_panel.php?imageid=158
User-Agent:Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11
Query String Parametersview URL encoded
imageid:158
Request Payload
------WebKitFormBoundary4zUh1NSdGFj27Fsy

Content-Disposition: form-data; name="change_pic"



1

------WebKitFormBoundary4zUh1NSdGFj27Fsy

Content-Disposition: form-data; name="userfile"; filename="adopt_a_dog_oakville_ontario.jpg"

Content-Type: image/jpeg





------WebKitFormBoundary4zUh1NSdGFj27Fsy

Content-Disposition: form-data; name="change_pic"



CLICK HERE TO UPLOAD IMAGE

------WebKitFormBoundary4zUh1NSdGFj27Fsy--

Response Headersview source
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection:close
Content-Type:text/html; charset=UTF-8
Date:Wed, 29 Feb 2012 16:49:48 GMT
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Pragma:no-cache
Server:Apache
Transfer-Encoding:chunked
Any ideas, suggestions would be appreciated.

ok i added this script in the bottom of my other uploader script. what i wanted to do was, to upload an imagefile to an folder called uploads and in the same time add the name of the file to an database called uploads, together with the next id of another database   i dont get any error msg, the page is just blank.

<?php
include 'sqlconnect.php';

$result = mysql_query("
    SHOW TABLE STATUS LIKE 'aktiviteter'
");
$data = mysql_fetch_assoc($result);
$next_increment = $data['Auto_increment'];

 
$sql = sprintf(
       "INSERT INTO aktiviteter
            (`title`, `firma`, `beskrivelse`, `information`, `pris`, `varighed`, `antal`,
             `adresse`, `by`, `postnummer`, `telefon`, `email`, `hjemmeside`)
        VALUES
            ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
        mysqli_real_escape_string($con, $_POST['title']),
        mysqli_real_escape_string($con, $_POST['firma']),
        mysqli_real_escape_string($con, $_POST['beskrivelse']),
        mysqli_real_escape_string($con, $_POST['information']),
        mysqli_real_escape_string($con, $_POST['pris']),
        mysqli_real_escape_string($con, $_POST['varighed']),
        mysqli_real_escape_string($con, $_POST['antal']),
        mysqli_real_escape_string($con, $_POST['adresse']),
        mysqli_real_escape_string($con, $_POST['by']),
        mysqli_real_escape_string($con, $_POST['postnummer']),
        mysqli_real_escape_string($con, $_POST['telefon']),
        mysqli_real_escape_string($con, $_POST['email']),
        mysqli_real_escape_string($con, $_POST['hjemmeside'])
        );
 
if (!mysqli_query($con, $sql))
{
    die('Error: ' . mysqli_error($con));
}
echo "Aktiviteten er uploaded";



if(isset($_POST['upload'])) {

$allowed_filetypes = array('.jpg','.jpeg','.png','.gif');
$max_filesize = 10485760;
$upload_path = 'uploads/';
$targetId = $next_increment

$filename = $_FILES['billede']['name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);

if(!in_array($ext,$allowed_filetypes))
  die('The file you attempted to upload is not allowed.');

if(filesize($_FILES['billede']['tmp_name']) > $max_filesize)
  die('The file you attempted to upload is too large.');

if(!is_writable($upload_path))
  die('You cannot upload to the specified directory, please CHMOD it to 777.');

if(move_uploaded_file($_FILES['billede']['tmp_name'],$upload_path . $filename)) {
   $query = "INSERT INTO uploads (name, target) VALUES ($filename, $targetId)"; 
   mysql_query($query);

echo 'Your file upload was successful!';


} else {
     echo 'There was an error during the file upload.  Please try again.';
}
}
 
mysqli_close($con);

Hi,

This is my first post of PHP Freaks and your help would be greatly appreciated.

I am currently creating a pinball fansite and I am having a really big problem. I have a page where users can input a pinball machine into my mysql database. Below is the code for this.

The question I am asking is how do I edit this script so that I can upload an image with it?

I have gone through various tutorials for days and days and days but cant seem to make it work with the code I have below.

PLEASE CAN YOU HELP??

I have the following code for creating the pinball machine...

Code: [Select]
<?php
//create_topic.php
include 'connect.php';
include 'header.php';

echo '<h2>Create a Pinball Machine</h2>';
if($_SESSION['signed_in'] == false)
{
   //the user is not signed in
   echo 'Sorry, you have to be <a href="signin.php">signed in</a> to create a pinball machine.';
}
else
{
   //the user is signed in
   if($_SERVER['REQUEST_METHOD'] != 'POST')
   {   
      //the form hasn't been posted yet, display it
      //retrieve the categories from the database for use in the dropdown
      $sql = "SELECT
               cat_id,
               cat_name,
               cat_description
            FROM
               categories_pinballmachines";
      
      $result = mysql_query($sql);
      
      if(!$result)
      {
         //the query failed, uh-oh :-(
         echo 'Error while selecting from database. Please try again later.';
      }
      else
      {
         if(mysql_num_rows($result) == 0)
         {
            //there are no categories, so a topic can't be posted
            if($_SESSION['user_level'] == 1)
            {
               echo 'You have not created categories yet.';
            }
            else
            {
               echo 'Before you can post a topic, you must wait for an admin to create some categories.';
            }
         }
         else
         {
      
            echo '<form method="post" action="",enctype="multipart/form-data">
               Name: <input type="text" name="topic_subject"><br />
               Type:';
            
            echo '<select name="topic_cat">';
               while($row = mysql_fetch_assoc($result))
               {
                  echo '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>';
               }
            echo '</select><br />';   
               
            echo 'Manufacturer: <input type="text" name="post_manufacturer"><br />
            Release Date: <input type="text" name="post_releasedate"><br />
            Number of Players: <input type="text" name="post_numberofplayers"><br />
            Production: <input type="text" name="post_production"><br /><br /><br />
            Concept by: <input type="text" name="post_conceptby"><br />
            Design by: <input type="text" name="post_designby"><br />
            Art by: <input type="text" name="post_artby"><br />
            Dots/Animation by: <input type="text" name="post_dotsanimationby"><br />
            Mechanics by: <input type="text" name="post_mechanicsby"><br />
            Music by: <input type="text" name="post_musicby"><br />
            Sound by: <input type="text" name="post_soundby"><br />
            Software by: <input type="text" name="post_softwareby"><br />
            
               <input type="submit" value="Create Pinball Machine" />
             </form>';
             
             
         }
      }
   }
   else
   {
      //start the transaction
      $query  = "BEGIN WORK;";
      $result = mysql_query($query);
      
      if(!$result)
      {
         //Damn! the query failed, quit
         echo 'An error occured while creating your topic. Please try again later.';
      }
      else
      {
   
         //the form has been posted, so save it
         //insert the topic into the topics table first, then we'll save the post into the posts table
         $sql = "INSERT INTO 
                  topics_pinballmachines(topic_subject,
                        topic_date,
                        topic_cat,
                        topic_by)
               VALUES('" . mysql_real_escape_string($_POST['topic_subject']) . "',
                        NOW(),
                        " . mysql_real_escape_string($_POST['topic_cat']) . ",
                        " . $_SESSION['user_id'] . "
                        )";
                
         $result = mysql_query($sql);
         if(!$result)
         {
            //something went wrong, display the error
            echo 'An error occured while inserting your data. Please try again later.<br /><br />' . mysql_error();
            $sql = "ROLLBACK;";
            $result = mysql_query($sql);
         }
         else
         {
            //the first query worked, now start the second, posts query
            //retrieve the id of the freshly created topic for usage in the posts query
            $topicid = mysql_insert_id();
            
            $sql = "INSERT INTO
                     posts_pinballmachines(post_manufacturer,
                          post_releasedate,
                          post_numberofplayers,
                          post_production,
                          post_conceptby,
                          post_designby,
                          post_artby,
                          post_dotsanimationby,
                          post_mechanicsby,
                          post_musicby,
                          post_soundby,
                          post_softwareby,
                          post_date,
                          post_topic,
                          post_by)
                  VALUES
                     ('" . mysql_real_escape_string($_POST['post_manufacturer']) . "',
                                                   '" . mysql_real_escape_string($_POST['post_releasedate']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_numberofplayers']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_production']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_conceptby']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_designby']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_artby']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_dotsanimationby']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_mechanicsby']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_musicby']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_soundby']) . "',
                                                  '" . mysql_real_escape_string($_POST['post_softwareby']) . "',
                          NOW(),
                          " . $topicid . ",
                          " . $_SESSION['user_id'] . "                 
                            )";
                     
            $result = mysql_query($sql);
            
            if(!$result)
            {
               //something went wrong, display the error
               echo 'An error occured while inserting your post. Please try again later.<br /><br />' . mysql_error();
               $sql = "ROLLBACK;";
               $result = mysql_query($sql);
            }
            else
            {
               $sql = "COMMIT;";
               $result = mysql_query($sql);
               
               //after a lot of work, the query succeeded!
               echo 'You have succesfully created <a href="topic_pinballmachines.php?id='. $topicid . '">your new pinball machines</a>.';
            }
         }
      }
   }
}

include 'footer.php';
?>

and the following code is where the information is displayed...

<?php
//create_cat.php
include 'connect.php';
include 'header.php';

$sql = "SELECT
         topic_id,
         topic_subject
      FROM
         topics_pinballmachines
      WHERE
         topics_pinballmachines.topic_id = " . mysql_real_escape_string($_GET['id']);
         
$result = mysql_query($sql);

if(!$result)
{
   echo 'The topic could not be displayed, please try again later.';
}
else
{
   if(mysql_num_rows($result) == 0)
   {
      echo 'This topic doesn&prime;t exist.';
   }
   else
   {
      while($row = mysql_fetch_assoc($result))
      {
         //display post data
         echo '<h2>PINBALL MACHINES</h2>';
         echo '<table>
               <tr>
                  <th colspan="2">' . $row['topic_subject'] . '</th>
               </tr>';
      
         //fetch the posts from the database
         $posts_sql = "SELECT
                  posts_pinballmachines.post_topic,
                  posts_pinballmachines.post_manufacturer,
                  posts_pinballmachines.post_releasedate,
                  posts_pinballmachines.post_numberofplayers,
                  posts_pinballmachines.post_production,
                  posts_pinballmachines.post_conceptby,
                  posts_pinballmachines.post_designby,
                  posts_pinballmachines.post_artby,
                  posts_pinballmachines.post_dotsanimationby,
                  posts_pinballmachines.post_mechanicsby,
                  posts_pinballmachines.post_musicby,
                  posts_pinballmachines.post_soundby,
                  posts_pinballmachines.post_softwareby,
                  posts_pinballmachines.post_date,
                  posts_pinballmachines.post_by,
                  users.user_id,
                  users.user_name
               FROM
                  posts_pinballmachines
               LEFT JOIN
                  users
               ON
                  posts_pinballmachines.post_by = users.user_id
               WHERE
                  posts_pinballmachines.post_topic = " . mysql_real_escape_string($_GET['id']);
                  
         $posts_result = mysql_query($posts_sql);
         
         if(!$posts_result)
         {
            echo '<tr><td>The posts could not be displayed, please try again later.</tr></td></table>';
         }
         else
         {
         
            while($posts_row = mysql_fetch_assoc($posts_result))
            {         
echo '
               
                       <tr class="topic-post">
                       <td class="post-content2"><b>Manufacturer: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_manufacturer'])) . '</br></tr>
                     <td class="post-content2"><b>Release Date: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_releasedate'])) . '</br></tr>
                     <td class="post-content2"><b>Number of Players: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_numberofplayers'])) . '</br></tr>
                     <td class="post-content2"><b>Production: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_production'])) . '</br></tr>
                     <td class="post-content2"><b>Concept by: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_conceptby'])) . '</br></tr>
                     <td class="post-content2"><b>Design by: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_designby'])) . '</br></tr>
                     <td class="post-content2"><b>Art by: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_artby'])) . '</br></tr>
                     <td class="post-content2"><b>Dots/Animation by: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_dotsanimationby'])) . '</br></tr>
                     <td class="post-content2"><b>Mechanics by: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_mechanicsby'])) . '</br></tr>
                     <td class="post-content2"><b>Music by: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_musicby'])) . '</br></tr>
                     <td class="post-content2"><b>Sound by: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_soundby'])) . '</br></tr>
                     <td class="post-content2"><b>Software by: </b>
                     <td class="post-content">' . htmlentities(stripslashes($posts_row['post_softwareby'])) . '</br></tr>
                     
                     
                     </td>
                    </tr>';
            }
         }
         
         if(!$_SESSION['signed_in'])
         {
            echo '<tr><td colspan=2>You must be <a href="signin.php">signed in</a> to comment. You can also <a href="signup.php">sign up</a> for an account.';
         }
         else
         {
            //show reply box   
            echo '<tr><td colspan="2"><h2>Comment on this Pinball Machine:</h2><br />
               <form method="post" action="reply.php?id=' . $row['topic_id'] . '">
                  <textarea name="reply-content"></textarea><br /><br />
                  <input type="submit" value="Submit reply" />
               </form></td></tr>';
         }
         
         //finish the table
         echo '</table>';
      }
   }
}


include 'footer.php';
?>

Any questions please don't hesitate to ask?

Thanks in advance

Dan

MOD EDIT: code tags added.