Reply to Re: file upload not working right

Your name:

Reply:


Posted by Jim Michaels on 11/19/48 11:45

"Erwin Moller"
<since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote in
message news:44460419$0$31647$e4fe514c@news.xs4all.nl...
> Jim Michaels wrote:
>
>> after a file upload, $_FILES is not populated but $_POST is. what's
>> going
>> on here?
>>
>> $_POST[image][tmp_name]=C
>> $_POST[image][error]=C
>> $_POST[image][size]=C
>> $_POST[image]=C:\\www\\jimm\\images\\bg1.jpg
>> $_FILES[image][tmp_name]=
>> $_FILES[image][error]=
>> $_FILES[image][size]=
>> $_FILES[image]=
>
> show us the form sourcecode. :-)
>
> Regards,
> Erwin

It finally works.
this little function, bin2mysqlhex that I wrote, has saved my bacon on file
uploads to a BLOB type in a database. I can't seem to get anything else to
work. note that when you do an INSERT or UPDATE..SET, you don't use quotes
on the data.

function bin2mysqlhex($s) {
$a='0x';
$q=array('0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F');
for($x=0; $x<strlen($s); $x++) {
$a .= $q[ord($s{$x})>>4]; //msb
$a .= $q[ord($s{$x})&0x0f]; //lsb
}
return $a;
}



//images
if (isset($_POST['type']) && 'image'==$_POST['type'] &&
isset($_POST['action'])) switch($_POST['action']) {
case 'add':
if (!sqlinjectionsafe($_POST['mime_type'])
|| !sqlinjectionsafe($_POST['comment'])
) {
exit;
}
if ('on'==strtolower(ini_get("magic_quotes_gpc")) ||
'1'==ini_get("magic_quotes_gpc")) {
if (isset($_SESSION['pc_id'])) {
//handle image upload
$escaped_contents='';
if (is_uploaded_file($_FILES['image']['tmp_name'])) {
// copy(str_replace("\\","/",$_POST['img']),
// str_replace("\\","/",$_POST['img']['name']));
// $filename=str_replace("\\","/",$_POST['image']['tmp_name']);
$filename=str_replace("\\","/",$_FILES['image']['name']);
$filename=str_replace("//","/",$filename);
$fileext = strtolower(substr(strrchr($filename, "."), 1));
switch($fileext) {
case "jpg": case "jpeg": case "jpe": default: $mimetype="image/jpeg";
break;
//case "tif": case "tiff": $mt="image/tiff"; break;
case "gif": $mimetype="image/gif"; break;
case "png": $mimetype="image/png"; break;
default: $mimetype=$_POST['mime_type'];break; //unknown file ext. on
temp file.
}
if ($_FILES['image']['size']<150000) {
$contents = file_get_contents($_FILES['image']['tmp_name']);
unlink($_FILES['image']['tmp_name']);
$escaped_contents=bin2mysqlhex($contents);
}
//$escaped_contents=$contents;
}
if ($_POST['image']['size']<150000) {
mysql_query("INSERT INTO photos(image,mime_type,comment)
VALUES($escaped_contents,'$mimetype','".nl2br(htmlentities($_POST['answer']))."')",
$link);
$image_id=mysql_insert_id($link);
mysql_query("INSERT INTO photos_photoscategories(image_id,pc_id)
VALUES($image_id,$_SESSION[pc_id])", $link);
} else {
$contents='too large';
$escaped_contents='too large';
$image_id=0;
}
}
} else {
if (isset($_SESSION['pc_id'])) {
//handle image upload
$escaped_contents='';
if (is_uploaded_file($_FILES['image']['tmp_name'])) {
// copy(str_replace("\\","/",$_POST['img']),
// str_replace("\\","/",$_POST['img']['name']));
// $filename=str_replace("\\","/",$_POST['image']['tmp_name']);
$filename=str_replace("\\","/",$_FILES['image']['name']);
$filename=str_replace("//","/",$filename);
$fileext = strtolower(substr(strrchr($filename, "."), 1));
switch($fileext) {
case "jpg": case "jpeg": case "jpe": default: $mimetype="image/jpeg";
break;
//case "tif": case "tiff": $mt="image/tiff"; break;
case "gif": $mimetype="image/gif"; break;
case "png": $mimetype="image/png"; break;
default: $mimetype=$_POST['mime_type'];break; //unknown file ext. on
temp file.
}
if ($_FILES['image']['size']<150000) {
$contents = file_get_contents($_FILES['image']['tmp_name']);
unlink($_FILES['image']['tmp_name']);
$escaped_contents=bin2mysqlhex($contents);
}
}
if ($_POST['image']['size']<150000) {
mysql_query("INSERT INTO photos(image,mime_type,comment)
VALUES($escaped_contents,'$mimetype','".mysql_escape_string(nl2br(htmlentities($_POST['answer'])))."')",
$link);
$image_id=mysql_insert_id($link);
mysql_query("INSERT INTO photos_photoscategories(image_id,pc_id)
VALUES($image_id,$_SESSION[pc_id])", $link);
} else {
$contents='too large';
$escaped_contents='too large';
$image_id=0;
}
}
}
break;
case 'change':
if (!sqlinjectionsafe($_POST['mime_type'])
|| !sqlinjectionsafe($_POST['comment'])
|| !sqlinjectionsafe($_POST['pc_id'])
) {
exit;
}
if ('on'==strtolower(ini_get("magic_quotes_gpc")) ||
'1'==ini_get("magic_quotes_gpc")) {
//handle image upload
$escaped_contents='';
if (is_uploaded_file($_FILES['image']['tmp_name'])) {
// copy(str_replace("\\","/",$_POST['img']),
// str_replace("\\","/",$_POST['img']['name']));
// $filename=str_replace("\\","/",$_POST['image']['tmp_name']);
$filename=str_replace("\\","/",$_FILES['image']['name']);
$filename=str_replace("//","/",$filename);
$fileext = strtolower(substr(strrchr($filename, "."), 1));
switch($fileext) {
case "jpg": case "jpeg": case "jpe": default: $mimetype="image/jpeg";
break;
//case "tif": case "tiff": $mt="image/tiff"; break;
case "gif": $mimetype="image/gif"; break;
case "png": $mimetype="image/png"; break;
default: $mimetype=$_POST['mime_type'];break; //unknown file ext. on temp
file.
}
if ($_FILES['image']['size']<150000) {
$contents = file_get_contents($_FILES['image']['tmp_name']);
unlink($_FILES['image']['tmp_name']);
$escaped_contents=bin2mysqlhex($contents);
$image_id=intval($_POST['image_id']);
echo "UPDATE";
mysql_query("UPDATE photos SET
comment='".nl2br(htmlentities($_POST['comment']))."',
image=$escaped_contents,
mime_type='$mimetype'
WHERE image_id=".intval($_POST['image_id'])
, $link) or die("UERR:".mysql_error());
} else {
$contents='too large';
$escaped_contents='too large';
$image_id=0;
}
} else {
//no uploaded file. don't change what's already there.
mysql_query("UPDATE photos SET
comment='".nl2br(htmlentities($_POST['comment']))."',
mime_type='$mimetype',
WHERE image_id=".intval($_POST['image_id']), $link) or
die("UERR:".mysql_error());
}
} else {
//handle image upload
$escaped_contents='';
if (is_uploaded_file($_FILES['image']['tmp_name'])) {
// copy(str_replace("\\","/",$_POST['img']),
// str_replace("\\","/",$_POST['img']['name']));
// $filename=str_replace("\\","/",$_POST['image']['tmp_name']);
$filename=str_replace("\\","/",$_FILES['image']['name']);
$filename=str_replace("//","/",$filename);
$fileext = strtolower(substr(strrchr($filename, "."), 1));
switch($fileext) {
case "jpg": case "jpeg": case "jpe": default: $mimetype="image/jpeg";
break;
//case "tif": case "tiff": $mt="image/tiff"; break;
case "gif": $mimetype="image/gif"; break;
case "png": $mimetype="image/png"; break;
default: $mimetype=$_POST['mime_type'];break; //unknown file ext. on temp
file.
}
if ($_FILES['image']['size']<150000) {
$contents = file_get_contents($_FILES['image']['tmp_name']);
unlink($_FILES['image']['tmp_name']);
$escaped_contents=bin2mysqlhex($contents);
$image_id=intval($_POST['image_id']);
mysql_query("UPDATE photos SET
comment='".mysql_escape_string(nl2br(htmlentities($_POST['comment'])))."',
image=$escaped_contents,
mime_type='$mimetype',
WHERE image_id=".intval($_POST['image_id'])
, $link);
} else {
$contents='too large';
$escaped_contents='too large';
$image_id=0;
}
} else {
//no uploaded file. don't change what's already there.
mysql_query("UPDATE photos SET
comment='".mysql_escape_string(nl2br(htmlentities($_POST['comment'])))."',
mime_type='$mimetype',
WHERE image_id=".intval($_POST['image_id']), $link);
}
}
mysql_query("UPDATE quiz_batteries SET
title='".mysql_escape_string(htmlentities($_POST['title']))."' WHERE
battery_id=".intval($_POST['battery_id']), $link);
break;
case 'delete':
if (!sqlinjectionsafe($_POST['image_id'])) {
exit;
}
//delete from the relationship table first! foreign keys involved.
mysql_query("DELETE FROM photos_photoscategories WHERE
image_id=".intval($_POST['image_id']), $link);
mysql_query("DELETE FROM photos WHERE
image_id=".intval($_POST['image_id']), $link);
break;
case 'select':
if (!sqlinjectionsafe($_POST['pc_id'])) {
exit;
}
$_SESSION['pc_id']=intval($_POST['pc_id']);
break;
}


<form action="editphotoalbum.php" method="post"
enctype="multipart/form-data">
<div class=addbox>
<div style="font-family:Verdana, Arial, Helvetica,
sans-serif;background-color:#CC9966;color:#000099;font-size:large;font-weight:bold;text-align:center;">Add
Image</div>
<br>
<label>Image File:
<input name="image" type="file"></label>(jpeg/gif/png)<br />
<label>Image Type: <select name="mime_type" size="1">
<option selected value="image/jpeg">JPEG</option>
<option value="image/png">PNG</option>
<option value="image/gif">GIF</option>
</select></label>(must match what you uploaded!<br>If the picture here
doesn't show, change the image type or re-upload.)<br />
<input name="action" type="hidden" value="add">
<input name="type" type="hidden" value="image">
<input name="" type="submit" value="Add">
</div>
</form>
<br style="clear:both;">
<br>
<?php
if (isset($_SESSION['pc_id'])) {
$q=mysql_query("SELECT * FROM
photos INNER JOIN photos_photoscategories
ON photos.image_id=photos_photoscategories.image_id
WHERE photos_photoscategories.pc_id=$_SESSION[pc_id]
ORDER BY photos.image_id", $link) or die(mysql_error());
while ($row=mysql_fetch_assoc($q)) {
?>
<form action="editphotoalbum.php" method="post"
enctype="multipart/form-data">
<div class=editbox>
<div style="font-family:Verdana, Arial, Helvetica,
sans-serif;background-color:#CC9966;color:#000099;font-size:large;font-weight:bold;text-align:center;">Edit
Image</div>
<br>
<img src="viewtnimg.php?id=<?php echo $row['image_id']; ?>&width=150"
alt="image for answer" title="image for answer" width="150">Thumbnail<br />
<label>Image File:
<input name="image" type="file"></label>(jpeg/gif/png)<br />
<label>Image Type: <select name="mime_type" size="1">
<option <?php if ($row['mime_type']=='image/jpeg'){echo
"selected=\"selected\"";} ?> value="image/jpeg">JPEG</option>
<option <?php if ($row['mime_type']=='image/png'){echo
"selected\"selected\"";} ?> value="image/png">PNG</option>
<option <?php if ($row['mime_type']=='image/gif'){echo
"selected=\"selected\"";} ?> value="image/gif">GIF</option>
</select></label>(must match what you uploaded!<br>
If the picture here doesn't show, change the image type or
re-upload.)<br />

<input name="image_id" type="hidden" value="<?php echo $row['image_id'];
?>">
<input name="type" type="hidden" value="image">
<select name="action" size="1">
<option selected value="change">Change</option>
<option value="delete">Delete</option>
</select>
<input name="" type="submit" value="Do It">
</div>
</form>
<br style="clear:both;">
<br>
<?php
}
mysql_free_result($q);
}
?>

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация